urlscan.io logo urlscan.io
SecurityTrails logo

ramonshairstyling.esalon.site Open in urlscan Pro
94.199.206.23  Public Scan

Go To Rescan Add Verdict Report
URL: https://ramonshairstyling.esalon.site/
Submission: On January 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 27 HTTP transactions. The main IP is 94.199.206.23, located in Istanbul, Turkey and belongs to AEROTEK-AS, TR. The main domain is ramonshairstyling.esalon.site.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time ramonshairstyling.esalon.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    94.199.206.23 (Istanbul, Turkey)

ASN42807 (AEROTEK-AS, TR)
PTR: srvc21.turhost.com
ramonshairstyling.esalon.site
esalon.site
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:eb0a (United States)

ASN13335 (CLOUDFLARENET, US)
images.pexels.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
12    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Apex Domain
Subdomains		 Transfer
12 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
214 KB
6 esalon.site
ramonshairstyling.esalon.site
esalon.site
66 KB
2 gstatic.com
maps.gstatic.com
61 KB
2 google.com
maps.google.com — Cisco Umbrella Rank: 2245
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
82 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
263 B
1 pexels.com
images.pexels.com — Cisco Umbrella Rank: 36559
36 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
27 8
Domain Requested by
12 maps.googleapis.com www.google.com
maps.googleapis.com
5 esalon.site ramonshairstyling.esalon.site
2 maps.gstatic.com www.google.com
2 cdnjs.cloudflare.com ramonshairstyling.esalon.site
cdnjs.cloudflare.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.com ramonshairstyling.esalon.site
1 maps.google.com 1 redirects
1 images.pexels.com ramonshairstyling.esalon.site
1 www.googletagmanager.com ramonshairstyling.esalon.site
1 ramonshairstyling.esalon.site
27 10

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
*.site.italianfashionstore.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
images.pexels.com
E1		 2024-01-02 -
2024-04-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ramonshairstyling.esalon.site/
Frame ID: E4ABEF7E2771AC601E77F88059DEA5FB
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
Frame ID: CD6EED086C4C9AE9AF2620DB604FC03A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ramon’s Hair Styling

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

96 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

554 kB
Transfer

1699 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://maps.google.com/maps?q=Ramon%27s%20Hair%20Styling%20831%20E%20Covina%20Blvd,%20Covina,%20CA%20%2091722,%20United%20States&t=&z=13&ie=UTF8&iwloc=&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ramonshairstyling.esalon.site/ 		102 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/ PHP/7.2.34
Resource Hash
b3cc8fec10fcfacd908ce124703bad688a6a77120c2210d7c87016864a8c660b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 22:19:28 GMT
link
<https://esalon.site/wp-json/>; rel="https://api.w.org/" <https://esalon.site/wp-json/wp/v2/posts/1568>; rel="alternate"; type="application/json" <https://esalon.site/?p=1568>; rel=shortlink
vary
Accept-Encoding
x-pingback
https://esalon.site/xmlrpc.php
x-powered-by
PHP/7.2.34
main.min.css
esalon.site/wp-content/themes/astra/assets/css/minified/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esalon.site/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.6.2
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/
Resource Hash
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:28 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 11:54:16 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 22:19:28 GMT
de857d2d-3d34-4398-ab00-4ddd425ecf35
https://ramonshairstyling.esalon.site/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ramonshairstyling.esalon.site/de857d2d-3d34-4398-ab00-4ddd425ecf35
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
style.min.css
esalon.site/wp-includes/css/dist/block-library/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esalon.site/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:28 GMT
content-encoding
br
last-modified
Sun, 05 Nov 2023 22:10:32 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 22:19:28 GMT
style.css
esalon.site/wp-content/themes/astra-child/ 		1 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esalon.site/wp-content/themes/astra-child/style.css?ver=1.0.0
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/
Resource Hash
bd610140c3b0c79fdc730b65ebfbb7f8f9b24f44e9e4c6f6bd9d9e8dc395cc88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:28 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 12:07:11 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 22:19:28 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HLBH4QDDY7
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec84f909dd90b1206dc46c2892fb41efeeaff0a7b428a2a85558c2bf9f3e4763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93464
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 22:19:29 GMT
pexels-photo-219550.jpeg
images.pexels.com/photos/219550/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/219550/pexels-photo-219550.jpeg?auto=compress&cs=tinysrgb&dpr=1&w=500
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fb4485e663d965d833b5ecb1f6e5043d081142f264c649358d0f602e82dbc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
4086614
cf-polished
status=not_needed
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
x-imgix-id
a2a739270e5763d78cfddd0876fb0d84828604f6
alt-svc
h3=":443"; ma=86400
content-length
36103
x-served-by
cache-sjc10054-SJC, cache-fra-eddf8230064-FRA
x-imgix-render-farm
01.140328
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Nov 2023 17:20:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8471fae50a3d1a86-FRA
expires
Thu, 16 Jan 2025 22:19:29 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
782269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn8RQQmGT2zamvkfPSu8maqQYSj9XpfZBgMVn43o9Wc%2B2Skq8i4XGVBwm7wDAWPWYyo%2FUxVwj7TStNn09ujAUuDzRBdxFQLLDmRlGJ4h0dWpAfp9K1KIy0EjircJkT5mVFZN1LN5eC1bHA5Hx9iIxxbh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8471fae4fa3935e0-FRA
expires
Mon, 06 Jan 2025 22:19:29 GMT
frontend.min.js
esalon.site/wp-content/themes/astra/assets/js/minified/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esalon.site/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.2
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/
Resource Hash
00cfed1d7680f3a3435bf24ed4286fa745c0b33d78f5f169e6fcf94852b93589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:28 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 11:54:16 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 22:19:28 GMT
embed
www.google.com/maps/ Frame CD6E
Redirect Chain
  • https://maps.google.com/maps?q=Ramon%27s%20Hair%20Styling%20831%20E%20Covina%20Blvd,%20Covina,%20CA%20%2091722,%20United%20States&t=&z=13&ie=UTF8&iwloc=&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
9a29136f4cd125c89b688c76146c1ab3d9ac59ffa9d3d4b6d86650a48cad7a36
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-yz0aefwGm6iRgWsylZ880g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ramonshairstyling.esalon.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1224
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-yz0aefwGm6iRgWsylZ880g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 22:19:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 Jan 2024 22:19:29 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://ramonshairstyling.esalon.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2420547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksibItssl5Yf9n%2Fgc4LvjyidakWoZkrGlSljksrrggCP%2FA38DfVI%2BEFQ244dexv40ROdj%2FGmKVQxD54%2FPJCqcMPiWss2RmXFmAJHF2YXElGMick4vdimrcITUFniwWU8gl0zyCFq%2FWfZZdu2DyItVpWw"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8471fae6ae7e2bba-FRA
expires
Mon, 06 Jan 2025 22:19:29 GMT
wp-emoji-release.min.js
esalon.site/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esalon.site/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: ramonshairstyling.esalon.site
URL: https://ramonshairstyling.esalon.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.199.206.23 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srvc21.turhost.com
Software
/
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:29 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 03:23:26 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 22:19:29 GMT
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HLBH4QDDY7&gtm=45je41a0v9174698596&_p=1705529969620&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1480448829.1705529970&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705529969&sct=1&seg=0&dl=https%3A%2F%2Framonshairstyling.esalon.site%2F&dt=Ramon%E2%80%99s%20Hair%20Styling&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2261
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HLBH4QDDY7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ramonshairstyling.esalon.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 22:19:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ramonshairstyling.esalon.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
maps.googleapis.com/maps/api/ Frame CD6E 		187 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
fc034d781f62c323e74fdaa4e6765d473f571015d611b55af4e898b98652f899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65707
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame CD6E 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/55/8/intl/de_ALL/ Frame CD6E 		228 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/55/8/intl/de_ALL/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sRamon%27s+Hair+Styling+831+E+Covina+Blvd,+Covina,+CA++91722,+United+States!6i13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8307a1d7dc8cfe09cc3e9bae89982fe50c8374af9f97b3c6d003b0bc2aef38a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61608
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		254 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
164d15cdca2f2f3758901f93b7a091fd59243933e7452f381bf3417cba9f9333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56627
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
042d8a79615c4ced0b3297a2b63e948c8c9e0ee3d2fefebbc876e2075326ecb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55739
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
890fb105ccb4e10a24d6d3a156eaa6fcc3521928a08ad998d267c6d8f2d35e47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24020
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8799c68c3184b9bab6d0f0b745087ca5ed558b44099fc2897f02b18399a88376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1291
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
truncated
/ Frame CD6E 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
onion.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90c5820dc62a52dca6cd6cb2c46284c0ceeee5fcfba37651b3bb12186ce9108c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9039
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/ Frame CD6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9399c9be5b0d5f338c8eeea5f18a09e759abbf1bb3a848414d9f7cd23d8e138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1255
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 00:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 18:31:05 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame CD6E 		326 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:19:30 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 17 Jan 2024 22:19:30 GMT
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame CD6E 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
a07110b5a13918d03c429ed0bb87824559b213b4344e7a82138999cb3c2aa75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
google-maps-embed
Referer
https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature
53251
X-Goog-Maps-API-Salt
XBcc0oWEkK

Response headers

date
Wed, 17 Jan 2024 22:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4431
x-xss-protection
0
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.google.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 Jan 2024 22:19:30 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame CD6E 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m2&1e0&5e0&8b1&callback=_xdc_._ekfok2&client=google-maps-embed&token=98115
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 22:19:31 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame CD6E 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sicic6h&10e1&11b1&callback=_xdc_._1lwxga&client=google-maps-embed&token=123567
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/8/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
c1f086a0480d54173836dc81c8eac1aecdbe066e99403a17fd1f7c3863c30c92
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 22:19:31 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings function| gtag object| dataLayer object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| twemoji object| wp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| link number| len

3 Cookies

Domain/Path Name / Value
.pexels.com/ Name: __cf_bm
Value: Pr9u7lXMbD5U7F1l_7cz2AwTn0LxQwp.5_TLGIIwmJE-1705529969-1-AY9o81EACmeOSlOsLxb8QeQJOOMuxGqTz1rZ+QYAzOX5uBjm4hfOKIWE/U9mj/mZIZQmm1lwkqSKSvkQhWN6neY=
.esalon.site/ Name: _ga_HLBH4QDDY7
Value: GS1.1.1705529969.1.0.1705529969.0.0.0
.esalon.site/ Name: _ga
Value: GA1.1.1480448829.1705529970

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
esalon.site
images.pexels.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
ramonshairstyling.esalon.site
region1.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700::6810:eb0a
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:830::2008
94.199.206.23
00cfed1d7680f3a3435bf24ed4286fa745c0b33d78f5f169e6fcf94852b93589
042d8a79615c4ced0b3297a2b63e948c8c9e0ee3d2fefebbc876e2075326ecb0
164d15cdca2f2f3758901f93b7a091fd59243933e7452f381bf3417cba9f9333
17fb4485e663d965d833b5ecb1f6e5043d081142f264c649358d0f602e82dbc9
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8307a1d7dc8cfe09cc3e9bae89982fe50c8374af9f97b3c6d003b0bc2aef38a5
8799c68c3184b9bab6d0f0b745087ca5ed558b44099fc2897f02b18399a88376
890fb105ccb4e10a24d6d3a156eaa6fcc3521928a08ad998d267c6d8f2d35e47
90c5820dc62a52dca6cd6cb2c46284c0ceeee5fcfba37651b3bb12186ce9108c
9a29136f4cd125c89b688c76146c1ab3d9ac59ffa9d3d4b6d86650a48cad7a36
a07110b5a13918d03c429ed0bb87824559b213b4344e7a82138999cb3c2aa75f
a9399c9be5b0d5f338c8eeea5f18a09e759abbf1bb3a848414d9f7cd23d8e138
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b3cc8fec10fcfacd908ce124703bad688a6a77120c2210d7c87016864a8c660b
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b
bd610140c3b0c79fdc730b65ebfbb7f8f9b24f44e9e4c6f6bd9d9e8dc395cc88
c1f086a0480d54173836dc81c8eac1aecdbe066e99403a17fd1f7c3863c30c92
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf87c70971a8be7304fb9d4b2b2c848ee8388354f2e385982223b7eea53b341
ec84f909dd90b1206dc46c2892fb41efeeaff0a7b428a2a85558c2bf9f3e4763
fc034d781f62c323e74fdaa4e6765d473f571015d611b55af4e898b98652f899