www.hairclub.com Open in urlscan Pro
34.249.200.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hairclub.com/kansas_city.php
Effective URL:
https://www.hairclub.com/kansas_city.php
Submission: On August 02 via api (August 2nd 2023, 6:52:34 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 47 domains to perform 122 HTTP transactions. The main IP is 34.249.200.254, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.hairclub.com.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.

This is the only time www.hairclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	75.2.70.75 75.2.70.75	16509 (AMAZON-02) (AMAZON-02)
1 1	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
2	34.249.200.254 34.249.200.254	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:25e... 2600:9000:25ea:e600:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	3.137.84.0 3.137.84.0	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:ca00:d:69b0:4e00:21	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2014	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:cc45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	18.197.22.161 18.197.22.161	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.240.125 35.158.240.125	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.233.56 23.35.233.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	54.229.40.109 54.229.40.109	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	54.171.31.19 54.171.31.19	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.58.161.8 52.58.161.8	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:dd23:8ef1:e587:b027	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	2.20.65.192 2.20.65.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.170.50.92 54.170.50.92	16509 (AMAZON-02) (AMAZON-02)
1	35.158.16.209 35.158.16.209	16509 (AMAZON-02) (AMAZON-02)
1	54.194.222.133 54.194.222.133	16509 (AMAZON-02) (AMAZON-02)
1	3.22.226.243 3.22.226.243	16509 (AMAZON-02) (AMAZON-02)
122	59

1 75.2.70.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

hairclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.190.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

hairclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.200.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com

www.hairclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:25ea:e600:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

12066847.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.137.84.0 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-84-0.us-east-2.compute.amazonaws.com

collector-31061.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ca00:d:69b0:4e00:21 (United States)

ASN16509 (AMAZON-02, US)

d11tldh9zr4z08.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-tfzchks.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

gtm.hairclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc45 (United States)

ASN13335 (CLOUDFLARENET, US)

win.staticstuff.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.22.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-22-161.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.240.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.233.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-233-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.40.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-40-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.31.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-19.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.161.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-8.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:dd23:8ef1:e587:b027 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.65.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-65-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.50.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-50-92.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.16.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.222.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-222-133.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.22.226.243 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-226-243.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gstatic.com fonts.gstatic.com	832 KB
13	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 12066847.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	6 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3683 gum.criteo.com — Cisco Umbrella Rank: 417 mug.criteo.com — Cisco Umbrella Rank: 2490 sslwidget.criteo.com — Cisco Umbrella Rank: 1850 widget.us.criteo.com — Cisco Umbrella Rank: 19801 dis.criteo.com — Cisco Umbrella Rank: 623	34 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 118 region1.analytics.google.com — Cisco Umbrella Rank: 2693	1 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5772	924 B
7	hairclub.com 2 redirects hairclub.com www.hairclub.com gtm.hairclub.com	30 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	22 KB
5	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 12898	317 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 461	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 383	13 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 666	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1576	2 KB
2	tvsquared.com collector-31061.tvsquared.com	9 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	199 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net d11tldh9zr4z08.cloudfront.net	36 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 79	10 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2192	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 640	337 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1812	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2277	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4457	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 30797	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2524	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 763	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 753	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1271	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2976	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 979	342 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1274	163 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 321	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 403	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2129	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1328	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 689	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 578	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 380	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 639	792 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	146 B
1	staticstuff.net win.staticstuff.net — Cisco Umbrella Rank: 107961	369 B
1	appspot.com gtm-tfzchks.uc.r.appspot.com	537 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	47 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	29 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4005
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	11 KB
122	47

	Domain	Requested by
32	fonts.gstatic.com	fonts.googleapis.com
7	www.google.de	www.hairclub.com
6	www.google.com	2 redirects www.hairclub.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.google-analytics.com	www.hairclub.com www.google-analytics.com
5	assets-global.website-files.com	www.hairclub.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	12066847.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
3	gtm.hairclub.com	www.hairclub.com www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.hairclub.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	adservice.google.com	12066847.fls.doubleclick.net
2	collector-31061.tvsquared.com	www.hairclub.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.googletagmanager.com	www.hairclub.com www.googletagmanager.com
2	www.hairclub.com	cdn.jsdelivr.net
2	hairclub.com	2 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	x.bidswitch.net
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	win.staticstuff.net	d11tldh9zr4z08.cloudfront.net
1	mug.criteo.com	www.hairclub.com
1	region1.analytics.google.com	www.googletagmanager.com
1	gtm-tfzchks.uc.r.appspot.com	www.google-analytics.com
1	d11tldh9zr4z08.cloudfront.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	connect.facebook.net	www.hairclub.com
1	fonts.googleapis.com	ajax.googleapis.com
1	code.jquery.com	www.hairclub.com
1	d3e54v103j8qbb.cloudfront.net	www.hairclub.com
1	cdn.evgnet.com	www.hairclub.com
1	cdn.jsdelivr.net	www.hairclub.com
1	ajax.googleapis.com	www.hairclub.com
122	62

This site contains no links.

Subject Issuer	Validity	Valid
www.hairclub.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-09`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-07-16` - `2024-08-12`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
gtm.hairclub.com GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
itm.ivitrack.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.hairclub.com/kansas_city.php
Frame ID: 95E69498C20BD67DE9F7E9E6EB552B65
Requests: 87 HTTP requests in this frame

Frame: https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php
Frame ID: E5B397F2676BB177FBCC2875C75D1989
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.hairclub.com&origin=onetag
Frame ID: 0D743247045BE7CD87FA40AB4C25686B
Requests: 2 HTTP requests in this frame

Frame: https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php
Frame ID: 486D37C25185E8210F5428BFCB14A8CA
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9BpDNo6wHCiyxDoum1QStGbzbOD3SdkmnkSxXA&expires=30
Frame ID: C7F1B7F62466FAF4C13E04DD7BC2C8AE
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not Found

Page URL History Show full URLs

http://hairclub.com/kansas_city.php HTTP 301
https://hairclub.com/kansas_city.php HTTP 301
https://www.hairclub.com/kansas_city.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

122
Requests

89 %
HTTPS

38 %
IPv6

47
Domains

62
Subdomains

59
IPs

9
Countries

1607 kB
Transfer

5004 kB
Size

54
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hairclub.com/kansas_city.php HTTP 301
https://hairclub.com/kansas_city.php HTTP 301
https://www.hairclub.com/kansas_city.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://12066847.fls.doubleclick.net/activityi;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php HTTP 302
https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7KXKZKiYKJKjiQaToLewDw&sscte=1&crd=&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UNGBn_KMDNyX3mR_5_7awAvVnzcq_9abz0&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ1TU8wcFl2RUhmcVVmYUs1WlBRZUxkeUliT2Q2N3Z6b2JRWG9sS1ZGOXNOc09taXBJQTdzeEpEZyITCKi-udLSvoADFZJRwgodE9AN9g HTTP 302
https://www.google.com/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ1TU8wcFl2RUhmcVVmYUs1WlBRZUxkeUliT2Q2N3Z6b2JRWG9sS1ZGOXNOc09taXBJQTdzeEpEZyITCKi-udLSvoADFZJRwgodE9AN9g&is_vtc=1&ocp_id=7KXKZKiYKJKjiQaToLewDw&cid=CAQSKQBpAlJWNJFoVhWAWTXMy59N-0GvR7AwbNEvO_K17oNs5oIQKHkCIbDt&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UN9zT1ODwaly6Debc62nIe0MEjknfmz_-Q&random=2518444876 HTTP 302
https://www.google.de/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ1TU8wcFl2RUhmcVVmYUs1WlBRZUxkeUliT2Q2N3Z6b2JRWG9sS1ZGOXNOc09taXBJQTdzeEpEZyITCKi-udLSvoADFZJRwgodE9AN9g&is_vtc=1&ocp_id=7KXKZKiYKJKjiQaToLewDw&cid=CAQSKQBpAlJWNJFoVhWAWTXMy59N-0GvR7AwbNEvO_K17oNs5oIQKHkCIbDt&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UN9zT1ODwaly6Debc62nIe0MEjknfmz_-Q&random=2518444876&ipr=y

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7KXKZPKcKPeKiQaa44yoAQ&sscte=1&crd=&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UNnpzcMnETqi8y9NM9YO8U5sJUuBQ7WZsI&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ2RlVXMF9XTHY5M1ZQc0VNc19vemFUeElxeVh6VTFtWlRpUWZ4WDZmekw3WlFkT3FqbW8tM0ZkdyITCPLCudLSvoADFXdFwgodmjEDFQ HTTP 302
https://www.google.com/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ2RlVXMF9XTHY5M1ZQc0VNc19vemFUeElxeVh6VTFtWlRpUWZ4WDZmekw3WlFkT3FqbW8tM0ZkdyITCPLCudLSvoADFXdFwgodmjEDFQ&is_vtc=1&ocp_id=7KXKZPKcKPeKiQaa44yoAQ&cid=CAQSKQBpAlJWCdoGUEX7QTkjxvKvFmc2pDDonBSOAP4HCq7tcKxEqUrRY3Vb&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UMQZQN4OKJGyhpMvL7fs-h6IXoC_yspHY0&random=3806527783 HTTP 302
https://www.google.de/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ2RlVXMF9XTHY5M1ZQc0VNc19vemFUeElxeVh6VTFtWlRpUWZ4WDZmekw3WlFkT3FqbW8tM0ZkdyITCPLCudLSvoADFXdFwgodmjEDFQ&is_vtc=1&ocp_id=7KXKZPKcKPeKiQaa44yoAQ&cid=CAQSKQBpAlJWCdoGUEX7QTkjxvKvFmc2pDDonBSOAP4HCq7tcKxEqUrRY3Vb&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UMQZQN4OKJGyhpMvL7fs-h6IXoC_yspHY0&random=3806527783&ipr=y

Request Chain 85

https://gum.criteo.com/sid/json?origin=onetag&domain=hairclub.com&sn=ChromeSyncframe&so=0&topUrl=www.hairclub.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AhoMW3xCWUpvcEdDZ2FZZjhDMmczRmxKYlZnUE5uVTFWVDdXZVFwTjN2Zmo0TzZFTm40cmF0R0JlYnk2b1h5ZDRiMTIvWS9vdm94Z3BnVURRRXpqZnVJN0t2aVB5eFB3Y2dqeFZtWVNHZ1laS1J3SFV2U3BEUVFNUjFBSVlOSzQ0YmEwMjd6aGxvMEYvRmZMMUJ2d1dZVmNsOUw1M1RJQm02S1hIa2xWWmpsdklzaVR5TTVyY1lpb0IvVGZnZ2h4YmVDd05lRkFjVlgvQVNDdDdpaTRGM0VIYjlTQmR0NlhVQ215aXN4VnpmWW1xeGtROExIbENPSHpLdG9BS2JIM2RFck9qdWRXVk95d1RhNHlDZnhPSWNsV0NhL1hvWEV0MVpsNnBOMXdqRUZyTi9yRT18&cppv=2

Request Chain 88

https://12066847.fls.doubleclick.net/activityi;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php HTTP 302
https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php

Request Chain 89

https://sslwidget.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje19hWlVzMlBRcGgyeUl4bzcxWEhWS3Z6c1Q2R254Z01MRVpoWVZuWE1LN09QZ1RrTngwbDJnZUxQJTJCYk5kNEU4S1R6SGgwYVpzTkclMkZJa3hMbTAyUHpGdVNwc1dPWWI4THE3UURmOSUyQjNtNDlnSHJISTl0ZWhTdEFZZzBob0s1b3JpRlNQTiUyQlYlMkJrMk1GM1RQTlNnTnVuU0p3JTNEJTNE&tld=hairclub.com&dy=1&fu=https%253A%252F%252Fwww.hairclub.com%252Fkansas_city.php&ceid=c8637d46-2990-40d4-9493-7e36e1399e11&dtycbr=52503 HTTP 302
https://widget.us.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje19hWlVzMlBRcGgyeUl4bzcxWEhWS3Z6c1Q2R254Z01MRVpoWVZuWE1LN09QZ1RrTngwbDJnZUxQJTJCYk5kNEU4S1R6SGgwYVpzTkclMkZJa3hMbTAyUHpGdVNwc1dPWWI4THE3UURmOSUyQjNtNDlnSHJISTl0ZWhTdEFZZzBob0s1b3JpRlNQTiUyQlYlMkJrMk1GM1RQTlNnTnVuU0p3JTNEJTNE&tld=hairclub.com&dy=1&fu=https%253A%252F%252Fwww.hairclub.com%252Fkansas_city.php&ceid=c8637d46-2990-40d4-9493-7e36e1399e11&dtycbr=52503

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_cm&google_hm=ay1GM0lDRDQ2d0hDaXl4RG91bTFRU3RHYnpiT0IyYUlCMmZRcURKUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_gid=CAESEM1PyyX1hU_gd1Xb9UxWB1o&google_cver=1&google_ula=913071,0

Request Chain 93

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3019181797899829102

Request Chain 94

https://secure.adnxs.com/setuid?entity=52&code=k-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ

Request Chain 105

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg&C=1

Request Chain 106

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j

Request Chain 108

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q

Request Chain 118

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OjKnjWtaWdpN75LMxSfDhUP3bhgHVy8r

Request Chain 119

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dpuybgRK6gPYGtwRZJRWiWItTb6rpecj

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request kansas_city.php Show response
www.hairclub.com/
Redirect Chain

http://hairclub.com/kansas_city.php
https://hairclub.com/kansas_city.php
https://www.hairclub.com/kansas_city.php

16 KB
6 KB

653ms
185ms

Document
text/html

34.249.200.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e51144d983d2de32b1f05c1693aab965bd56b55b087987540b100ec3c8265761

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html
date: Wed, 02 Aug 2023 18:52:27 GMT
etag: W/"d08dda5989d501c54a951f4f6c7a4377"
last-modified: Wed, 02 Aug 2023 15:25:26 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-hosting-red
x-served-by: cache-iad-kiad7000030-IAD, cache-dub4347-DUB
x-timer: S1691002348.793341,VS0,VE145

Redirect headers

content-length: 166
content-type: text/html
date: Wed, 02 Aug 2023 18:52:27 GMT
location: https://www.hairclub.com/kansas_city.php

GET
H2 200 hairclub.d1c94d00b.min.css
assets-global.website-files.com/622bb1bf4ab73a302e3ed230/css/ 667 KB
110 KB 134ms
54ms Stylesheet
text/css 2600:9000:25ea:e600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/622bb1bf4ab73a302e3ed230/css/hairclub.d1c94d00b.min.css
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25ea:e600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c19927fe42b5fe33bcafdec7a019486904a599bd65162c614eaa0cf3b0b7ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 647df3566741a4d574776da31b92584e.cloudfront.net (CloudFront)
x-amz-version-id: VbGb8Yx_S6zLbuxPFK.hXt6GlN00mmV9
age: 12375
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 111738
last-modified: Wed, 02 Aug 2023 15:25:25 GMT
server: AmazonS3
etag: "9bfb5218aab9370989e7ca57b3c5d857"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: i3JQ8P611bohjtSuBUkFye5ZuQckRayU6FUWxmLkNdHwtzApWZaxfQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 08:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2024 08:02:11 GMT

GET
H2 200 fs-cc.js Show response
cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/ 28 KB
11 KB 196ms
18ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/fs-cc.js

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dc8819eef4f6d417ece78a49dd125b561a04ac5d3a60ad426bbd33edb692d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41500
x-jsd-version: 1.13.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6f98-JaCTdWHT47U4LbgOccbccIAF1bE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AV%2BpEq1d%2Foeb7AJPWv6bXyB6BThMIVLSxWwzi242rPpozYdTpz9dAuQyHDcJtBmKOeKjSo4Oh1jR6963%2BsjaOyDs8WK0DARkaCDRtwUBT4fmHCYjnAPQoOEyKrpG4cmsotkXouHrFX8EAI8%2BgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f0884a4ec4d18ef-FRA

GET
H2 403 evergage.min.js
cdn.evgnet.com/beacon/hairclubformen/hairclub_prod/scripts/ 0
0 145ms
105ms Script
application/xml 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/hairclubformen/hairclub_prod/scripts/evergage.min.js
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 32ms
8ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=622bb1bf4ab73a302e3ed230
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.hairclub.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 15:56:53 GMT
content-encoding: gzip
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
age: 10534
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: h09bQM5GRfEJ2vXOPws5mCrNhgUOC8Tz-2tcRqLjk3EAhR-JBPncFA==

GET
H2 200 hairclub.6938c7122.js Show response
assets-global.website-files.com/622bb1bf4ab73a302e3ed230/js/ 2 MB
155 KB 98ms
19ms Script
text/javascript 2600:9000:25ea:e600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/622bb1bf4ab73a302e3ed230/js/hairclub.6938c7122.js
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25ea:e600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f8f25f31e4d5d7d9673aeea5d9b39e9bdbb0a192de5334935708f3b7ab44688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 14:31:15 GMT
content-encoding: gzip
via: 1.1 647df3566741a4d574776da31b92584e.cloudfront.net (CloudFront)
x-amz-version-id: X7iz6JDW_V2JzMzRUVqFAcjsQwFDrsb.
age: 15674
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 158471
last-modified: Wed, 02 Aug 2023 14:30:34 GMT
server: AmazonS3
etag: "e746cb7dba071edb43f8e6b53683c7cf"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: zgF_P4gW_NINSMCtw9bbRqbaGiqoLbRMqDsKiIDsLM12349HcMQoIA==

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 45ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer: https://www.hairclub.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1691002348.dop231.fr8.t,1691002348.cds202.fr8.hn,1691002348.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Aug 2023 17:44:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4084
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 02 Aug 2023 19:44:24 GMT

GET
H2 200 64873be0e4285acff104323e_PROD-hc-custom-js-v2.20.txt Show response
assets-global.website-files.com/622bb1bf4ab73a302e3ed230/ 28 KB
4 KB 149ms
71ms Script
text/plain 2600:9000:25ea:e600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/622bb1bf4ab73a302e3ed230/64873be0e4285acff104323e_PROD-hc-custom-js-v2.20.txt
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25ea:e600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e960a22253617efe52fa48bf7c1131a432dbeff5c4ba031f948c2ef4bf88d85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 13:01:54 GMT
x-amz-version-id: a9C9IXfvRTMQX2zFETqYN5TiOzAEKkQO
content-encoding: br
via: 1.1 647df3566741a4d574776da31b92584e.cloudfront.net (CloudFront)
age: 1317035
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 12 Jun 2023 15:38:10 GMT
server: AmazonS3
etag: W/"a93a0a5c8676f986014d8d63d838948b"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: uCMMwEec8Yqg-G9KvwbiU7-U6x1YHeMtUo1acjHes2JYqjR6amiz0Q==

GET
H2 200 64bfc85d6defc0a475726f07_userway-script-v2.txt Show response
assets-global.website-files.com/622bb1bf4ab73a302e3ed230/ 1 KB
853 B 132ms
54ms Script
text/plain 2600:9000:25ea:e600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/622bb1bf4ab73a302e3ed230/64bfc85d6defc0a475726f07_userway-script-v2.txt
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25ea:e600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ae1ce3732a25178bce18b5fdb84937aaf29b22856df8527ce666b718b3e9f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:56:41 GMT
x-amz-version-id: ndOKlRu7YN8WTXviYAWUgL2aLTmVtCVN
content-encoding: br
via: 1.1 647df3566741a4d574776da31b92584e.cloudfront.net (CloudFront)
age: 608148
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 25 Jul 2023 13:04:30 GMT
server: AmazonS3
etag: W/"bc29098a2283452fc6422ee4d48b12cf"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: PVLpjNhUZBEQcNjKI0G57owcIcIB9SaYErH1i64KaDcrvViIIESh6g==

GET
H2 200 css
fonts.googleapis.com/ 116 KB
4 KB 50ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CUbuntu:300,300italic,400,400italic,500,500italic,700,700italic%7CVarela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CExo:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CPlayfair+Display:regular,500,700,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef951ca96d64272bc9a595471cb2d5f860db4b7e9dc2ccfcea92b751708e6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:52:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 18:52:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 43ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 02 Aug 2023 18:52:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: aFS/IAQpsQrshoXz9lG0ES/Z9Fd7W+26wzcGhIaRC8JbESUW4eVa/ESlVQCxSXlaUGqK+3DRAeHvBa1Kk4KwVw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 391 KB
109 KB 62ms
35ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fde7e0460eabcabaacc50c25d31eceb1db33bc483b07ab525a43112489e03f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110896
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 18:52:28 GMT

GET
H2 200 62728dd3dccf8840e772fa9f_hairclub-logo.svg
assets-global.website-files.com/622bb1bf4ab73a302e3ed230/ 79 KB
47 KB 29ms
27ms Image
image/svg+xml 2600:9000:25ea:e600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/622bb1bf4ab73a302e3ed230/62728dd3dccf8840e772fa9f_hairclub-logo.svg
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25ea:e600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7f7138923403e6d1bf5eecc308785f57f201a13d1d1106a02ee4a4000551f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:19:10 GMT
x-amz-version-id: GzIc5fdb3WXNyk8NEJ9wG6klUcTXneQJ
content-encoding: gzip
via: 1.1 647df3566741a4d574776da31b92584e.cloudfront.net (CloudFront)
age: 264799
x-amz-cf-pop: MXP53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 04 May 2022 14:29:41 GMT
server: AmazonS3
etag: W/"9564887829ed91b6df2cc64065809dcc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 3dHLxsqQHZd1MgdceMzFudPsuG3mPnFihnROZmcLCYsAUXn-CRr7FQ==

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 39ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CUbuntu:300,300italic,400,400italic,500,500italic,700,700italic%7CVarela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CExo:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CPlayfair+Display:regular,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:20:39 GMT
x-content-type-options: nosniff
age: 441109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 16:20:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 88ms
62ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 485136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 85ms
61ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 404239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 02:35:09 GMT

GET
H2 200 / Show response
www.hairclub.com/ 81 KB
22 KB 46ms
45ms Fetch
text/html 34.249.200.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hairclub.com/
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/fs-cc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7dfc51a0ca83d1ba91096488eba12920d6355d80ef7bcca95cb6d81eb103fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/kansas_city.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200075-IAD, cache-dub4347-DUB
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: gzip
age: 12399
x-timer: S1691002348.469984,VS0,VE0
x-lambda-id: b8c43e9e-dcc2-4a9f-bf86-3780c2926ddb
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
content-type: text/html
accept-ranges: bytes
x-cluster-name: eu-west-1-prod-hosting-red
content-length: 22177
x-cache-hits: 7, 29

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 21 KB
21 KB 96ms
82ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:18:22 GMT
x-content-type-options: nosniff
age: 430446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21508
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 19:18:22 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 87ms
73ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:43:04 GMT
x-content-type-options: nosniff
age: 428964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 19:43:04 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 85ms
71ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:35:22 GMT
x-content-type-options: nosniff
age: 429426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 19:35:22 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 91ms
77ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:39:55 GMT
x-content-type-options: nosniff
age: 414753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:39:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 76ms
63ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 573222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 03:38:46 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 94ms
81ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:21:55 GMT
x-content-type-options: nosniff
age: 415833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:21:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 92ms
80ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 02:30:15 GMT
x-content-type-options: nosniff
age: 404533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 02:30:15 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 91ms
79ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:10:49 GMT
x-content-type-options: nosniff
age: 484899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:10:49 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 73ms
60ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:39:44 GMT
x-content-type-options: nosniff
age: 508364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 21:39:44 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 85ms
72ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:37:51 GMT
x-content-type-options: nosniff
age: 353677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 16:37:51 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 88ms
77ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:16:37 GMT
x-content-type-options: nosniff
age: 408951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 01:16:37 GMT

GET
H2 200 4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ 37 KB
38 KB 87ms
76ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejZftVyPN4E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e71a3c4673efe1ecf818a578e99aa5469b34309cd5d46eeffbdf01644f273b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:34:36 GMT
x-content-type-options: nosniff
age: 443872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38304
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 15:34:36 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 89ms
78ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:14:59 GMT
x-content-type-options: nosniff
age: 430649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 19:14:59 GMT

GET
H2 200 4iCu6KVjbNBYlgoKej70l0k.woff2
fonts.gstatic.com/s/ubuntu/v20/ 36 KB
36 KB 38ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCu6KVjbNBYlgoKej70l0k.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 10:09:25 GMT
x-content-type-options: nosniff
age: 376983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36564
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 10:09:25 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 76ms
66ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:25:18 GMT
x-content-type-options: nosniff
age: 390430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 06:25:18 GMT

GET
H2 200 4iCp6KVjbNBYlgoKejYHtFyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ 32 KB
32 KB 44ms
34ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejYHtFyPN4E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c270e660d71d18901a57e6ba5fc84517e3fb8fd54f774b885d0295166443d3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 573222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32500
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:16:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 03:38:46 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 61ms
51ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:09:19 GMT
x-content-type-options: nosniff
age: 398589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 04:09:19 GMT

GET
H2 200 4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 69ms
59ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejZPslyPN4E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26918e4295cab1eaecebc5d4719c212691f040bfe31daf0c7caf08f7a0de520a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 06:37:23 GMT
x-content-type-options: nosniff
age: 562505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30660
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 06:37:23 GMT

GET
H2 200 DPEtYwqExx0AWHX5Ax4E.woff2
fonts.gstatic.com/s/varela/v16/ 18 KB
19 KB 67ms
58ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:21 GMT
x-content-type-options: nosniff
age: 382207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18940
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 59ms
49ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 112100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 11:44:08 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 63ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:40:17 GMT
x-content-type-options: nosniff
age: 331931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:40:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 77ms
68ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 467369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 09:02:59 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 78ms
69ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:49:41 GMT
x-content-type-options: nosniff
age: 424967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 20:49:41 GMT

GET
H2 200 4UaOrEtFpBISc36j.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 47ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 11:44:40 GMT
x-content-type-options: nosniff
age: 112068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20364
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 11:44:40 GMT

GET
H2 200 4UaMrEtFpBISdk6h0Dc.woff2
fonts.gstatic.com/s/exo/v20/ 22 KB
22 KB 79ms
70ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaMrEtFpBISdk6h0Dc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1828b1e1234a828c768d1b455b413687aa8c430195f96918a176c6396f1f153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:29:08 GMT
x-content-type-options: nosniff
age: 397400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 04:29:08 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 34ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:27:10 GMT
x-content-type-options: nosniff
age: 393918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 05:27:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 49ms
41ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 444573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 78ms
69ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 364509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
74ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hairclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:28:14 GMT
x-content-type-options: nosniff
age: 397454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 04:28:14 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 19:42:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069623110/ 3 KB
2 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069623110/?random=1691002348587&cv=11&fst=1691002348587&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&auid=1401057208.1691002349&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df91f9bbd8a5c086995edfd495274597eda77a614ba9554a8682e27a5f7bf18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or... Show response
12066847.fls.doubleclick.net/ Frame E5B3
Redirect Chain

https://12066847.fls.doubleclick.net/activityi;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uam...

464 B
606 B

55ms
54ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

bb478e8f4f9b29ad90f4608e48cf05b2b3b9f2068490576ea8b340921b7e2179

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hairclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 18:52:28 GMT
expires: Wed, 02 Aug 2023 18:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 18:52:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10903195006/ 3 KB
1 KB 100ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10903195006/?random=1691002348601&cv=11&fst=1691002348601&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&auid=1401057208.1691002349&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a68d23ba1b82da3b3eb0dceb2c74f793e71c2cb5b0997f533c4639941656f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10903195006/ 3 KB
2 KB 80ms
45ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10903195006/?random=1691002348602&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&bttype=purchase&auid=1401057208.1691002349&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

34e4ecfecbfc58e28a1c9ace5389fb72403db00a146552ae58abeb3d31e160d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 67ms
31ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=99401

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

671c8bc1e41dbb0540291851b858820d46e805bae48264edd2a9608058f4beb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK tv2track.js Show response
collector-31061.tvsquared.com/ 20 KB
9 KB 471ms
110ms Script
application/javascript 3.137.84.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-31061.tvsquared.com/tv2track.js
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.84.0 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-84-0.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 18:52:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
ETag: "639c42c0-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Wed, 02 Aug 2023 19:02:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
91 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-29R484TY68&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa33721b62ba2162a545b39fcdf705081e8ec791ba2efac32e06009d8824e728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 18:52:28 GMT

GET
H2 200 Accutrak.js Show response
d11tldh9zr4z08.cloudfront.net/ 13 KB
5 KB 48ms
8ms Script
application/javascript 2600:9000:225e:ca00:d:69b0:4e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:d:69b0:4e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4 /
Resource Hash: 5d5f9654fbf38d5d039ba2743bb47a0067a1e020a61ef5b43dd9c3059cd94424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:57:35 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 23:25:55 GMT
server: Apache/2.4
x-amz-cf-pop: FRA60-P4
age: 7020
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-cache-info: caching
x-amz-cf-id: _kyqYoqnmqDUBtTL3GtbFzuPolAbao57P6uWK8Zcffas0GuFGwvlEw==

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 65ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 02 Aug 2023 18:52:28 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B784AB960E694EA1B452CB2533B25326 Ref B: FRA31EDGE0221 Ref C: 2023-08-02T18:52:28Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/457436763/ 3 KB
2 KB 61ms
46ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/457436763/?random=1691002348622&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&bttype=purchase&auid=1401057208.1691002349&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

86d5f9da806835825f84ae3972afd9ba2c35173dbbfbdd8050d084882cf19352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1615
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=429198790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjFAAAACAAI~&jid=1233798853&gjid=1544240327&cid=135009134.1691002349&tid=UA-25883685-1&_gid=1937626156.1691002349&_slc=1&gtm=45He37v0n51X6S3&cd5=2075031852285691026030350&cd17=new&cd18=landscape&cd19=&cd20=&z=490743461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 54ms
17ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=1233798853&gjid=1544240327&_gid=1937626156.1691002349&_u=aGBAiEAjFAAAAGAAI~&z=1434148993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
gtm-tfzchks.uc.r.appspot.com/j/ 35 B
537 B 193ms
138ms XHR
image/gif 2a00:1450:4001:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-tfzchks.uc.r.appspot.com/j/collect?v=1&_v=j101&a=429198790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjFAAAAGAAII~&jid=1888969265&gjid=1925068925&cid=135009134.1691002349&tid=UA-25883685-9&_gid=1937626156.1691002349&_fplc=0&_r=1&gtm=45He37v0n51X6S3&z=688049884
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 15ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=429198790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjFAAAAGAAII~&jid=1976952486&gjid=422618403&cid=135009134.1691002349&tid=UA-248342648-1&_gid=1937626156.1691002349&_r=1&_slc=1&gtm=45He37v0n51X6S3&z=2039799262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=429198790&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=screen%20orientation&ea=start%20position&el=landscape&ev=0&_u=aGDACEAjFAAAAGAAII~&jid=491332099&gjid=262492493&cid=135009134.1691002349&tid=UA-25883685-1&_gid=1937626156.1691002349&_r=1&gtm=45He37v0n51X6S3&z=33039069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 22ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25883685-9&cid=135009134.1691002349&jid=752483180&gjid=1287080462&_gid=1937626156.1691002349&_u=aGDAiEAjFAAAAGAAII~&z=351717097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
gtm.hairclub.com/ 35 B
445 B 487ms
446ms Image
image/gif 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm.hairclub.com/collect?v=1&_v=j101&a=429198790&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=screen%20orientation&ea=start%20position&el=landscape&ev=0&_u=aGDACEAjFAAAAGAAII~&jid=&gjid=&cid=135009134.1691002349&tid=UA-25883685-9&_gid=1937626156.1691002349&_fplc=0&gtm=45He37v0n51X6S3&z=6597991
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
content-type: image/gif

GET
H2 200 collect
gtm.hairclub.com/ 35 B
369 B 491ms
450ms Image
image/gif 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm.hairclub.com/collect?v=1&_v=j101&a=429198790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&ul=en-us&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjFAAAAGAAII~&jid=752483180&gjid=1287080462&cid=135009134.1691002349&tid=UA-25883685-9&_gid=1937626156.1691002349&_fplc=0&gtm=45He37v0n51X6S3&cd4=135009134.1691002349&cd5=2075031852285691026030350&cd17=new&cd18=landscape&cd19=&cd20=&z=1590238916
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
content-type: image/gif

GET
H3

200

/
www.google.de/pagead/1p-conversion/10903195006/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fww...
https://www.google.com/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkans...
https://www.google.de/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansa...

42 B
64 B

23ms
22ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ1TU8wcFl2RUhmcVVmYUs1WlBRZUxkeUliT2Q2N3Z6b2JRWG9sS1ZGOXNOc09taXBJQTdzeEpEZyITCKi-udLSvoADFZJRwgodE9AN9g&is_vtc=1&ocp_id=7KXKZKiYKJKjiQaToLewDw&cid=CAQSKQBpAlJWNJFoVhWAWTXMy59N-0GvR7AwbNEvO_K17oNs5oIQKHkCIbDt&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UN9zT1ODwaly6Debc62nIe0MEjknfmz_-Q&random=2518444876&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10903195006/?random=1216023726&cv=11&fst=1691002348602&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=RLp6CJGk0d4DEP6ahs8o&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ1TU8wcFl2RUhmcVVmYUs1WlBRZUxkeUliT2Q2N3Z6b2JRWG9sS1ZGOXNOc09taXBJQTdzeEpEZyITCKi-udLSvoADFZJRwgodE9AN9g&is_vtc=1&ocp_id=7KXKZKiYKJKjiQaToLewDw&cid=CAQSKQBpAlJWNJFoVhWAWTXMy59N-0GvR7AwbNEvO_K17oNs5oIQKHkCIbDt&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UN9zT1ODwaly6Debc62nIe0MEjknfmz_-Q&random=2518444876&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=*;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub....
adservice.google.com/ddm/fls/z/ Frame E5B3 42 B
401 B 83ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=*;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php

Requested by

Host: 12066847.fls.doubleclick.net
URL: https://12066847.fls.doubleclick.net/activityi;dc_pre=CK61vdLSvoADFWMPogMdnnAKSg;src=12066847;type=landi0;cat=hairc0;ord=6541114989217;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12066847.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/457436763/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.h...
https://www.google.com/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_...
https://www.google.de/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_c...

42 B
64 B

24ms
24ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ2RlVXMF9XTHY5M1ZQc0VNc19vemFUeElxeVh6VTFtWlRpUWZ4WDZmekw3WlFkT3FqbW8tM0ZkdyITCPLCudLSvoADFXdFwgodmjEDFQ&is_vtc=1&ocp_id=7KXKZPKcKPeKiQaa44yoAQ&cid=CAQSKQBpAlJWCdoGUEX7QTkjxvKvFmc2pDDonBSOAP4HCq7tcKxEqUrRY3Vb&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UMQZQN4OKJGyhpMvL7fs-h6IXoC_yspHY0&random=3806527783&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/457436763/?random=561742683&cv=11&fst=1691002348622&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&label=4aXeCJHJzvEBENvcj9oB&hn=www.googleadservices.com&frm=0&tiba=Not%20Found&value=0&auid=1401057208.1691002349&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlBwTVM2VmFVRkRLdmQyWlR4aWNmaWRPTHZ4Mm5FQzRaT1FtOHl6RFNfRi1lOUEaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ2RlVXMF9XTHY5M1ZQc0VNc19vemFUeElxeVh6VTFtWlRpUWZ4WDZmekw3WlFkT3FqbW8tM0ZkdyITCPLCudLSvoADFXdFwgodmjEDFQ&is_vtc=1&ocp_id=7KXKZPKcKPeKiQaa44yoAQ&cid=CAQSKQBpAlJWCdoGUEX7QTkjxvKvFmc2pDDonBSOAP4HCq7tcKxEqUrRY3Vb&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UMQZQN4OKJGyhpMvL7fs-h6IXoC_yspHY0&random=3806527783&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10903195006/ 42 B
455 B 45ms
19ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10903195006/?random=1691002348601&cv=11&fst=1690999200000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&frm=0&tiba=Not%20Found&fmt=3&is_vtc=1&random=138092328&rmt_tld=0&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10903195006/ 42 B
108 B 62ms
36ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10903195006/?random=1691002348601&cv=11&fst=1690999200000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&frm=0&tiba=Not%20Found&fmt=3&is_vtc=1&random=138092328&rmt_tld=1&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1069623110/ 42 B
108 B 45ms
21ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069623110/?random=1691002348587&cv=11&fst=1690999200000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&frm=0&tiba=Not%20Found&fmt=3&is_vtc=1&random=318479613&rmt_tld=0&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1069623110/ 42 B
455 B 46ms
21ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069623110/?random=1691002348587&cv=11&fst=1690999200000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&frm=0&tiba=Not%20Found&fmt=3&is_vtc=1&random=318479613&rmt_tld=1&ipr=y

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 41ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-29R484TY68&gtm=45je37v0&_p=429198790&_gaz=1&cid=135009134.1691002349&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691002348&sct=1&seg=0&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&dt=Not%20Found&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-29R484TY68&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
17ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-29R484TY68&cid=135009134.1691002349&gtm=45je37v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-29R484TY68&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-29R484TY68&cid=135009134.1691002349&gtm=45je37v0&aip=1&z=761781650

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4052189.js Show response
bat.bing.com/p/action/ 0
117 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4052189.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 02 Aug 2023 18:52:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C34BE71A82524AE69A315A44C1AE20E6 Ref B: FRA31EDGE0221 Ref C: 2023-08-02T18:52:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4052189&tm=gtm002&Ver=2&mid=d09d8c26-0aeb-47e5-90cc-b25207f7b9fe&sid=babdf6c0316511ee960e95a91096e281&vid=babe2ca0316511eeadb09392ddfb7536&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Not%20Found&p=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&r=&lt=1521&evt=pageLoad&sv=1&rn=160651

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 02 Aug 2023 18:52:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 688F5380141648649B377F4A5BDE5385 Ref B: FRA31EDGE0221 Ref C: 2023-08-02T18:52:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
34ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=1233798853&_u=aGBAiEAjFAAAAGAAI~&z=1019446635

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
45ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=1233798853&_u=aGBAiEAjFAAAAGAAI~&z=1019446635

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D74 15 KB
6 KB 63ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.hairclub.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=99401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hairclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 18:52:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 279613
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 collect Show response
gtm.hairclub.com/g/ 65 B
537 B 446ms
445ms XHR
text/plain 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.hairclub.com/g/collect?v=2&tid=G-29R484TY68&gtm=45je37v0&_p=429198790&cid=135009134.1691002349&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=2&sid=1691002348&sct=1&seg=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&dt=Not%20Found&en=page_view&_et=7&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-29R484TY68&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache
access-control-allow-credentials: true

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=491332099&gjid=262492493&_gid=1937626156.1691002349&_u=aGDACEAjFAAAAGAAII~&z=2112224733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hairclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 02 Aug 2023 18:52:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hairclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
36ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=491332099&_u=aGDACEAjFAAAAGAAII~&z=1729100842

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25883685-1&cid=135009134.1691002349&jid=491332099&_u=aGDACEAjFAAAAGAAII~&z=1729100842

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D74
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=hairclub.com&sn=ChromeSyncframe&so=0&topUrl=www.hairclub.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AhoMW3xCWUpvcEdDZ2FZZjhDMmczRmxKYlZnUE5uVTFWVDdXZVFwTjN2Zmo0TzZFTm40cmF0R0JlYnk2b1h5ZDRiMTIvWS9vdm94Z3BnVURRRXpqZnVJN0t2aVB5eFB3Y2dqeFZtWVNHZ1laS1J3SFV2U3BEUVFNUjFBSV...

430 B
655 B

82ms
22ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AhoMW3xCWUpvcEdDZ2FZZjhDMmczRmxKYlZnUE5uVTFWVDdXZVFwTjN2Zmo0TzZFTm40cmF0R0JlYnk2b1h5ZDRiMTIvWS9vdm94Z3BnVURRRXpqZnVJN0t2aVB5eFB3Y2dqeFZtWVNHZ1laS1J3SFV2U3BEUVFNUjFBSVlOSzQ0YmEwMjd6aGxvMEYvRmZMMUJ2d1dZVmNsOUw1M1RJQm02S1hIa2xWWmpsdklzaVR5TTVyY1lpb0IvVGZnZ2h4YmVDd05lRkFjVlgvQVNDdDdpaTRGM0VIYjlTQmR0NlhVQ215aXN4VnpmWW1xeGtROExIbENPSHpLdG9BS2JIM2RFck9qdWRXVk95d1RhNHlDZnhPSWNsV0NhL1hvWEV0MVpsNnBOMXdqRUZyTi9yRT18&cppv=2

Requested by

Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d82f5c1c8a6f1467fdf38394771e99647cd321ef780681a614a73eaabb0fc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7921442
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AhoMW3xCWUpvcEdDZ2FZZjhDMmczRmxKYlZnUE5uVTFWVDdXZVFwTjN2Zmo0TzZFTm40cmF0R0JlYnk2b1h5ZDRiMTIvWS9vdm94Z3BnVURRRXpqZnVJN0t2aVB5eFB3Y2dqeFZtWVNHZ1laS1J3SFV2U3BEUVFNUjFBSVlOSzQ0YmEwMjd6aGxvMEYvRmZMMUJ2d1dZVmNsOUw1M1RJQm02S1hIa2xWWmpsdklzaVR5TTVyY1lpb0IvVGZnZ2h4YmVDd05lRkFjVlgvQVNDdDdpaTRGM0VIYjlTQmR0NlhVQ215aXN4VnpmWW1xeGtROExIbENPSHpLdG9BS2JIM2RFck9qdWRXVk95d1RhNHlDZnhPSWNsV0NhL1hvWEV0MVpsNnBOMXdqRUZyTi9yRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 274536
content-length: 0
expires: 0

GET
H2 200 in.php Show response
win.staticstuff.net/ 155 B
369 B 684ms
644ms Script
text/javascript 2606:4700::6810:cc45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win.staticstuff.net/in.php?site_id=101240924&type=pageview&href=%2Fkansas_city.php&title=Not%20Found&res=1600x1200&lang=en&custom[hcuid]=2075031852285691026030350&jsuid=1899895980&mime=js&x=0.37632503746242096
Requested by: Host: d11tldh9zr4z08.cloudfront.net
URL: https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb3886cfa58b12e56f95381d1dd56ec93e5c8b55553678f239bb60698abb0c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f0884a9fa0a9bc5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-31061.tvsquared.com/ 42 B
276 B 112ms
111ms Image
image/gif 3.137.84.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-31061.tvsquared.com/tv2track.php?action_name=Not%20Found&idsite=TV-6381903681-1&rec=1&r=438136&h=18&m=52&s=29&url=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&_id=80e12da474db5660&_idts=1691002349&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=187
Requested by: Host: www.hairclub.com
URL: https://www.hairclub.com/kansas_city.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.84.0 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-84-0.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Wed, 02 Aug 2023 18:52:29 GMT
Server: nginx
Connection: keep-alive
Request-Id: aa61154c-c865-44d4-be36-766127c1f9d9
Content-Length: 42
Content-Type: image/gif

GET
H3

200

activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or... Show response
12066847.fls.doubleclick.net/ Frame 486D
Redirect Chain

https://12066847.fls.doubleclick.net/activityi;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uam...

464 B
291 B

215ms
214ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-X6S3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

5ddb42bd8bff58cd67ffcd4ed5970fb667162dba1a0218c94995420115c586b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hairclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 18:52:29 GMT
expires: Wed, 02 Aug 2023 18:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 18:52:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje1...
https://widget.us.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje1...

10 KB
4 KB

320ms
114ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje19hWlVzMlBRcGgyeUl4bzcxWEhWS3Z6c1Q2R254Z01MRVpoWVZuWE1LN09QZ1RrTngwbDJnZUxQJTJCYk5kNEU4S1R6SGgwYVpzTkclMkZJa3hMbTAyUHpGdVNwc1dPWWI4THE3UURmOSUyQjNtNDlnSHJISTl0ZWhTdEFZZzBob0s1b3JpRlNQTiUyQlYlMkJrMk1GM1RQTlNnTnVuU0p3JTNEJTNE&tld=hairclub.com&dy=1&fu=https%253A%252F%252Fwww.hairclub.com%252Fkansas_city.php&ceid=c8637d46-2990-40d4-9493-7e36e1399e11&dtycbr=52503

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bd09bdfe3fb0646555ec82bdc77a06c9af25c957de89a78fa79c9049012750c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hairclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18380496
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=99401&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=tlfje19hWlVzMlBRcGgyeUl4bzcxWEhWS3Z6c1Q2R254Z01MRVpoWVZuWE1LN09QZ1RrTngwbDJnZUxQJTJCYk5kNEU4S1R6SGgwYVpzTkclMkZJa3hMbTAyUHpGdVNwc1dPWWI4THE3UURmOSUyQjNtNDlnSHJISTl0ZWhTdEFZZzBob0s1b3JpRlNQTiUyQlYlMkJrMk1GM1RQTlNnTnVuU0p3JTNEJTNE&tld=hairclub.com&dy=1&fu=https%253A%252F%252Fwww.hairclub.com%252Fkansas_city.php&ceid=c8637d46-2990-40d4-9493-7e36e1399e11&dtycbr=52503
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13605506
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=*;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub....
adservice.google.com/ddm/fls/z/ Frame 486D 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=*;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php

Requested by

Host: 12066847.fls.doubleclick.net
URL: https://12066847.fls.doubleclick.net/activityi;dc_pre=CInG_tLSvoADFS4HogMdgd0Czg;src=12066847;type=allcl0;cat=hairc0;ord=6394750961504;auiddc=1401057208.1691002349;gtm=45He37v0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12066847.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C7F1 43 B
146 B 43ms
9ms Image
image/gif 18.197.22.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9BpDNo6wHCiyxDoum1QStGbzbOD3SdkmnkSxXA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.22.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-22-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C7F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_cm&google_hm=ay1GM0lDRDQ2d0hDaXl4RG91bTFRU3RHYnpiT0IyYUlCM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_gid=CAESEM1PyyX1hU_gd1Xb9UxWB1o&google_cver=1&google_ula=913071,0

43 B
369 B

15ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_gid=CAESEM1PyyX1hU_gd1Xb9UxWB1o&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 517121
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-F3ICD46wHCiyxDoum1QStGbzbOB2aIB2fQqDJQ&google_gid=CAESEM1PyyX1hU_gd1Xb9UxWB1o&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C7F1
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3019181797899829102

43 B
370 B

31ms
11ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3019181797899829102

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1010526
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
an-x-request-uuid: 6fbe479a-be28-4658-9877-7f4572e4e0f2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3019181797899829102
x-proxy-origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame C7F1
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ

43 B
904 B

29ms
26ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
an-x-request-uuid: 251b8f40-e01f-420e-80ed-9c2a118cc3c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
an-x-request-uuid: 69189991-aaec-4d88-afb3-8a704cd88d42
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XEHa046wHCiyxDoum1QStGbzbODW_k8ey43iUQ
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame C7F1 61 B
792 B 176ms
108ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8CQRkI6wHCiyxDoum1QStGbzbOBSmuZ8RLS0Zg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 18:52:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 02 Aug 2023 18:52:30 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C7F1 0
239 B 74ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YVj48Y6wHCiyxDoum1QStGbzbOADAiIg5VClAg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame C7F1 0
35 B 58ms
9ms Image
text/plain 35.158.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-kcYaFo6wHCiyxDoum1QStGbzbOBofHPi1stafw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.240.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C7F1 43 B
163 B 89ms
24ms Image
image/gif 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-efBaqY6wHCiyxDoum1QStGbzbOCb0IT1mONkVA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:29 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C7F1 0
99 B 87ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tmOBrI6wHCiyxDoum1QStGbzbOCOrE11sWIQyw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13292

GET
H2 200 um
criteo-sync.teads.tv/ Frame C7F1 23 B
163 B 81ms
49ms Image
image/gif 23.35.233.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-h42uw46wHCiyxDoum1QStGbzbODLvs2LdGWYBw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.233.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-233-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Wed, 02 Aug 2023 18:52:30 GMT
pragma: no-cache
date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame C7F1 37 B
140 B 74ms
6ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-ePvU0I6wHCiyxDoum1QStGbzbOAhyGjhgRbQMw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C7F1 0
125 B 68ms
0ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9PbvNo6wHCiyxDoum1QStGbzbOBXluJ-Jx8kkQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame C7F1 43 B
163 B 97ms
18ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Lyic8o6wHCiyxDoum1QStGbzbOAghUVC5qg9GA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C7F1 49 B
342 B 80ms
25ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UR4b5Y6wHCiyxDoum1QStGbzbOAgL1lv0fzp7A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:29 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 9
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame C7F1
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Aug 2023 18:52:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 02 Aug 2023 18:52:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-LHZkp46wHCiyxDoum1QStGbzbOC9zsFI7QS5yg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C7F1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j

42 B
942 B

48ms
41ms

Image
image/gif

54.229.40.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j

Protocol

HTTP/1.1

Server

54.229.40.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-40-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0ae28a8cd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KlGq966JQ7Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-074f8aa15.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CkqopwIVS2I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yx11LJk1V5AVGT-QQDA0ACK7qzhzEa0j
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame C7F1 43 B
1 KB 59ms
10ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-pA1dUI6wHCiyxDoum1QStGbzbOBOViLzwEhQ7Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 02 Aug 2023 18:52:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame C7F1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q

43 B
447 B

39ms
39ms

Image
image/gif

54.171.31.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q
Protocol: H2
Server: 54.171.31.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-31-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Aug 2023 18:52:30 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xqmdoY6wHCiyxDoum1QStGbzbODNKK9CpwvT_Q
access-control-allow-origin: *
date: Wed, 02 Aug 2023 18:52:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame C7F1 42 B
274 B 72ms
15ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-EDFVWY6wHCiyxDoum1QStGbzbOAGIufZLw5T0g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:29 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame C7F1 0
884 B 36ms
9ms Image
text/html 52.58.161.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-8p0B_Y6wHCiyxDoum1QStGbzbOD-Hf4iPKtlxQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.161.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-161-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame C7F1 0
145 B 703ms
86ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-YmlygY6wHCiyxDoum1QStGbzbOBU8iEmVvO0IA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 18:52:31 GMT
Cache-Control: no-cache
X-TraceId: 6ecebdf33f137ecab66463e42b6dad57
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C7F1 42 B
580 B 206ms
26ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rXekko6wHCiyxDoum1QStGbzbOCOZ8_RlxJ1Ug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame C7F1 43 B
399 B 355ms
117ms Image
image/gif 2600:1f18:612b:4264:dd23:8ef1:e587:b027
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-zGMvT46wHCiyxDoum1QStGbzbOBbwyO8YFcbUQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:dd23:8ef1:e587:b027 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 02 Aug 2023 18:52:30 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame C7F1 43 B
153 B 318ms
249ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-x_Hm-Y6wHCiyxDoum1QStGbzbOCa75OTJJ2KyQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Aug 2023 18:52:30 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C7F1 0
400 B 71ms
18ms Image
text/plain 2.20.65.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-976NR46wHCiyxDoum1QStGbzbODNp9mMtvXDEA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.65.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-65-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Aug 2023 18:52:30 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 01 Aug 2023 18:52:30 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame C7F1 0
38 B 119ms
34ms Image
text/plain 54.170.50.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-yXJN9o6wHCiyxDoum1QStGbzbOAXbXAKmd87LA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.50.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-50-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame C7F1 0
44 B 54ms
6ms Image
text/plain 35.158.16.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-7hlgxY6wHCiyxDoum1QStGbzbOBflmawCueGGA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:52:30 GMT
server: awselb/2.0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C7F1
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OjKnjWtaWdpN75LMxSfDhUP3bhgHVy8r

0
337 B

452ms
32ms

Image
text/plain

54.194.222.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OjKnjWtaWdpN75LMxSfDhUP3bhgHVy8r
Protocol: H2
Server: 54.194.222.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-222-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: private, no-cache, no-store
x-request-time: D=53 t=1691002350
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OjKnjWtaWdpN75LMxSfDhUP3bhgHVy8r
date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 695956
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame C7F1
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dpuybgRK6gPYGtwRZJRWiWItTb6rpecj

35 B
268 B

356ms
113ms

Image
image/gif

3.22.226.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dpuybgRK6gPYGtwRZJRWiWItTb6rpecj
Protocol: H2
Server: 3.22.226.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-226-243.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 18:52:31 GMT
x-bt-requestid: bc19f620-3165-11ee-94a3-0000ac1702a8
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dpuybgRK6gPYGtwRZJRWiWItTb6rpecj
date: Wed, 02 Aug 2023 18:52:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 685732
content-length: 0

GET collect
gtm.hairclub.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtm.hairclub.com
URL: https://gtm.hairclub.com/g/collect?v=2&tid=G-29R484TY68&gtm=45je37v0&_p=429198790&cid=135009134.1691002349&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=3&sid=1691002348&sct=1&seg=1&dl=https%3A%2F%2Fwww.hairclub.com%2Fkansas_city.php&dt=Not%20Found&en=scroll&epn.percent_scrolled=90&_et=47&richsstsse

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hairclub.com/	1970-01-20 15:52:58	Name: _gcl_au Value: 1.1.1401057208.1691002349
.hairclub.com/	1970-01-20 23:19:22	Name: hcuid Value: 2075031852285691026030350
.hairclub.com/	1970-01-20 13:43:24	Name: hcsession Value: new
.hairclub.com/	1970-01-20 13:43:24	Name: hcsourcecode Value: hairclub%7Cdirect%7Cenglish_site%7Cwww.hairclub.com%7Cnational%7Ccorporate%7Cusa%7Cany%7Cenglish%7Cany%7Cprospecting
.hairclub.com/	1970-01-20 13:44:48	Name: _gid Value: GA1.2.1937626156.1691002349
.hairclub.com/	1970-01-20 13:43:22	Name: _dc_gtm_UA-25883685-1 Value: 1
.doubleclick.net/	1970-01-20 23:04:58	Name: IDE Value: AHWqTUnXmF7vLQ7cegmy5qAzDhy-mjFJ_tbes-G2Y6Rwd2Z4-26elOzUIfzBYHmq7UM
.hairclub.com/	1970-01-20 13:43:22	Name: _gat_UA-25883685-9 Value: 1
.hairclub.com/	1970-01-20 13:43:22	Name: _gat_UA-248342648-1 Value: 1
.hairclub.com/	1970-01-20 13:43:22	Name: _gat_UA-25883685-1 Value: 1
.hairclub.com/	1970-01-20 13:43:22	Name: _dc_gtm_UA-25883685-9 Value: 1
.hairclub.com/	1970-01-20 23:19:22	Name: _ga Value: GA1.1.135009134.1691002349
.hairclub.com/	1970-01-20 13:44:48	Name: _uetsid Value: babdf6c0316511ee960e95a91096e281
.hairclub.com/	1970-01-20 23:04:58	Name: _uetvid Value: babe2ca0316511eeadb09392ddfb7536
.bing.com/	1970-01-20 23:04:58	Name: MUID Value: 3FBF95984D1A64291F9E86F94C916548
.hairclub.com/	1970-01-20 23:19:22	Name: _ga_29R484TY68 Value: GS1.1.1691002348.1.1.1691002348.60.0.0
.criteo.com/	1970-01-20 23:04:58	Name: uid Value: 6d9af59c-c68d-4040-8f40-e98f533dc34f
.hairclub.com/	1970-01-20 13:43:22	Name: _first_pageview Value: 1
.hairclub.com/	1970-01-20 22:28:58	Name: _jsuid Value: 1899895980
www.hairclub.com/	1970-01-20 23:19:22	Name: _tq_id.TV-6381903681-1.7991 Value: 80e12da474db5660.1691002349.0.1691002349..
.hairclub.com/	1970-01-20 23:12:46	Name: cto_bundle Value: tlfje19hWlVzMlBRcGgyeUl4bzcxWEhWS3Z6c1Q2R254Z01MRVpoWVZuWE1LN09QZ1RrTngwbDJnZUxQJTJCYk5kNEU4S1R6SGgwYVpzTkclMkZJa3hMbTAyUHpGdVNwc1dPWWI4THE3UURmOSUyQjNtNDlnSHJISTl0ZWhTdEFZZzBob0s1b3JpRlNQTiUyQlYlMkJrMk1GM1RQTlNnTnVuU0p3JTNEJTNE
.hairclub.com/	1970-01-20 13:44:34	Name: FPLC Value: bJLND%2FwLAaVzB8SCuM%2Bf9s0RZPX%2F2R09FSiGRdkoP1n5SNKYO0jOAJCxOP0B%2BuZkNd4G5UV4UnoAnmS35mlXXY0T0XXqTerXKMXbclQLAH5XLhNzr79ZaVlqHGjzRQ%3D%3D
.hairclub.com/	1970-01-20 23:19:22	Name: FPID Value: FPID2.2.mbL5cB7lIgvnicxjedxhQgaVx7jJVHCRYnicGgz1nPc%3D.1691002349
.adnxs.com/	1970-01-20 15:52:58	Name: uuid2 Value: 3019181797899829102
.adnxs.com/	1970-01-20 15:52:58	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>7vYMEf!]tbPl@/D!9hy6]/Cr.HjOeN[e5vg66SC%10/5>l3NP$X7kOuUmcFOlIS(Ve(OT3>zP3t@Uo$CbpRzqF1`bbym+e1Ru
.id5-sync.com/	1970-01-20 13:43:22	Name: cf Value:
.id5-sync.com/	1970-01-20 13:43:22	Name: cip Value:
.id5-sync.com/	1970-01-20 13:43:22	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:43:22	Name: car Value:
.id5-sync.com/	1970-01-20 13:43:22	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:43:22	Name: callback Value:
.casalemedia.com/	1970-01-20 22:28:58	Name: CMID Value: ZMql7ok85HnEldOvIgAKZgAA
.casalemedia.com/	1970-01-20 15:52:58	Name: CMPS Value: 2216
.casalemedia.com/	1970-01-20 15:52:58	Name: CMPRO Value: 2216
.demdex.net/	1970-01-20 18:02:34	Name: demdex Value: 84612122948449935141772893649047837407
exchange.mediavine.com/	1970-01-20 14:03:31	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22bb9758a0-3165-11ee-8472-b728cfb71d10%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:03:31	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22bb9758a0-3165-11ee-8472-b728cfb71d10%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:03:31	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22bb9758a0-3165-11ee-8472-b728cfb71d10%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:03:31	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22bb9758a0-3165-11ee-8472-b728cfb71d10%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:03:31	Name: criteo Value: %7B%22id%22%3A%22k-8p0B_Y6wHCiyxDoum1QStGbzbOD-Hf4iPKtlxQ%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 14:26:34	Name: ayl_visitor Value: 4c425c54bc984d747ce09c8e683ebc11
.media.net/	1970-01-20 22:28:58	Name: visitor-id Value: 3340039500733483000V10
.media.net/	1970-01-20 14:26:34	Name: data-c-ts Value: 1691002350
.media.net/	1970-01-20 14:26:34	Name: data-c Value: k-8CQRkI6wHCiyxDoum1QStGbzbOBSmuZ8RLS0Zg~~3
.360yield.com/	1970-01-20 15:52:58	Name: tuuid Value: 17845a24-caac-4faa-a8a6-9463f20593c0
.360yield.com/	1970-01-20 15:52:58	Name: tuuid_lu Value: 1691002350
.dpm.demdex.net/	1970-01-20 18:02:34	Name: dpm Value: 84612122948449935141772893649047837407
.360yield.com/	1970-01-20 15:52:58	Name: um Value: !38,4uoHEDfmCdkqmHPHhNiWiCJZFpISeEDr27HepMz30hTAMKggvE-C6iZ.hqKRDQceD5guWMgX,1698778350
.360yield.com/	1970-01-20 15:52:58	Name: umeh Value: !38,0,1753210350,-1
.pubmatic.com/	1970-01-20 14:26:34	Name: KRTBCOOKIE_97 Value: 3385-uid:k-rXekko6wHCiyxDoum1QStGbzbOCOZ8_RlxJ1Ug&KRTB&23144-uid:k-rXekko6wHCiyxDoum1QStGbzbOCOZ8_RlxJ1Ug&KRTB&23286-uid:k-rXekko6wHCiyxDoum1QStGbzbOCOZ8_RlxJ1Ug&KRTB&23287-uid:k-rXekko6wHCiyxDoum1QStGbzbOCOZ8_RlxJ1Ug
.pubmatic.com/	1970-01-20 14:26:34	Name: PugT Value: 1691002350
.tremorhub.com/	1970-01-20 22:29:19	Name: tvid Value: 9f428ac6cafa4773b4d9d8bbabfc41b1
.tremorhub.com/	1970-01-20 14:26:34	Name: tv_UICR Value: k-zGMvT46wHCiyxDoum1QStGbzbOBbwyO8YFcbUQ
.krxd.net/	1970-01-20 18:02:34	Name: _kuid_ Value: Ptim92VL

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hairclub.com/kansas_city.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.evgnet.com/beacon/hairclubformen/hairclub_prod/scripts/evergage.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12066847.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
ajax.googleapis.com
assets-global.website-files.com
bat.bing.com
beacon.krxd.net
cdn.evgnet.com
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
collector-31061.tvsquared.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d11tldh9zr4z08.cloudfront.net
d3e54v103j8qbb.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-tfzchks.uc.r.appspot.com
gtm.hairclub.com
gum.criteo.com
hairclub.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
win.staticstuff.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hairclub.com
x.bidswitch.net
gtm.hairclub.com
141.226.228.48
142.250.185.230
151.101.0.114
162.19.138.116
172.217.16.194
172.217.23.98
178.250.1.11
178.250.1.9
18.197.22.161
185.255.84.153
185.64.191.210
185.80.39.216
185.86.138.154
2.20.65.192
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:4de0:ac18::1:a:3b
23.218.208.23
23.35.233.56
2600:1f18:612b:4264:dd23:8ef1:e587:b027
2600:9000:225e:ca00:d:69b0:4e00:21
2600:9000:25ea:e600:12:9e5f:cac0:93a1
2606:4700::6810:5714
2606:4700::6810:cc45
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2014
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9c
2a02:2638:d::10
2a02:2638:d::d
2a03:2880:f045:10:face:b00c:0:3
3.137.84.0
3.22.226.243
3.75.62.37
34.117.157.22
34.249.200.254
35.158.16.209
35.158.240.125
37.157.6.254
37.252.173.215
52.222.232.99
52.58.161.8
54.170.50.92
54.171.31.19
54.194.222.133
54.229.40.109
69.173.144.139
70.42.32.95
74.119.119.150
75.2.70.75
76.223.111.18
85.215.5.31
99.83.190.102
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1828b1e1234a828c768d1b455b413687aa8c430195f96918a176c6396f1f153b
1c19927fe42b5fe33bcafdec7a019486904a599bd65162c614eaa0cf3b0b7ac3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
26918e4295cab1eaecebc5d4719c212691f040bfe31daf0c7caf08f7a0de520a
2a68d23ba1b82da3b3eb0dceb2c74f793e71c2cb5b0997f533c4639941656f72
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
34e4ecfecbfc58e28a1c9ace5389fb72403db00a146552ae58abeb3d31e160d9
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
3d82f5c1c8a6f1467fdf38394771e99647cd321ef780681a614a73eaabb0fc6c
3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349
41dc8819eef4f6d417ece78a49dd125b561a04ac5d3a60ad426bbd33edb692d2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8f25f31e4d5d7d9673aeea5d9b39e9bdbb0a192de5334935708f3b7ab44688
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5d5f9654fbf38d5d039ba2743bb47a0067a1e020a61ef5b43dd9c3059cd94424
5ddb42bd8bff58cd67ffcd4ed5970fb667162dba1a0218c94995420115c586b7
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
671c8bc1e41dbb0540291851b858820d46e805bae48264edd2a9608058f4beb7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7dfc51a0ca83d1ba91096488eba12920d6355d80ef7bcca95cb6d81eb103fdba
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d5f9da806835825f84ae3972afd9ba2c35173dbbfbdd8050d084882cf19352
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8ae1ce3732a25178bce18b5fdb84937aaf29b22856df8527ce666b718b3e9f8e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa33721b62ba2162a545b39fcdf705081e8ec791ba2efac32e06009d8824e728
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aef951ca96d64272bc9a595471cb2d5f860db4b7e9dc2ccfcea92b751708e6ed
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb478e8f4f9b29ad90f4608e48cf05b2b3b9f2068490576ea8b340921b7e2179
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd09bdfe3fb0646555ec82bdc77a06c9af25c957de89a78fa79c9049012750c4
c270e660d71d18901a57e6ba5fc84517e3fb8fd54f774b885d0295166443d3bf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df91f9bbd8a5c086995edfd495274597eda77a614ba9554a8682e27a5f7bf18e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51144d983d2de32b1f05c1693aab965bd56b55b087987540b100ec3c8265761
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e71a3c4673efe1ecf818a578e99aa5469b34309cd5d46eeffbdf01644f273b51
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
e960a22253617efe52fa48bf7c1131a432dbeff5c4ba031f948c2ef4bf88d85b
ecb3886cfa58b12e56f95381d1dd56ec93e5c8b55553678f239bb60698abb0c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f7138923403e6d1bf5eecc308785f57f201a13d1d1106a02ee4a4000551f86
fde7e0460eabcabaacc50c25d31eceb1db33bc483b07ab525a43112489e03f4f

www.hairclub.com Open in urlscan Pro 34.249.200.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

89 %HTTPS

38 %IPv6

47 Domains

62 Subdomains

59 IPs

9 Countries

1607 kBTransfer

5004 kBSize

54 Cookies

0 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hairclub.com Open in urlscan Pro
34.249.200.254 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

89 %
HTTPS

38 %
IPv6

47
Domains

62
Subdomains

59
IPs

9
Countries

1607 kB
Transfer

5004 kB
Size

54
Cookies

122 HTTP transactions
0 data transactions