urlscan.io logo urlscan.io
SecurityTrails logo

healthyhairremedy.net Open in urlscan Pro
172.67.172.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif
Effective URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 20 domains to perform 97 HTTP transactions. The main IP is 172.67.172.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is healthyhairremedy.net.
TLS certificate: Issued by GTS CA 1P5 on March 29th 2024. Valid for: 3 months.
This is the only time healthyhairremedy.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 43.231.127.148 56110 (EVERDATA-...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 12 172.67.172.158 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
20 2600:9000:266... 16509 (AMAZON-02)
1 5 172.66.43.115 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
4 34.96.102.137 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.101.1.44 54113 (FASTLY)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 23.35.237.86 16625 (AKAMAI-AS)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.99 15169 (GOOGLE)
1 142.250.185.104 15169 (GOOGLE)
2 70.42.32.159 13789 (INTERNAP-...)
1 216.58.212.132 15169 (GOOGLE)
1 157.240.252.13 32934 (FACEBOOK)
1 51.77.64.70 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
8 141.226.228.48 200478 (TABOOLA-AS)
1 216.239.32.36 ()
97 26
1    43.231.127.148 (India)

ASN56110 (EVERDATA-DATACENTERS Everdata Technologies Pvt Ltd, IN)
gop.ercankurtulusmakina.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mwebjoy.com
12    172.67.172.158 (United States)

ASN13335 (CLOUDFLARENET, US)
healthyhairremedy.net
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    2600:9000:266e:1600:1a:70ff:e780:21 (United States)

ASN16509 (AMAZON-02, US)
d39ldsmboekjvi.cloudfront.net
5    172.66.43.115 (United States)

ASN13335 (CLOUDFLARENET, US)
display.buygoods.com
www.buygoods.com
buygoods.com
tracking.buygoods.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2251:5200:9:2e71:c80:21 (United States)

ASN16509 (AMAZON-02, US)
d2ws3g38lw9quq.cloudfront.net
4    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
5    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
5    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
1    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
2    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    216.239.32.36 (None, )

ASN- ()
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
22 cloudfront.net
d39ldsmboekjvi.cloudfront.net
d2ws3g38lw9quq.cloudfront.net
1 MB
12 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1034
trc.taboola.com — Cisco Umbrella Rank: 748
trc-events.taboola.com — Cisco Umbrella Rank: 2557
47 KB
12 healthyhairremedy.net
healthyhairremedy.net
199 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
14 KB
5 gstatic.com
fonts.gstatic.com
295 KB
5 buygoods.com
display.buygoods.com — Cisco Umbrella Rank: 443146
www.buygoods.com — Cisco Umbrella Rank: 515803
buygoods.com — Cisco Umbrella Rank: 189952
tracking.buygoods.com — Cisco Umbrella Rank: 234994
10 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
4 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
383 B
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3210
tr.outbrain.com — Cisco Umbrella Rank: 3148
wave.outbrain.com — Cisco Umbrella Rank: 3203
10 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2757
73 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
366 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
16 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 7810
189 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
454 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
86 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6182
281 B
1 mwebjoy.com
mwebjoy.com
532 B
1 ercankurtulusmakina.com
gop.ercankurtulusmakina.com
323 B
97 20
Domain Requested by
20 d39ldsmboekjvi.cloudfront.net healthyhairremedy.net
12 healthyhairremedy.net 1 redirects healthyhairremedy.net
8 trc-events.taboola.com cdn.taboola.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
healthyhairremedy.net
5 fonts.gstatic.com fonts.googleapis.com
4 www.facebook.com healthyhairremedy.net
4 dev.visualwebsiteoptimizer.com healthyhairremedy.net
dev.visualwebsiteoptimizer.com
4 www.googletagmanager.com healthyhairremedy.net
www.googletagmanager.com
www.google-analytics.com
3 www.youtube.com healthyhairremedy.net
www.youtube.com
3 www.google.de healthyhairremedy.net
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
3 connect.facebook.net healthyhairremedy.net
connect.facebook.net
2 tracking.buygoods.com healthyhairremedy.net
tracking.buygoods.com
2 trc.taboola.com cdn.taboola.com
2 tr.outbrain.com amplify.outbrain.com
2 cdn.taboola.com www.googletagmanager.com
healthyhairremedy.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d2ws3g38lw9quq.cloudfront.net healthyhairremedy.net
2 fonts.googleapis.com healthyhairremedy.net
1 pro.ip-api.com healthyhairremedy.net
1 www.google.com healthyhairremedy.net
1 wave.outbrain.com amplify.outbrain.com
1 buygoods.com healthyhairremedy.net
1 www.buygoods.com 1 redirects
1 amplify.outbrain.com healthyhairremedy.net
1 ajax.googleapis.com healthyhairremedy.net
1 display.buygoods.com healthyhairremedy.net
1 mwebjoy.com 1 redirects
1 gop.ercankurtulusmakina.com 1 redirects
97 30

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com
d39ldsmboekjvi.cloudfront.net
zenithlabs.com
Subject Issuer Validity Valid
healthyhairremedy.net
GTS CA 1P5		 2024-03-29 -
2024-06-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
buygoods.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Frame ID: A9CA59F78190D8883D82B948DD2EC684
Requests: 92 HTTP requests in this frame

Frame: https://www.youtube.com/embed/L-7KsChe9yU?autoplay=1&controls=0&playsinline=1&modestbranding=1&loop=1&fs=0&mute=1&rel=0&showinfo=0&origin=https%3A%2F%2Fhealthyhairremedy.net&enablejsapi=1&widgetid=1
Frame ID: 40DAA3AAE7DB1328816A40FBFF8452F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zenith Labs® - Official Website

Page URL History Show full URLs

  1. http://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif HTTP 307
    https://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif HTTP 302
    https://mwebjoy.com/5624/6438/6/?subid=jagapy_227 HTTP 302
    https://healthyhairremedy.net/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438 HTTP 302
    https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • uikit.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

99 %
HTTPS

50 %
IPv6

20
Domains

30
Subdomains

26
IPs

5
Countries

2452 kB
Transfer

4372 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif HTTP 307
    https://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif HTTP 302
    https://mwebjoy.com/5624/6438/6/?subid=jagapy_227 HTTP 302
    https://healthyhairremedy.net/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438 HTTP 302
    https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://www.buygoods.com/images/buygoods_black.png HTTP 301
  • https://buygoods.com/images/buygoods_black.png

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
healthyhairremedy.net/vsl/
Redirect Chain
  • http://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif
  • https://gop.ercankurtulusmakina.com/ghtyrfdsweqazxhjbnkmlioprftgedswqauyihjif
  • https://mwebjoy.com/5624/6438/6/?subid=jagapy_227
  • https://healthyhairremedy.net/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
  • https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4222250083b9878e490547c6a202700541719f711e90931de56896729eacd8a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
884e4cd20f708f3c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2024 21:00:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTMEQpkntlb08xSZeETWdq3Rc9u5zBla9%2FH%2B69iW5i8kRp5HaXz4vvTPXPKlsdAjCYfCAZ2xxKN0ykn3MhPTOXwjceE91LQVT7cfGAo%2FLBAGZm8iyP34vbbdB9poRefgQQ8yc6NY9rw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
884e4cd00d018f3c-FRA
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2024 21:00:55 GMT
location
/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x63GDgRimzgMojgcUsxrLd42wO8VzyVxrE4O5vFaO4Q7WRdfZd1834xFVVjcRQSNwpvkKf40NAgNUDMXYMudxbCLnzbeR15%2B7YoKYlv4iv7kVwWWSVpi1%2BvwiKZyhf80FbzvBOk1nB4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-turbo-charged-by
LiteSpeed
fonts.css
healthyhairremedy.net/global/fonts/ 		1 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/global/fonts/fonts.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be33223281d7b724c93b9aae292011a042174638f5f280c58c180141f564c977

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jun 2023 13:04:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qczf7cbgAYSslYJHrvEOvmGbblIgPC2rcd%2BAbeqCl08rQNdPQrwnwg7MYwP2PwfPldu43M6Nxkv20S0gh4F3FyEdfUcnPrPHLkg5h4wVDMUtbfPeVbXsTT8L9IQh9bUqqNK23qogbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
884e4cd3191a8f3c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 21:00:56 GMT
icon
fonts.googleapis.com/ 		616 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 May 2024 21:00:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 May 2024 21:00:56 GMT
css
fonts.googleapis.com/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Source+Serif+Pro:400,400i,600,600i&display=block
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e148b9caa1baa363a945b1368c3a2397763ab67d76445f5295a9f90e48774a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 May 2024 21:00:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 May 2024 21:00:56 GMT
uikit.min.css
healthyhairremedy.net/global/css/ 		249 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/global/css/uikit.min.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a77ad74e821491afe452cce9ebed392729fc07bf05df49c061181fc11be861

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jun 2023 13:08:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYlzwSbBvuB6glX549Gube%2F0WC9zjPg1GZaDDso9bfrACPtovneGZlKJeuBwXmxEJihsFylKpHO4T0XfWcrmrIv%2Bra45c%2F3V7cxftKMAEXNxhnfQ9zuhi3IYP9VO841guoblo5KkO%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
884e4cd3191c8f3c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 21:00:56 GMT
tailwind.css
healthyhairremedy.net/vsl/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/vsl/css/tailwind.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcebda4e594aeb6a23baf0e3f3eae865ea2478b37cefddf200b5f6f09e601a51

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 04 Oct 2023 12:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Oc6vyONUAdSPpsO3w3Y4Cr9lK25Xvm0TgDL%2F8CXTPBK2xC8EZtYO2uOwAkTdjrRjhP0o3%2Bk8hVEdfSVKaaKMqKuu%2FgUGMi28tJci71mWBrC%2FKdAq4CUnAKteoDj1m2ofpXkwLBLLWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
884e4cd3191e8f3c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 21:00:56 GMT
global.css
healthyhairremedy.net/global/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/global/css/global.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43a65572b6750682a663c57f8bfaf84aec926c1c4863a7fed97f1354b56bad4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 17:33:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXyvJicdQFkXQ5uQSKJEVWNEMrKDA%2FVgkcvo8IAVEdkAjndjw7U6NvlN9JaUWIlMJ2Dx1Mby148QJOXef%2FnBBllZEGYqNjV0ITe2PG3QKqZZXjPxvGlaTueYEYuhv%2BlM1iqgFTowPvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
884e4cd319218f3c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 21:00:56 GMT
custom.css
healthyhairremedy.net/vsl/css/ 		329 B
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/vsl/css/custom.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83dfb292b3e43111f05cee70af215b030d32102fdb2c50296a394c1fa6748753

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jun 2023 20:45:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVesz%2F80%2FKO67mrt1RBumrirw4IugC58pU36fcPSntvNoaCXlC7D%2FXLRPFZkrbQKPCrHZH0bzNT3WkQMq32OIG6swpR2EymH3576MtkCHy8gxXYUaj0nWLn%2B%2BB4UNC6KvdHBczaUvHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
884e4cd319228f3c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 21:00:56 GMT
js
www.googletagmanager.com/gtag/ 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3909c0a28fca11a01833ed0528ac71d77c026407ea8eeb75dbba5f17ee219bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48149
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:00:56 GMT
dr-ryan-shelton.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/dr-ryan-shelton.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2f4bb52429ce2bbe04f32c60fd6f6ff9f0a785bf9abb0d3e5529504f247d38

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CU9OMFnHk80PFAxMhqlOTJoGY6ERkpD8
date
Thu, 16 May 2024 21:00:57 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2023 15:51:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
"2eedbec81b07802678e17a462d3840ef"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
77512
x-amz-cf-id
t4Lq5_QgsOBCZQATxYNHvepgNAURC0uIlLPanV8rMxZtaq6B2EgHQw==
credit-card-icons.png
d39ldsmboekjvi.cloudfront.net/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/credit-card-icons.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef887236c76fd7bdc9569ebcb6ef29cdc26665cf434ddbe2f53bd0a951c82e13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 02:14:03 GMT
x-amz-version-id
oQuxlmnU8cmfF0JZpftczL02bDDo2VKK
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Nov 2018 17:38:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
67613
etag
"181466e4a7ad68649bdb69c7f05e746a"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
40927
x-amz-cf-id
sAsjdONQPI8lWWLN6H-LMYRstGH7pvpwXZE1Rhj03_w4BbUuoTOc4w==
x-amz-meta-s3b-last-modified
20181120T173745Z
label_hairrevitalx.jpg
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/product_images/ 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/product_images/label_hairrevitalx.jpg
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd35895a229240d844c290caa4abd13f68e22df70361568ae686bd740b5c3c43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:12:01 GMT
x-amz-version-id
bcdayHNTvL0bnlnHcr_gc16pamzVxfhB
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Sun, 16 Jul 2023 20:19:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56936
etag
"fd70f084ec4f7a73502173e7e0510f45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
464663
x-amz-cf-id
9aatm9p4SQUUqaeR7enDGDXPZbVQhOtrINWw-HRk9Tyn3QUrEvuF4w==
label_hairrevitalx_2.jpg
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/product_images/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/product_images/label_hairrevitalx_2.jpg
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abca43c56895c3dc37a5a00b7e8a6da9f0a045fb2174cf48224c5d04171e90e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 03:38:12 GMT
x-amz-version-id
N5h.QIFOr6siNX2ivIsi9n4BhRmUwCoP
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 16:33:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
62565
etag
"533297ac76d494e120cd8906f98178b0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
273752
x-amz-cf-id
YyUrj1pmmGLwt2XCnWT8lZKAp1qo_GOQFeWUXtfEL5-YG08Bus_a_Q==
guarantee.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/guarantee.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46f2b6be023390e5a23b1cb7e5015c4fbcdb7046bcb11cf5da4ac52ab1b8b6f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:12:01 GMT
x-amz-version-id
DR3ornzJahJTz2zhTYrB6BoY_oWn4h47
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 17:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56935
etag
"89f142dd047778e5a0c3c400bfa72952"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
153036
x-amz-cf-id
O5FP2kJ4P8HuS0ve9SSf_rJ_iFwZNtT5lDmZkfR_t1WlDR3j4OzjuA==
free-shipping-white.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/free-shipping-white.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52c315a5093af805f89921e22ea041688022f083a56c808dd8b0b93440a35521

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5FCnWqqRAH9a9vSrg5uAU5raPHiiHa_K
date
Thu, 16 May 2024 04:27:18 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 17:35:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59619
x-amz-server-side-encryption
AES256
etag
"ee248ee7fb8c09d6418599b0f619a3fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8535
x-amz-cf-id
GuTmrS0RhyEVn38dhgykqj7mU4sJxkQq1b9KltI50jTeyQnH7TkIUg==
bg-vitamin-angels.jpg
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/bg-vitamin-angels.jpg
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb73bb50cf7c12e60cee353f04727d5e48e6b99c39c2066a4810b657e42d458a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ROaNl2CwoSPO6eCJAYm8zyvkPsy9X3YH
date
Thu, 16 May 2024 05:12:01 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 17:35:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56936
x-amz-server-side-encryption
AES256
etag
"8c786625763f68e6fe63327583ef6a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
108491
x-amz-cf-id
DbQ8pFLediaG5J-2w_RvBBCL9Z3q2RrncEulx6EJ5CnhOH_lv_QOsg==
vitamin-angels-logo.svg
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/vitamin-angels-logo.svg
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8b975ffdb5609126f4c582ffa7de664b8b476cb6f9094368a28de69ffbe4334

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
j9UDbf5gX_zkgCAdTwU1ECxFJq9qUDT6
content-encoding
gzip
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
date
Thu, 16 May 2024 03:27:10 GMT
last-modified
Tue, 11 Jul 2023 17:35:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
63227
x-amz-server-side-encryption
AES256
etag
W/"4e807b58d87db2fe096f7d2f7857453d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
7mrI4tiZmSdlil6UCn0qwm9yLFlXRITfYZ0b7OCkGelSADM8Yzv0bw==
disclaimer
display.buygoods.com/v1/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=5729
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-credentials
true
x-server
WEB_6_7500
cf-ray
884e4cd65bf09743-FRA
alt-svc
h3=":443"; ma=86400
logo_white.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/logo_white.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bdadeeded03f8aa0511377b76f22a6aecb26a2629e9b6bc93767559d291b7a6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 06:24:29 GMT
x-amz-version-id
GHo.9ns0KcJ0ZTcOXs62qHY0qe9af7Dc
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 17:35:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
52588
etag
"6d5f33e48a8e1810a2f4026fd32ee446"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9203
x-amz-cf-id
wNqVgZMnWxfSfRCmDdkir2SrttXwOzkc9mZGLIY6jMrm8fIhZS82OA==
email-decode.min.js
healthyhairremedy.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663b4689-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JFi1TeQ%2FKbiq9UMpd0GVI3ovb9T651sl%2FTsBBkvwfWtPMybbF7K5v3dKjREVrEUKG58Szn1x6pv0%2FQ01FI9rNBsu87%2BbIgutdCGTyZLIHctxwffnk%2BYs%2B0xMF53%2BkoYqLm%2Bv0hP6Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
884e4cd49b438f3c-FRA
expires
Sat, 18 May 2024 21:00:56 GMT
uikit.min.js
d39ldsmboekjvi.cloudfront.net/uikit3/js/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39ldsmboekjvi.cloudfront.net/uikit3/js/uikit.min.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56e5e18206e127f8d8d9a3ca95e9af51f42117e6b702bc934676d66793412e8e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5gys3dAKPZEHkDwSOKJwiO_m7bl.L.x1
content-encoding
gzip
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
date
Wed, 15 May 2024 23:44:13 GMT
last-modified
Wed, 23 Jun 2021 18:42:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
76604
etag
W/"628a84a7d26c628fa390b74eb38c6928"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-vAEsh7Hc8wKTnHVX5yjJ3KPeKFLZ2YIwkexkXxIzdWqXfcs1PsB9g==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 10:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 May 2025 10:13:42 GMT
global_injections.js
d39ldsmboekjvi.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39ldsmboekjvi.cloudfront.net/js/global_injections.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db1ac9b038d74d08bb0d5fa2cf6f00626acf8556d68581e2583e7bd9ce13b49f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
y2TbYhgM1htQgurgH0487_hj5emwOa1U
content-encoding
gzip
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
date
Thu, 16 May 2024 01:33:01 GMT
last-modified
Thu, 02 May 2024 21:18:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
70076
x-amz-server-side-encryption
AES256
etag
W/"072426c1f689966a5f0464053856ad86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7No1ZigjELUWr_3I0XNlquftSLHj_U1zVvPtphHb6J1okloY_P0HeA==
flipclock.min.js
d2ws3g38lw9quq.cloudfront.net/js/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ws3g38lw9quq.cloudfront.net/js/flipclock.min.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5200:9:2e71:c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fea8586fabe06391eba5a467c0c6d98bee9b790b304b6f4e5062fbab84ed0ef2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 04:53:04 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:06:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
58236
etag
"9405350d55476d14723f3e2db3cb3ad1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20683
x-amz-cf-id
7D-xPXSBxkf7yNY0WRSvKkAiE14-0R2cHWkPpbbsrzxMpcFocGRVMw==
flipclock.min.css
d2ws3g38lw9quq.cloudfront.net/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ws3g38lw9quq.cloudfront.net/css/flipclock.min.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5200:9:2e71:c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30f0a6dcfc7aeed517d2e510acae37c717618afe13aa25d44cebfec083e773f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:58 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 20:47:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"63407a27da1cf73f822e75935a5dafd8"
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
no-cache
accept-ranges
bytes
content-length
8126
x-amz-cf-id
44wxGEatkTbDqGan1fGtzt8HApJLNh6wuRfbaNJBl8p7T4P0R9eRrQ==
useproof-zl.js
d39ldsmboekjvi.cloudfront.net/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39ldsmboekjvi.cloudfront.net/js/useproof-zl.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fe70289912b551dcd49191cf550309efaef6a799b3012f334d57ecb972cd8d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VzXQ.pPdumOS_baN7kw3_MewU17gqZei
content-encoding
gzip
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
date
Thu, 16 May 2024 04:27:18 GMT
last-modified
Mon, 22 Apr 2024 20:27:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59619
x-amz-server-side-encryption
AES256
etag
W/"857f76b78728e1147ac32697ce7702ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2EUqQut2EF4rra6Y0dAVDINhcpBVIuKABhxllsd-jaYFlVlthDau9A==
useproof-zenithlabs.css
d39ldsmboekjvi.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d39ldsmboekjvi.cloudfront.net/css/useproof-zenithlabs.css
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fd23efa68e8739f06305931263912a99eed2cf3b30c1460c6e109f8fa17bc5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dczQD8aSL4jRO4sLIAixh3MAjsxib8AS
content-encoding
gzip
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
date
Thu, 16 May 2024 05:12:01 GMT
last-modified
Wed, 17 Apr 2024 03:15:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56936
x-amz-server-side-encryption
AES256
etag
W/"05dc16bcc213e0db5ccfc7feab945c4b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
VMe80cQh1n7X8vE96f3uWbqe3NdrJdYfqzDc3_Q6HAnrGM4Jqo_Fqg==
modal.png
healthyhairremedy.net/vsl/img/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthyhairremedy.net/vsl/img/modal.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b021f19b104cf1dd2e287a451b881933479d76a1d8aec39fa9431da686e52c0d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 22 Aug 2023 19:06:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1HZ4G369p1E5rt2Jf4qXpw%2F6WuRJwG6CxyHvY%2BNuxCrScSavbgXU4MhEGWbW91NIQKCz%2FezpT7nF4XmMGst%2F%2BK3j6DUWQpy2M4Jn7Xayt5CBLAa1FmXsqM9OyCbjDlvsj7SM5X%2FKts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
884e4cd5fd738f3c-FRA
alt-svc
h3=":443"; ma=86400
content-length
36192
expires
Thu, 23 May 2024 21:00:56 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=231917&u=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&f=1&r=0.648887373363553
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
b1cab92f3ee02a959a0d484ea912ee75bc12bd12df8ab8cef73e9748c8ae552c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:55 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1715864270"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/ 		446 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f10ecc5415960c95adfa226f697230b4c394476cb99ef60c8a6f1519aa2ecec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
122507
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:00:56 GMT
bg_main.jpg
healthyhairremedy.net/vsl/img/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healthyhairremedy.net/vsl/img/bg_main.jpg
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/css/tailwind.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8a3dd0c60bfddc06cb8dfc6f27b051e89e83df75cc96bae75a8c9a675da9c47

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/vsl/css/tailwind.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 22 Aug 2023 13:15:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sobf%2F7LktYT0UD6RSZM27AbtZ63CFnGnqbOUf2QdU%2BUZATrKHPA1VEMVYX39%2FtAIamL%2B3t3AjLEoOHI9qEPFUtajJjX1BIb%2FzdLWDYdFVFsAbl1jjRzszkABOhKmpAZzexmIqSZFTlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
884e4cd61d988f3c-FRA
alt-svc
h3=":443"; ma=86400
content-length
46266
expires
Thu, 23 May 2024 21:00:56 GMT
BwNistaGrotesk-Thin.woff2
healthyhairremedy.net/global/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/global/fonts/BwNistaGrotesk-Thin.woff2
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/global/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82565e886642bc572a103a792ae4005b86cd826ec619ffc77accae4ee066cc4f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/global/fonts/fonts.css
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jun 2023 11:30:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynjFeqami1pl70EA6huIuA8pww1eeoxBQTPKyZ2Vz4FitkJO462obGvh2nnRRv3RaZ26AIf%2BFiMuTsOvTEbApKLiUsIQAHOykV6DC7R8GVlmk07x77RB9Ydq1BbeOwCibe6%2Fat8asdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
884e4cd62dbd8f3c-FRA
alt-svc
h3=":443"; ma=86400
content-length
29400
expires
Thu, 23 May 2024 21:00:56 GMT
BwNistaGrotesk-ExtraBold.woff2
healthyhairremedy.net/global/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://healthyhairremedy.net/global/fonts/BwNistaGrotesk-ExtraBold.woff2
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/global/fonts/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24992519a1f4a96fa057a68859b14efbecbc41391945d9e215aa2cb415308c48

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/global/fonts/fonts.css
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Jun 2023 11:30:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4RvCY6tk%2BPewzXwZzWg%2FAp7GL29n0gmurYJkhHIMyHegX6tZZ4ANsbcPXjreX%2FR4HuvfOed40A0FBriP%2FAsdCtvvTR4fVurfMFgEV9A8gGid8Q3hK8Mi8IQcyWCpL%2Bs2sm4YMwB%2FJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
884e4cd62dbf8f3c-FRA
alt-svc
h3=":443"; ma=86400
content-length
32012
expires
Thu, 23 May 2024 21:00:56 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Source+Serif+Pro:400,400i,600,600i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:46:07 GMT
x-content-type-options
nosniff
age
220489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:46:07 GMT
gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:05:07 GMT
x-content-type-options
nosniff
age
219349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155276
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 20:24:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:05:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Source+Serif+Pro:400,400i,600,600i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
245403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 00:50:53 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Source+Serif+Pro:400,400i,600,600i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:44:48 GMT
x-content-type-options
nosniff
age
220568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:44:48 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Lato:400,400i,700,700i,900|Source+Serif+Pro:400,400i,600,600i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:24:54 GMT
x-content-type-options
nosniff
age
218162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:24:54 GMT
va-251ce773f5fcac7c81edf1bcae906fc5.js
dev.visualwebsiteoptimizer.com/7.0/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-251ce773f5fcac7c81edf1bcae906fc5.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=231917&u=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&f=1&r=0.648887373363553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
108d9e7298999653ca91442ae0396224b6658442ed6a8117c52c8bc85a16600d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Origin
https://healthyhairremedy.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 15 May 2024 13:24:48 GMT
server
gfra1
etag
"6644b7a0-10d34"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68916
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=231917&d=healthyhairremedy.net&u=DA4D7BDA7048E78C8CE14415295952A64&h=fe21f42505b8be88dff32c5b424a1807&t=false
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
js
www.googletagmanager.com/gtag/ 		312 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P7TZMNE1K2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77371126b331025a507843402310f40c6b0dce51f8bb310cf06c450a4ed8bf7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105612
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:00:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 May 2024 20:20:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2429
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 16 May 2024 22:20:27 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1270828/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dbb039e180d3dc8802c7f1371a199f3dd6278e279619ce210b51134fce657ac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hbvl5qrtZ_H_KUVSM7H9bclfNP7kZKVD
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 May 2024 21:00:57 GMT
x-amz-request-id
F0XV0DVZB53A87SB
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21507
x-amz-id-2
Oyba6yVSy9vfuhLBBrpfZzeI9NK12qXUBSU3iXn+ItkvW34uh1AlnAZGE7nJO8q4ms+uBP0z1yE=
x-served-by
cache-fra-etou8220111-FRA
last-modified
Sun, 12 May 2024 11:02:59 GMT
server
AmazonS3
x-timer
S1715893257.907575,VS0,VE133
etag
"69588bd45035b77e81ef95ed7700f2e0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HNC48
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 16 May 2024 21:00:56 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 63625A2901104D0692D8B77A637B50F1 Ref B: DUS30EDGE0807 Ref C: 2024-05-16T21:00:56Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 21:00:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
cMrM0Z10nlXJM9atXfD7b9NCjCsLaW68o5Ztx/30JiSLGzDPiDrFL0h6TldEfWyvDsFZeNVfIqHpyfkO2N4WFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7589d42786cb69acd07ffa01b3dde676938476caa8fd4defe8ee5b7dae7e653e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 16 May 2024 21:00:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 May 2024 14:50:09 GMT
Server
AkamaiNetStorage
ETag
"e1e7b4799c61beb5c99cf8ede924a043:1715784890.345371"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8422
Expires
Thu, 16 May 2024 21:20:56 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1498912/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1498912/tfa.js
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc991c28f3f63f970b4645eda1740fe71d7c93ed532637b0bb9d6afeaf27c955

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
G_zlj4fuXhzQqNzAfTARESMNWM3QRGkU
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 May 2024 21:00:57 GMT
x-amz-request-id
F0XRXDJXTXQ5Q1R0
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21500
x-amz-id-2
McFNZjCk48XW1R6DBHnxAQLtdxl0IYDqXopWMCPm2l1auaEtCDHfBIlawPinX9gr928xkQupshI=
x-served-by
cache-fra-etou8220111-FRA
last-modified
Sun, 12 May 2024 11:03:46 GMT
server
AmazonS3
x-timer
S1715893257.907691,VS0,VE235
etag
"a0e6ec07ed5d8641ee4362178fc3c957"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
buygoods_black.png
buygoods.com/images/
Redirect Chain
  • https://www.buygoods.com/images/buygoods_black.png
  • https://buygoods.com/images/buygoods_black.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buygoods.com/images/buygoods_black.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://healthyhairremedy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 16 May 2024 21:00:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2231
cf-polished
origFmt=png, origSize=9596
content-disposition
inline; filename="buygoods_black.webp"
alt-svc
h3=":443"; ma=86400
content-length
4492
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Sep 2017 06:30:00 GMT
server
cloudflare
etag
"59b77ee8-257c"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=315360000
x-server
WEB_1
accept-ranges
bytes
cf-ray
884e4cd81eb89743-FRA
expires
Sun, 14 May 2034 21:00:57 GMT

Redirect headers

date
Thu, 16 May 2024 21:00:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
server
cloudflare
age
2231
vary
Accept-Encoding
location
https://buygoods.com/images/buygoods_black.png
cache-control
public, max-age=14400
cf-ray
884e4cd78dec9743-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Fri, 17 May 2024 01:00:56 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		14 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=231917&settings_type=1&vn=7.0
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-251ce773f5fcac7c81edf1bcae906fc5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
6f09073baac76940beea7a4be1dce14bce19a9065e54b86169fbf197afa467f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:56 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1715864270"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/j/ 		16 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1479429396&t=pageview&_s=1&dl=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&dr=&ul=de-de&de=UTF-8&dt=Zenith%20Labs%C2%AE%20-%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACABI~&jid=1163029157&gjid=742780514&cid=328692057.1715893257&tid=UA-156185630-1&_gid=1100138018.1715893257&_r=1&_slc=1&gtm=45He45f0n81N3HNC48v830401274za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=387251767
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
973c012bac2d0eab4886cb17d37a5a3bc2ed15cfc58a17920231907d77f363c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
56323860.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56323860.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 16 May 2024 21:00:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 03DC19D953EF47FD88E5850DD5784520 Ref B: DUS30EDGE0807 Ref C: 2024-05-16T21:00:56Z
x-cache
CONFIG_NOCACHE
343099597.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343099597.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 16 May 2024 21:00:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 878AA3863E7649CCB5D9D2216AF8D7C4 Ref B: DUS30EDGE0807 Ref C: 2024-05-16T21:00:56Z
x-cache
CONFIG_NOCACHE
2933385093392789
connect.facebook.net/signals/config/ 		98 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2933385093392789?v=2.9.156&r=stable&domain=healthyhairremedy.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43e7f9477e89955f4bf43011b44a0848497516f456b925e365932ac823bdb5d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 21:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=64, mss=1294, tbw=63356, tp=-1, tpl=-1, uplat=153, ullat=1
pragma
public
x-fb-debug
LdPIU+SQ6rRlOYfM8kJUAOPEOuODNT3c8ZDpXwcxeELddAiODen8AGf6GCKS3gfqD1bHjlVMWsxlByZfKwzHZg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P7TZMNE1K2&gtm=45je45f0v9116127778z8830401274za200&_p=1715893256623&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=328692057.1715893257&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1715893256&sct=1&seg=0&dl=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&dt=Zenith%20Labs%C2%AE%20-%20Official%20Website&en=page_view&_fv=1&_ss=1&ep.allowLinker=true&ep.referrer=&tfd=3048
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7TZMNE1K2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P7TZMNE1K2&cid=328692057.1715893257&gtm=45je45f0v9116127778z8830401274za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7TZMNE1K2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P7TZMNE1K2&cid=328692057.1715893257&gtm=45je45f0v9116127778z8830401274za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=951996396
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-156185630-1&cid=328692057.1715893257&jid=1163029157&gjid=742780514&_gid=1100138018.1715893257&npa=1&_u=YGBACEAABAAAACABI~&z=205096394
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 16 May 2024 21:00:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		279 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJ67Q322L9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6b353efebc43f7579e78f83cef4472df7e04517cf4faf8243f96b18c933109d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98311
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:00:57 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
442 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=03408099214644915&referrer=&cht=gtm&marketerId=006a8dc9da81ab08022e55b61fb875da32&name=PAGE_VIEW&dl=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 16 May 2024 21:00:57 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
image/gif;
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-TraceId
501a5f23b45e7e469f2cda91d0f91d19
Content-Length
54
cachedClickId
tr.outbrain.com/ 		35 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=006a8dc9da81ab08022e55b61fb875da32
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 16 May 2024 21:00:57 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
4b19da5c4539cabd36c87380bed6ae0a
Content-Length
39
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/javascript
006a8dc9da81ab08022e55b61fb875da32
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/006a8dc9da81ab08022e55b61fb875da32
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Thu, 16 May 2024 21:00:57 GMT
ob-sent-time
1715878764471
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
d061d331d11cb532958bae6ab2c81d49
Content-Length
22
Expires
Thu, 16 May 2024 21:01:57 GMT
json
trc.taboola.com/1270828/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1270828/trc/3/json?tim=1715893257064&data=%7B%22id%22%3A2%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1715893257061%2C%22cv%22%3A%2220240512-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzenithlabs-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1715893257064%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3dffb4e785c91b2f124ce06257852c73f18c3ba9b5b4a44f6b78ea826ab1afa7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
21
date
Thu, 16 May 2024 21:00:57 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.19325
x-fastly-to-nlb-rtt
7379
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220111-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1715893257.086190,VS0,VE21
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-156185630-1&cid=328692057.1715893257&jid=1163029157&npa=1&_u=YGBACEAABAAAACABI~&z=1830755482
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-156185630-1&cid=328692057.1715893257&jid=1163029157&npa=1&_u=YGBACEAABAAAACABI~&z=1830755482
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1526976/trc/3/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1526976/trc/3/json?tim=1715893257130&data=%7B%22id%22%3A382%2C%22ii%22%3A%22%2Fvsl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1715893257061%2C%22cv%22%3A%2220240512-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzenithlabs-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1715893257066%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1270828/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bfbe72f321220ea4b600ab73c30c7115a536f7afd79a1131ebb61ca161f7df43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
18
date
Thu, 16 May 2024 21:00:57 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.19
x-fastly-to-nlb-rtt
7450
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220111-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1715893257.144969,VS0,VE18
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VJ67Q322L9&_ng=1&gtm=45je45f0v9137567031za200&_p=1715893256623&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=328692057.1715893257&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&dt=Zenith%20Labs%C2%AE%20-%20Official%20Website&sid=1715893257&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3211
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ67Q322L9&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-VJ67Q322L9&cid=328692057.1715893257&gtm=45je45f0v9137567031za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ67Q322L9&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-VJ67Q322L9&cid=328692057.1715893257&gtm=45je45f0v9137567031za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0&z=2060472750
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
679825000960528
connect.facebook.net/signals/config/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/679825000960528?v=2.9.156&r=stable&domain=healthyhairremedy.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C124%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C180%2C117%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
6ea9a1fb0d0384e3a3212ca128b2f9de8eceb81d7f194aced3578fdee62a3601
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 21:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4333, tp=9, tpl=0, uplat=151, ullat=0
pragma
public
x-fb-debug
eVDq5o0bVyeqPpSgAFIGkWiV8R9+lIkGIUop57hPuTzN8sc3YbuHPfhLCjkW6wroTsajQaLKdHVsf9S7q6uYDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
pro.ip-api.com/json/ 		125 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=status,message,country,countryCode,regionName,city,query&key=OuEAUSSxGBe48LX
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
72e81ba0f829df84c85cdb9e0d9dd68b20daca7aed9790a80b64542850fe2b1e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 May 2024 21:00:57 GMT
Content-Length
125
Content-Type
application/json; charset=utf-8
/
tracking.buygoods.com/track/ 		600 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=5729&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=hairrevitalx_main_1,hairrevitalx_main_3,hairrevitalx_main_6
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855d11cc202f0ab351c9419ef7d5833d86cb7fd5561acc86a787593a7b2cb6b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-server
WEB_6
cf-ray
884e4cda08f69743-FRA
expires
Tue, Jan 12 1999 01:01:01 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aca3c908d9d8470bff8853cac25c829d799894a10ed9e81b8ed19b8023194f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 16 May 2024 21:00:57 GMT
dj.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/dj.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e4fa247a4f2b1ffbf0f6d92503546806db9d67a1dd0ffe9ca72288540ce6dc6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
QdXAiNLm92UfEksI4YeJET_CexOkiyre
date
Thu, 16 May 2024 05:12:05 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56933
x-amz-server-side-encryption
AES256
etag
"68b9ba513fd615d3a4a05b8f9cf6de0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7394
x-amz-cf-id
83al05Nq1ujUNzs8PcEqhWntjJFlVZ4sJtty3BE_zjNFf8cC4tFYIQ==
an.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/an.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aae4ec70a71dbda1e451256e29108a3a20297fcc06b9847cd3da6a555758eb34

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 03:13:24 GMT
x-amz-version-id
hAkx5pVTgF.DT2oQDvcUAZw3uZwqNYJG
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
64054
etag
"566c280c36cd1e9da904a49923dec19c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
11688
x-amz-cf-id
QjUptAreDRaBkK42Mqf9mGYXK4Iwrs1qGv9QPH1kORxBMfYlTxclbQ==
bi.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/bi.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb09212005b9d15376671ef6b56a8985297927adc731747dee5eca2f8295f4f4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
diXIT7BLQJU7PBHgf3cybboXPziBA06I
date
Thu, 16 May 2024 04:27:23 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59615
x-amz-server-side-encryption
AES256
etag
"1f9fb324614f9bc41a1199f7cdb6c0b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17066
x-amz-cf-id
z8olNM6S0xNLZANjVVbPO0Ayck0upKwBX4hSJ3mMdrpLRtfElnRRGw==
ap.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ap.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96611c86bbcd61edf21cf394fe9ad795ddc66a5583dd3cf423086aeb18e9d348

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
eFj4hlO72OiN1DImI5JwbcFxmAG9YVXE
date
Thu, 16 May 2024 01:33:02 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
70075
x-amz-server-side-encryption
AES256
etag
"ddcd3748c0177838898f87e52fc4f334"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6889
x-amz-cf-id
HXQ03NSJAL-xsWmW8lrF_-eUsBjQc4Hvnwa4fHYxylTbUyg5BODkHg==
nyw.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/nyw.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4de62b285cea65607259be7b6c22b9bc0c382f2f66124a4406cc8ccfd88dd7b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
irmM.10Trx4PjHkckAG6KB.buAJBVGmW
date
Thu, 16 May 2024 05:12:05 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
56933
x-amz-server-side-encryption
AES256
etag
"414e9a99ac2efe8b3b5f73f756f75b1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14710
x-amz-cf-id
8N5h72GxEAxg7rBOtog4bIi8rca0sJdZTabHzt_YffExEEX09Tcsgg==
gq.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/featured_logos/gq.png
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
090d2fd1504854c370861d9ca7215ee388ccf70e633f4fd5e00983b6454557d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
H3MeuNK8eHp_bJ5n5Xn.N9P3hTdX6FQy
date
Thu, 16 May 2024 04:27:23 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 20:01:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59615
x-amz-server-side-encryption
AES256
etag
"c3b467437831d2854e40191cf1a4fa12"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15267
x-amz-cf-id
hsEHHADYWIH1xuNDI85bkIM4gumADewKkTStlvGypFJmA4Jmygw0zg==
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56323860&tm=gtm002&Ver=2&mid=e26403fd-4b89-4155-9b72-84cc9fa578df&sid=643a050013c711ef9b9e172e5051254a&vid=6439e80013c711efbe13f943d7b42291&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Zenith%20Labs%C2%AE%20-%20Official%20Website&p=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&r=&lt=3314&evt=pageLoad&sv=1&rn=252878
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 May 2024 21:00:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 11B1BE07D8ED4274BA802C239D25717B Ref B: DUS30EDGE0807 Ref C: 2024-05-16T21:00:57Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343099597&tm=gtm002&Ver=2&mid=fd6e7eaf-6130-4802-ad59-4d1a56c3a428&sid=643a050013c711ef9b9e172e5051254a&vid=6439e80013c711efbe13f943d7b42291&vids=0&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Zenith%20Labs%C2%AE%20-%20Official%20Website&p=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&r=&lt=3314&evt=pageLoad&sv=1&rn=660155
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 May 2024 21:00:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A436364D5B3D4A18B3333C9F878B74C3 Ref B: DUS30EDGE0807 Ref C: 2024-05-16T21:00:57Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2933385093392789&ev=PageView&dl=https%3A%2F%2Fhealthyhairremedy.net&rl=&if=false&ts=1715893257371&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4124&fbp=fb.1.1715893257367.2161980&cs_est=true&pm=1&hrl=edaf44&ler=empty&cdl=API_unavailable&it=1715893256975&coo=false&cs_cc=1&cas=4157584690959469%2C4129951490412910%2C3318519464864786%2C3378666682184840%2C2964367486939643&rqm=GET
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2819, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 21:00:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2933385093392789&ev=PageView&dl=https%3A%2F%2Fhealthyhairremedy.net&rl=&if=false&ts=1715893257371&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4124&fbp=fb.1.1715893257367.2161980&cs_est=true&pm=1&hrl=edaf44&ler=empty&cdl=API_unavailable&it=1715893256975&coo=false&cs_cc=1&cas=4157584690959469%2C4129951490412910%2C3318519464864786%2C3378666682184840%2C2964367486939643&rqm=FGET
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd617a032902e3421","source_keys":["1","2"]},{"key_piece":"0x18238f82592301ea","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 16 May 2024 21:00:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=6319, tp=-1, tpl=-1, uplat=112, ullat=0
pragma
no-cache
x-fb-debug
brfk+PmelTLIdqsheSdhibsFYlYZb0D3LW6eeM+Ex6QpNAw6wj+a/hAn+qbqSrz7U5uPSnfccIa7vUl1DOuVRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=679825000960528&ev=PageView&dl=https%3A%2F%2Fhealthyhairremedy.net&rl=&if=false&ts=1715893257373&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4124&fbp=fb.1.1715893257367.2161980&pm=1&hrl=4068cc&ler=empty&cdl=API_unavailable&it=1715893256975&coo=false&cs_cc=1&cas=25503757949237542%2C7416622341701467%2C7896078680444533&rqm=GET
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2819, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 21:00:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=679825000960528&ev=PageView&dl=https%3A%2F%2Fhealthyhairremedy.net&rl=&if=false&ts=1715893257373&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4124&fbp=fb.1.1715893257367.2161980&pm=1&hrl=4068cc&ler=empty&cdl=API_unavailable&it=1715893256975&coo=false&cs_cc=1&cas=25503757949237542%2C7416622341701467%2C7896078680444533&rqm=FGET
Requested by
Host: healthyhairremedy.net
URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7266344e86b3cac1","source_keys":["1","2"]},{"key_piece":"0x976967a714d2c2fb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 16 May 2024 21:00:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=3169, tp=-1, tpl=-1, uplat=111, ullat=1
pragma
no-cache
x-fb-debug
eIr0sAWS08+2Odoz9E+BBtiIvEPEq6CtiT02nKbVI/g565fiPbmFSGTI2kIkARrqEX+sWHXIldAicjUSC/FK5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 14:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
22673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13973
x-xss-protection
0
last-modified
Tue, 14 May 2024 04:16:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 May 2025 14:43:04 GMT
L-7KsChe9yU
www.youtube.com/embed/ Frame 40DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/L-7KsChe9yU?autoplay=1&controls=0&playsinline=1&modestbranding=1&loop=1&fs=0&mute=1&rel=0&showinfo=0&origin=https%3A%2F%2Fhealthyhairremedy.net&enablejsapi=1&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://healthyhairremedy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 21:00:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
tracking.buygoods.com/track/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=5729&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=hairrevitalx_main_1%2Chairrevitalx_main_3%2Chairrevitalx_main_6&caller_url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Requested by
Host: tracking.buygoods.com
URL: https://tracking.buygoods.com/track/?a=5729&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=hairrevitalx_main_1,hairrevitalx_main_3,hairrevitalx_main_6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3cae860f625c68580e0dded200492c14cdaf8b266013281078f7f9079f1384d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:00:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-server
WEB_6
cf-ray
884e4cdafa339743-FRA
expires
Tue, Jan 12 1999 01:01:01 GMT
favicon.png
d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d39ldsmboekjvi.cloudfront.net/images/rebrand_zl/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1600:1a:70ff:e780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
495c1a11e99bb09ab8c2936e1df212f46a520553ea8b76a4f163317f20cdbcf0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zmRJJnUqRqHWdfIvbt29rstRkyD43zkb
date
Thu, 16 May 2024 04:55:22 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 17:35:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
57937
x-amz-server-side-encryption
AES256
etag
"19492050afb0d37ee8e22e492aaa17bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10181
x-amz-cf-id
SWi4qbuVYcdXwCqUcxLBOniFXOEm3QpZmSJnznqDeDh1PJzDmmuYzw==
unip
trc-events.taboola.com/1270828/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=1500&msa=52&rv=1&tim=1715893258619&vi=1715893257061&ri=8be4d95e559325adf92666768b91d9b5&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://healthyhairremedy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://healthyhairremedy.net
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 16 May 2024 21:00:58 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1526976/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1526976/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=1500&msa=52&rv=1&tim=1715893258620&vi=1715893257061&ri=92db355678d4998a35f10050ef8f10c7&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://healthyhairremedy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://healthyhairremedy.net
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 16 May 2024 21:00:58 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1270828/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=1500&msa=52&rv=1&tim=1715893258619&vi=1715893257061&ri=8be4d95e559325adf92666768b91d9b5&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1498912/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://healthyhairremedy.net
pragma
no-cache
date
Thu, 16 May 2024 21:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1526976/log/3/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1526976/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=1500&msa=52&rv=1&tim=1715893258620&vi=1715893257061&ri=92db355678d4998a35f10050ef8f10c7&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1498912/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://healthyhairremedy.net
pragma
no-cache
date
Thu, 16 May 2024 21:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1270828/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=3000&msa=52&rv=1&tim=1715893261620&vi=1715893257061&ri=8be4d95e559325adf92666768b91d9b5&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://healthyhairremedy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://healthyhairremedy.net
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 16 May 2024 21:01:01 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1270828/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1270828/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=3000&msa=52&rv=1&tim=1715893261620&vi=1715893257061&ri=8be4d95e559325adf92666768b91d9b5&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1498912/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://healthyhairremedy.net
pragma
no-cache
date
Thu, 16 May 2024 21:01:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1526976/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1526976/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=3000&msa=52&rv=1&tim=1715893261621&vi=1715893257061&ri=92db355678d4998a35f10050ef8f10c7&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1498912/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://healthyhairremedy.net
pragma
no-cache
date
Thu, 16 May 2024 21:01:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1526976/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1526976/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=0&ssd=1&est=1715893257063&ver=36&isls=true&src=i&invt=3000&msa=52&rv=1&tim=1715893261621&vi=1715893257061&ri=92db355678d4998a35f10050ef8f10c7&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://healthyhairremedy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://healthyhairremedy.net
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 16 May 2024 21:01:01 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P7TZMNE1K2&gtm=45je45f0v9116127778za200&_p=1715893256623&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=328692057.1715893257&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715893256&sct=1&seg=0&dl=https%3A%2F%2Fhealthyhairremedy.net%2Fvsl%2F%3Fafl%3Dn%26aff_id%3D174%26subid2%3D5624_sessid20240516210339241%26subid%3D6438&dt=Zenith%20Labs%C2%AE%20-%20Official%20Website&en=scroll&ep.allowLinker=true&ep.referrer=&epn.percent_scrolled=90&_et=8&tfd=8058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7TZMNE1K2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://healthyhairremedy.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:01:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthyhairremedy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| settings_timer number| _vwo_settings_timer object| _vwo_code object| dataLayer function| gtag function| UIkit function| $ function| jQuery function| FlipClock function| Base number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css function| commonWrapper function| pushBasedCommonWrapper string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa function| fbq function| _fbq function| obApi function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_29520131a0 object| uetq object| ueto_d6aa4ccf90 object| myTracker function| onYouTubeIframeAPIReady function| apiObj function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError string| endpoint object| xhr function| payPalSubmit function| buygoodsSubmit string| mysrc object| newScript object| s function| ReadCookie object| orders object| productData boolean| proofNotificationCalled function| useProofNotification object| tag object| firstScriptTag object| player function| onPlayerReady boolean| played function| onPlayerStateChange string| ppState function| restartVideoSection number| timestamp undefined| timer function| timestamp_reached function| timestamp_callback function| stateChange function| showNextOrder boolean| USA object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_bg_html string| spi_pattern_base_bg_html string| spi_replace_str_bg_html string| spi_pattern_enc_bg_html2 string| spi_pattern_base_bg_html2 string| spi_replace_str_bg_html2 string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_pattern_enc_cbd_html string| spi_pattern_base_cbd_html string| spi_replace_str_cbd_html string| spi_replace_enc_cbd string| spi_replace_enc_cbd_html string| spi_replace_enc_bg string| spi_replace_enc_bg_html string| spi_replace_enc_bg_html2 string| spi_replace_enc_spi string| spi_track_link

27 Cookies

Domain/Path Name / Value
mwebjoy.com/ Name: __cflb
Value: 02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbVDJX2V7q48iBv
.healthyhairremedy.net/ Name: _vwo_uuid_v2
Value: DA4D7BDA7048E78C8CE14415295952A64|fe21f42505b8be88dff32c5b424a1807
.healthyhairremedy.net/ Name: _gcl_au
Value: 1.1.1919353596.1715893257
.healthyhairremedy.net/ Name: _vis_opt_s
Value: 1%7C
.healthyhairremedy.net/ Name: _vis_opt_test_cookie
Value: 1
.healthyhairremedy.net/ Name: _vwo_uuid
Value: DA4D7BDA7048E78C8CE14415295952A64
.healthyhairremedy.net/ Name: _vwo_ds
Value: 3%241715893255%3A22.40574791%3A%3A
.healthyhairremedy.net/ Name: _vwo_sn
Value: 0%3A1
.healthyhairremedy.net/ Name: _gid
Value: GA1.2.1100138018.1715893257
.healthyhairremedy.net/ Name: _gat_UA-156185630-1
Value: 1
.healthyhairremedy.net/ Name: _ga
Value: GA1.1.328692057.1715893257
.healthyhairremedy.net/ Name: _ga_P7TZMNE1K2
Value: GS1.1.1715893256.1.0.1715893257.59.0.0
.healthyhairremedy.net/ Name: _ga_VJ67Q322L9
Value: GS1.2.1715893257.1.0.1715893257.60.0.0
.healthyhairremedy.net/ Name: _uetsid
Value: 643a050013c711ef9b9e172e5051254a
.healthyhairremedy.net/ Name: _uetvid
Value: 6439e80013c711efbe13f943d7b42291
.bing.com/ Name: MUID
Value: 098ABC57C2226B24206EA8D6C3886A43
.healthyhairremedy.net/ Name: _fbp
Value: fb.1.1715893257367.2161980
.youtube.com/ Name: YSC
Value: 7odSgjKRO8w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 7cehyKaTCU8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgRQ%3D%3D
healthyhairremedy.net/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1715893257496%7D
.healthyhairremedy.net/ Name: sessid2
Value: sessid20240516210347567
.healthyhairremedy.net/ Name: spi_funnel_codename
Value:
.healthyhairremedy.net/ Name: aff_id
Value: 174
.healthyhairremedy.net/ Name: sid
Value: 6438%7C5624_sessid20240516210339241
.healthyhairremedy.net/ Name: campaign_id
Value:
.healthyhairremedy.net/ Name: referrer
Value: 217.114.218.24::healthyhairremedy.net%2Fvsl

3 Console Messages

Source Level URL
Text
other warning URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthyhairremedy.net/vsl/?afl=n&aff_id=174&subid2=5624_sessid20240516210339241&subid=6438
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/www-widgetapi.js(Line 265)
Message:
Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
bat.bing.com
buygoods.com
cdn.taboola.com
connect.facebook.net
d2ws3g38lw9quq.cloudfront.net
d39ldsmboekjvi.cloudfront.net
dev.visualwebsiteoptimizer.com
display.buygoods.com
fonts.googleapis.com
fonts.gstatic.com
gop.ercankurtulusmakina.com
healthyhairremedy.net
mwebjoy.com
pro.ip-api.com
region1.analytics.google.com
stats.g.doubleclick.net
tr.outbrain.com
tracking.buygoods.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.buygoods.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
141.226.228.48
142.250.185.104
142.250.185.99
151.101.1.44
157.240.252.13
172.66.43.115
172.67.172.158
2001:4860:4802:34::36
216.239.32.36
216.58.212.132
23.35.237.86
2600:9000:2251:5200:9:2e71:c80:21
2600:9000:266e:1600:1a:70ff:e780:21
2620:1ec:c11::237
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:828::200a
2a00:1450:400c:c1d::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.96.102.137
43.231.127.148
51.77.64.70
70.42.32.159
090d2fd1504854c370861d9ca7215ee388ccf70e633f4fd5e00983b6454557d1
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
108d9e7298999653ca91442ae0396224b6658442ed6a8117c52c8bc85a16600d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e4fa247a4f2b1ffbf0f6d92503546806db9d67a1dd0ffe9ca72288540ce6dc6
24992519a1f4a96fa057a68859b14efbecbc41391945d9e215aa2cb415308c48
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a77ad74e821491afe452cce9ebed392729fc07bf05df49c061181fc11be861
2bdadeeded03f8aa0511377b76f22a6aecb26a2629e9b6bc93767559d291b7a6
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
30f0a6dcfc7aeed517d2e510acae37c717618afe13aa25d44cebfec083e773f1
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
3909c0a28fca11a01833ed0528ac71d77c026407ea8eeb75dbba5f17ee219bf9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dbb039e180d3dc8802c7f1371a199f3dd6278e279619ce210b51134fce657ac
3dffb4e785c91b2f124ce06257852c73f18c3ba9b5b4a44f6b78ea826ab1afa7
3f10ecc5415960c95adfa226f697230b4c394476cb99ef60c8a6f1519aa2ecec
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
43e7f9477e89955f4bf43011b44a0848497516f456b925e365932ac823bdb5d2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46f2b6be023390e5a23b1cb7e5015c4fbcdb7046bcb11cf5da4ac52ab1b8b6f8
495c1a11e99bb09ab8c2936e1df212f46a520553ea8b76a4f163317f20cdbcf0
4de62b285cea65607259be7b6c22b9bc0c382f2f66124a4406cc8ccfd88dd7b3
4f2f4bb52429ce2bbe04f32c60fd6f6ff9f0a785bf9abb0d3e5529504f247d38
4fe70289912b551dcd49191cf550309efaef6a799b3012f334d57ecb972cd8d6
52c315a5093af805f89921e22ea041688022f083a56c808dd8b0b93440a35521
56e5e18206e127f8d8d9a3ca95e9af51f42117e6b702bc934676d66793412e8e
6b353efebc43f7579e78f83cef4472df7e04517cf4faf8243f96b18c933109d1
6ea9a1fb0d0384e3a3212ca128b2f9de8eceb81d7f194aced3578fdee62a3601
6f09073baac76940beea7a4be1dce14bce19a9065e54b86169fbf197afa467f5
6fd23efa68e8739f06305931263912a99eed2cf3b30c1460c6e109f8fa17bc5a
72e81ba0f829df84c85cdb9e0d9dd68b20daca7aed9790a80b64542850fe2b1e
7589d42786cb69acd07ffa01b3dde676938476caa8fd4defe8ee5b7dae7e653e
77371126b331025a507843402310f40c6b0dce51f8bb310cf06c450a4ed8bf7b
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82565e886642bc572a103a792ae4005b86cd826ec619ffc77accae4ee066cc4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83dfb292b3e43111f05cee70af215b030d32102fdb2c50296a394c1fa6748753
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855d11cc202f0ab351c9419ef7d5833d86cb7fd5561acc86a787593a7b2cb6b7
96611c86bbcd61edf21cf394fe9ad795ddc66a5583dd3cf423086aeb18e9d348
973c012bac2d0eab4886cb17d37a5a3bc2ed15cfc58a17920231907d77f363c5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aae4ec70a71dbda1e451256e29108a3a20297fcc06b9847cd3da6a555758eb34
abca43c56895c3dc37a5a00b7e8a6da9f0a045fb2174cf48224c5d04171e90e8
aca3c908d9d8470bff8853cac25c829d799894a10ed9e81b8ed19b8023194f48
b021f19b104cf1dd2e287a451b881933479d76a1d8aec39fa9431da686e52c0d
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
b1cab92f3ee02a959a0d484ea912ee75bc12bd12df8ab8cef73e9748c8ae552c
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8b975ffdb5609126f4c582ffa7de664b8b476cb6f9094368a28de69ffbe4334
bb73bb50cf7c12e60cee353f04727d5e48e6b99c39c2066a4810b657e42d458a
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
be33223281d7b724c93b9aae292011a042174638f5f280c58c180141f564c977
bfbe72f321220ea4b600ab73c30c7115a536f7afd79a1131ebb61ca161f7df43
c4222250083b9878e490547c6a202700541719f711e90931de56896729eacd8a
c43a65572b6750682a663c57f8bfaf84aec926c1c4863a7fed97f1354b56bad4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb09212005b9d15376671ef6b56a8985297927adc731747dee5eca2f8295f4f4
cd35895a229240d844c290caa4abd13f68e22df70361568ae686bd740b5c3c43
d3cae860f625c68580e0dded200492c14cdaf8b266013281078f7f9079f1384d
db1ac9b038d74d08bb0d5fa2cf6f00626acf8556d68581e2583e7bd9ce13b49f
dc991c28f3f63f970b4645eda1740fe71d7c93ed532637b0bb9d6afeaf27c955
dcebda4e594aeb6a23baf0e3f3eae865ea2478b37cefddf200b5f6f09e601a51
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e148b9caa1baa363a945b1368c3a2397763ab67d76445f5295a9f90e48774a32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a3dd0c60bfddc06cb8dfc6f27b051e89e83df75cc96bae75a8c9a675da9c47
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef887236c76fd7bdc9569ebcb6ef29cdc26665cf434ddbe2f53bd0a951c82e13
fea8586fabe06391eba5a467c0c6d98bee9b790b304b6f4e5062fbab84ed0ef2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e