urlscan.io logo urlscan.io
SecurityTrails logo

www.haircode.com Open in urlscan Pro
104.210.6.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.haircode.com/
Effective URL: https://www.haircode.com/
Submission: On May 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 104.210.6.2, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is www.haircode.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 22nd 2018. Valid for: 2 years.
This is the only time www.haircode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 104.210.6.2 8075 (MICROSOFT...)
1 2600:9000:20b... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.68.162.1 16509 (AMAZON-02)
8 2606:2800:133... 15133 (EDGECAST)
1 104.208.128.30 8075 (MICROSOFT...)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 151.101.2.133 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
43 12
14    104.210.6.2 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
www.haircode.com
1    2600:9000:20bb:d800:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.agkn.com
2    2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    54.68.162.1 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-68-162-1.us-west-2.compute.amazonaws.com
d.agkn.com
8    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
haircodeassetsprod.azureedge.net
1    104.208.128.30 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
haircodestorageprod.blob.core.windows.net
6    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c09::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
script.crazyegg.com
6    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static.klaviyo.com
fast.a.klaviyo.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
14 www.haircode.com 1 redirects www.haircode.com
8 haircodeassetsprod.azureedge.net www.haircode.com
6 www.google-analytics.com 1 redirects www.haircode.com
www.google-analytics.com
3 fast.a.klaviyo.com static.klaviyo.com
3 static.klaviyo.com www.googletagmanager.com
static.klaviyo.com
3 connect.facebook.net www.haircode.com
connect.facebook.net
2 www.googletagmanager.com www.haircode.com
1 www.facebook.com
1 script.crazyegg.com www.googletagmanager.com
1 stats.g.doubleclick.net
1 haircodestorageprod.blob.core.windows.net www.haircode.com
1 d.agkn.com js.agkn.com
1 js.agkn.com www.haircode.com
43 13

This site contains links to these domains. Also see Links.

Domain
www.pg.com
info.evidon.com
Subject Issuer Validity Valid
haircode.com
Entrust Certification Authority - L1K		 2018-08-22 -
2020-09-22		 2 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2018-06-21 -
2020-09-16		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 5		 2017-11-08 -
2019-11-08		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-03-08 -
2019-06-06		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-20 -
2019-09-18		 9 months crt.sh
fast.a.klaviyo.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2020-10-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.haircode.com/
Frame ID: 202CED2529861A99094044CCC5BCE153
Requests: 42 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=948831448&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.haircode.com%2F&bpid=firstp&c=%7B%22bpid%22%3A%22firstp%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.haircode.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 0895CA264E9E61D69AC5E30B1F160634
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.haircode.com/ HTTP 301
    https://www.haircode.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^CE2$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

43
Requests

100 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1112 kB
Transfer

2947 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.haircode.com/ HTTP 301
    https://www.haircode.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1888727903&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haircode.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20HairCode&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAAEIhB~&jid=332698667&gjid=692360852&cid=666101675.1557414510&uid=NULL&tid=UA-127529259-1&_gid=2027478711.1557414510&_r=1&cd31=(not%20set)&cd32=(not%20set)&cd33=(not%20set)&cd34=(not%20set)&cd35=(not%20set)&cd36=(not%20set)&cd37=(not%20set)&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd41=(not%20set)&cd42=(not%20set)&cd43=(not%20set)&cd48=(not%20set)&cd46=Premium&cd50=666101675.1557414510&z=1287322060 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-127529259-1&cid=666101675.1557414510&jid=332698667&uid=NULL&_gid=2027478711.1557414510&gjid=692360852&_v=j73&z=1287322060

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.haircode.com/
Redirect Chain
  • http://www.haircode.com/
  • https://www.haircode.com/
261 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
(dcb/7EDB) / ASP.NET
Resource Hash
0ace2ffb5050b7701c38dddd437f40d3507aba24571e794c8a470f9757f181d9
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://gsp.target.com/gsp/authorizations/v1/client_tokens https://haircodeprod.azureedge.net/ https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://fonts.gstatic.com/ 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.haircode.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
no-store, no-cache
pragma
no-cache
content-type
text/html
content-encoding
gzip
content-md5
gFQtTEU9v7l0pPL4Cnx7Wg==
last-modified
Wed, 01 May 2019 18:20:30 GMT
etag
"0x8D6CE61B1848BAA+gzip"
vary
Accept-Encoding
server
(dcb/7EDB)
x-cache
HIT
x-ms-error-code
ConditionNotMet
x-ms-request-id
90aa703a-601e-00d0-28cd-0509f6000000
x-ms-version
2018-03-28
x-content-type-options
nosniff
strict-transport-security
max-age=8995000; includeSubdomains
x-xss-protection
1
x-frame-options
DENY
referrer-policy
no-referrer
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://gsp.target.com/gsp/authorizations/v1/client_tokens https://haircodeprod.azureedge.net/ https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://fonts.gstatic.com/ 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
x-powered-by
ASP.NET
date
Thu, 09 May 2019 15:08:16 GMT
content-length
47906

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.haircode.com/
Server
Microsoft-IIS/10.0
Date
Thu, 09 May 2019 15:08:16 GMT
Content-Length
148
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:d800:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 00:45:08 GMT
via
1.1 e77255787d333d7481d3de3a89fb3ee2.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 22:35:38 GMT
server
AmazonS3
age
132100
etag
"a5442c681a576408c25edbf365995343"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3167
x-amz-cf-id
zQywytm8gXV0ws4HwaTtkeKEaCq4LVhNeFLpvyKH0ZygzCPtW7Ljbg==
gtm.js
www.googletagmanager.com/ 		422 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW4NS3V
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
5f6e7da89e5b3b6a6d0d02c0f79343d5f3d271a005784ea83b1f6acd18b3168f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:16 GMT
content-encoding
br
last-modified
Wed, 08 May 2019 18:26:02 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
71919
x-xss-protection
0
expires
Thu, 09 May 2019 15:08:16 GMT
Cookie set /
d.agkn.com/iframe/8613/ Frame 0895 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=948831448&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.haircode.com%2F&bpid=firstp&c=%7B%22bpid%22%3A%22firstp%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.haircode.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.162.1 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-68-162-1.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 May 2019 15:08:17 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AhhT%2BgFu3N4rtuukIHTWKfddlwppQm8Q2;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkZv7hJGb-4QAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length
481
Connection
keep-alive
webpack-runtime-dfe2f591a1057b6d9bb1.js
www.haircode.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/webpack-runtime-dfe2f591a1057b6d9bb1.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
a8f86564d1ed665d263b9314e014b2c7c650b2d7379348a702d1142744acf301
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gXylYoVcNw0CEJWjsVFj+w==
x-powered-by
ASP.NET
status
200
content-length
2400
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
01722cfa-e01e-00ca-1e79-062699000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B1B740CD"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
app-877a451ed8b2b549b2ab.js
www.haircode.com/ 		196 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/app-877a451ed8b2b549b2ab.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
3e19879e75af02c35d4c5cba0fab653b2fe1526e56281e92bfbe3806ce895741
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zadd8ZmPLII2B5B20jBbDQ==
x-powered-by
ASP.NET
status
200
content-length
80663
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
0e12ce41-801e-0112-2d79-06c71d000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B13EE623"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
styles-4e1865bea3aca28040e6.js
www.haircode.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/styles-4e1865bea3aca28040e6.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
4ebbf57572553c23d28479d9d0f9b675358c991797efa4dae62c6da594a77ea3
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DD4DU2aoeKlnE+fcyT+avQ==
x-powered-by
ASP.NET
status
200
content-length
360
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
0e12ce58-801e-0112-4079-06c71d000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B1992A1D"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
1-1591006ccb913d0b532a.js
www.haircode.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/1-1591006ccb913d0b532a.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
657144fda62849fbc6699a950005fe816a0e303df7f1b270a4566aaed1c4b873
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GCJOE2jTLNTeyJrP8JX3qA==
x-powered-by
ASP.NET
status
200
content-length
7722
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:29 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
77116365-f01e-011d-0379-062aeb000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B100BC8A"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
2-1891912a1d7aa896ab4d.js
www.haircode.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/2-1891912a1d7aa896ab4d.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
78428537daa3c765bec67357b3090ffc33df8caa1bc238b77fc1bc6e6621886c
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hVH2gg5XkY2cXht4CG0yKQ==
x-powered-by
ASP.NET
status
200
content-length
10113
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:29 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
cd9d6409-f01e-003b-4e79-06f70a000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B10726B7"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
component---src-pages-helpers-carousel-jsx-4c9a450b4c3fd929568d.js
www.haircode.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/component---src-pages-helpers-carousel-jsx-4c9a450b4c3fd929568d.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
70af321c9f9ff240c092c1cf8f0f0f56fe55be082b02b46235aee5392ea04330
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fKScYsxkmtBH1XCDjHIUFQ==
x-powered-by
ASP.NET
status
200
content-length
17853
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
7711635e-f01e-011d-7d79-062aeb000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B14CA523"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
component---src-pages-index-jsx-b635f053cea236fc26ac.js
www.haircode.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/component---src-pages-index-jsx-b635f053cea236fc26ac.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
c1b93ddf9a37817fa21a1bfcb955af209a626e6e9afc0eaf4012088a52cbfb41
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hINKi8gv7oTEBboDXbKVxA==
x-powered-by
ASP.NET
status
200
content-length
3305
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
bedb3d1a-601e-0058-3f79-06b12f000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B16F29B1"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json
www.haircode.com/static/d/140/ 		55 B
486 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/static/d/140/path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
b6de95067f387a7502caf98cc87da9fac659f401596c3d616c0d7087fe30978b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.haircode.com

Response headers

date
Thu, 09 May 2019 15:08:16 GMT
content-encoding
gzip
content-md5
AglEA3mc/p0hb1HeBtANYw==
x-powered-by
ASP.NET
status
200
content-length
166
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:32 GMT
server
Microsoft-HTTPAPI/2.0
etag
"0x8D6CE61B288CDAF"
vary
Origin,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.haircode.com
x-ms-request-id
0f495381-901e-00e7-1379-06a559000000
access-control-expose-headers
Date,Content-Length,Content-Type,Content-MD5,Last-Modified,Accept-Ranges,ETag,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
accept-ranges
bytes
expires
-1
HairCode.png
haircodeassetsprod.azureedge.net/images/Branding/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/images/Branding/HairCode.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F1F) /
Resource Hash
2f2081f10aad31ddc35fec51736895f404c847a0554c5c6f993b544b174941d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:17 GMT
last-modified
Fri, 25 Jan 2019 15:04:06 GMT
server
ECAcc (frc/8F1F)
content-md5
J0dDN/ZogXH2TDhdCKR79A==
etag
0x8D682D65A34FF58
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
8666daea-d01e-0123-2a7d-059cca000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
12523
Curly.png
haircodeassetsprod.azureedge.net/icons/HairTypeIcons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/icons/HairTypeIcons/Curly.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F08) /
Resource Hash
ae2acc3be1692b3d67ec4b036cdfab9e13c66f14a14fa68028663a623d6d227f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:17 GMT
last-modified
Tue, 16 Oct 2018 17:44:44 GMT
server
ECAcc (frc/8F08)
content-md5
eO23Gu57r9evgChTNJCLDQ==
etag
0x8D6338F0EC53D3A
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
37330a03-401e-0083-7e1f-0415f9000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
8255
4b.png
haircodeassetsprod.azureedge.net/images/HairSegmentImages/hairType/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/images/HairSegmentImages/hairType/4b.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FE3) /
Resource Hash
9b130166cc68386240352401a50499a3b08a93517c698fb1f42cc6c7505e366a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:20 GMT
last-modified
Fri, 07 Sep 2018 15:58:01 GMT
server
ECAcc (frc/8FE3)
content-md5
SVSp7hytyguBNmKF702zhg==
etag
0x8D614DAB0258A1E
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
48848368-c01e-0033-1b7d-05ec79000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
19113
2h.png
haircodeassetsprod.azureedge.net/images/HairSegmentImages/cuticleHealth/coily/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/images/HairSegmentImages/cuticleHealth/coily/2h.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F84) /
Resource Hash
25f5ab25f8b59bcb153482e211fa4d72b5ac5991dc36650c2eb5807620af60bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:15 GMT
last-modified
Wed, 23 Jan 2019 19:43:07 GMT
server
ECAcc (frc/8F84)
content-md5
/dVraJMICE0YgurAw9NX2g==
etag
0x8D6816AFFEC67CC
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
a000be2a-f01e-00fc-137d-058bcb000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17761
5s.png
haircodeassetsprod.azureedge.net/images/HairSegmentImages/scalpConcern/coily/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/images/HairSegmentImages/scalpConcern/coily/5s.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F8E) /
Resource Hash
b51d144a37ede15337130f8cb10b0d539c7a626c718ee886f0654ae3b53738a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:10 GMT
last-modified
Wed, 23 Jan 2019 19:43:39 GMT
server
ECAcc (frc/8F8E)
content-md5
rsHiyT+SFrLcW1PuvfjQTA==
etag
0x8D6816B12AF8639
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
1f9aa17e-c01e-00ff-7c7d-0588cc000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
18592
Hot%20Tools.png
haircodeassetsprod.azureedge.net/quizicons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/quizicons/Hot%20Tools.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FE4) /
Resource Hash
78607bf9395b3b3ec04502d868b50a90a9ac13ad3871b927509bc853713a3834

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:17 GMT
last-modified
Thu, 07 Feb 2019 19:42:25 GMT
server
ECAcc (frc/8FE4)
content-md5
XFVthz/gqxYOqzzfoiIRbg==
etag
0x8D68D3462C9A627
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
14e1468b-c01e-0033-3a83-03ec79000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3933
Apricot.png
haircodeassetsprod.azureedge.net/quizicons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/quizicons/Apricot.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F74) /
Resource Hash
35cc5b6c6a5d2b6d9be5fc6f95536166152a9dd2a7673b59bf79f39cdbfb60f1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:45 GMT
last-modified
Thu, 07 Feb 2019 19:42:24 GMT
server
ECAcc (frc/8F74)
content-md5
dplpisGgTMxNwa6wjI7cJw==
etag
0x8D68D34620D7CE4
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
89a4be2a-601e-0053-417d-05a95b000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2727
Swimming.png
haircodeassetsprod.azureedge.net/quizicons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodeassetsprod.azureedge.net/quizicons/Swimming.png
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F23) /
Resource Hash
1cc60bd271903e7d04526d51917c03ce33d6f8142fbda8d3f25d094ba53512da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 May 2019 15:08:56 GMT
last-modified
Thu, 07 Feb 2019 19:42:27 GMT
server
ECAcc (frc/8F23)
content-md5
NQ+WCzvZ5SLyWKgIrSUVAA==
etag
0x8D68D3463C88D66
x-cache
HIT
content-type
image/png
status
200
x-ms-request-id
8b084292-501e-0050-0f7d-05aa5c000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2010
desktop-splash.jpg
haircodestorageprod.blob.core.windows.net/assets/images/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haircodestorageprod.blob.core.windows.net/assets/images/desktop-splash.jpg
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.208.128.30 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d2844c2a46f08552149e00d7a77eb18fc6ef43a44b4b44d34a38dbb0404b8cfd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 09 May 2019 15:08:16 GMT
Last-Modified
Mon, 29 Apr 2019 21:53:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
U+KpS/KyJ2WzbccjCTm0kQ==
ETag
0x8D6CCED1572A0FB
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
38385966-401e-00a1-2579-067bcf000000
x-ms-version
2009-09-19
Content-Length
197499
AvenirNextLTPro-Regular-ba80b4a358c299c04f75b030950ecaa5.woff2
www.haircode.com/static/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/static/AvenirNextLTPro-Regular-ba80b4a358c299c04f75b030950ecaa5.woff2
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
795ce5bb3194328f6fdd5baa32b55a783b7f11d0055dd1ae7652a4020af3ca81

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.haircode.com

Response headers

date
Thu, 09 May 2019 15:08:16 GMT
content-md5
uoC0o1jCmcBPdbAwlQ7KpQ==
x-powered-by
ASP.NET
status
200
content-length
29960
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:31 GMT
server
Microsoft-HTTPAPI/2.0
etag
"0x8D6CE61B22894DC"
vary
Origin
content-type
application/octet-stream
access-control-allow-origin
https://www.haircode.com
x-ms-request-id
01722d14-e01e-00ca-3679-062699000000
access-control-expose-headers
Date,Content-Length,Content-Type,Content-MD5,Last-Modified,Accept-Ranges,ETag,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
accept-ranges
bytes
expires
-1
AvenirNextLTPro-Bold-91d8ff8ac25f51073a577408ae9cec86.otf
www.haircode.com/static/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/static/AvenirNextLTPro-Bold-91d8ff8ac25f51073a577408ae9cec86.otf
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
1b35300a2a0d53f458f42d6ab474c3e0b3370dd57558b5d1bbb4ee65727e0cf3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.haircode.com

Response headers

date
Thu, 09 May 2019 15:08:16 GMT
content-md5
kdj/isJfUQc6V3QIrpzshg==
x-powered-by
ASP.NET
status
200
content-length
69772
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:31 GMT
server
Microsoft-HTTPAPI/2.0
etag
"0x8D6CE61B21F1CA8"
vary
Origin
content-type
application/x-font-otf
access-control-allow-origin
https://www.haircode.com
x-ms-request-id
7711636c-f01e-011d-0a79-062aeb000000
access-control-expose-headers
Date,Content-Length,Content-Type,Content-MD5,Last-Modified,Accept-Ranges,ETag,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
accept-ranges
bytes
expires
-1
fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2
www.haircode.com/static/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/static/fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.haircode.com

Response headers

date
Thu, 09 May 2019 15:08:16 GMT
content-md5
r3rlBanu1QP4uOaYIDaHPg==
x-powered-by
ASP.NET
status
200
content-length
77160
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:31 GMT
server
Microsoft-HTTPAPI/2.0
etag
"0x8D6CE61B244D65A"
vary
Origin
content-type
application/octet-stream
access-control-allow-origin
https://www.haircode.com
x-ms-request-id
0f49538d-901e-00e7-1d79-06a559000000
access-control-expose-headers
Date,Content-Length,Content-Type,Content-MD5,Last-Modified,Accept-Ranges,ETag,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
accept-ranges
bytes
expires
-1
pages-manifest-d69d42db6e4a69f98d04.js
www.haircode.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haircode.com/pages-manifest-d69d42db6e4a69f98d04.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/webpack-runtime-dfe2f591a1057b6d9bb1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.210.6.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 / ASP.NET
Resource Hash
b860b209b15e67fb2e35bf4c610fec4a6e15a7af40987cfd10598aab091a67b4
Security Headers
Name Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=8995000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DNewI1bUSuLt0gcg0EpYYA==
x-powered-by
ASP.NET
status
200
content-length
953
x-xss-protection
1
pragma
no-cache
last-modified
Wed, 01 May 2019 18:20:30 GMT
server
Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Thu, 09 May 2019 15:08:16 GMT
vary
Origin,Accept-Encoding
content-type
application/javascript
x-ms-request-id
77116390-f01e-011d-2a79-062aeb000000
cache-control
no-store, no-cache
x-ms-version
2018-03-28
etag
"0x8D6CE61B18F1587"
content-security-policy
default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://haircodestorageprod.z20.web.core.windows.net https://fonts.gstatic.com/ https://haircode-functions-prod.azurewebsites.net 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5761
date
Thu, 09 May 2019 13:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Thu, 09 May 2019 15:32:29 GMT
gtm.js
www.googletagmanager.com/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T37W4CG
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
991f0f700271f9bc76e6219338edd4602cd99465d4fa68659bdf2a2ad3b74b7e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
content-encoding
br
last-modified
Wed, 08 May 2019 18:26:02 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22840
x-xss-protection
0
expires
Thu, 09 May 2019 15:08:30 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 14:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3282
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
0
expires
Thu, 09 May 2019 15:13:48 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1888727903&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haircode.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20HairCode&sd=24-bit&sr=1600x1200&vp=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-127529259-1&cid=666101675.1557414510&jid=332698667&uid=NULL&_gid=2027478711.1557414510&gjid=692360852&_v=j73&z=1287322060
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-127529259-1&cid=666101675.1557414510&jid=332698667&uid=NULL&_gid=2027478711.1557414510&gjid=692360852&_v=j73&z=1287322060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 09 May 2019 15:08:30 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 May 2019 15:08:30 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-127529259-1&cid=666101675.1557414510&jid=332698667&uid=NULL&_gid=2027478711.1557414510&gjid=692360852&_v=j73&z=1287322060
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
431
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1888727903&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haircode.com%2F&dp=www.haircode.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20HairCode&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAAEIhB~&jid=1077228021&gjid=68323803&cid=666101675.1557414510&tid=UA-32663782-1&_gid=2027478711.1557414510&_r=1&cd46=Premium&z=564077807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2019 15:08:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.haircode.com
URL: https://www.haircode.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
4Bi/5lDWSigYUcPIsde8XxiIzX3DIVvL2MhtV5MF6TCtWibwJ9eE2ppgiz3rUI9I5nkJSAD7EsWQKSuB8GPFRQ==
date
Thu, 09 May 2019 15:08:30 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
9909.js
script.crazyegg.com/pages/scripts/0025/ 		188 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0025/9909.js?432615
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37W4CG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6af329bb3056c6900a1172e07175b740955eb2b40e9a5ada3560a10d8614601

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cf-cache-status
HIT
cf-polished
origSize=192787
x-cache
RefreshHit from cloudfront
status
200
content-encoding
gzip
last-modified
Thu, 09 May 2019 14:15:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private, max-age=300
cf-ray
4d4496d07a6a2742-FRA
x-amz-cf-id
S4z16kcLIYN5u01cnWjAOrXD2YTLwpD_G29N8OLGomdxpR45cPlIDw==
cf-bgj
minify
klaviyo.js
static.klaviyo.com/onsite/js/ 		105 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=NjaG5L
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37W4CG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a13b09a10c59025d881814f66c6c145408cc4d278de863fe7ac1a2381a8e8a69

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
GM9vYH.EYdIoJh7CiBnw1HOZP2hYKTig
content-encoding
gzip
age
1609
x-cache
HIT
status
200
date
Thu, 09 May 2019 15:08:30 GMT
content-length
29616
x-amz-id-2
FsvcDj7soHLp87CvSK8SJvyQxxTYDAwrEhCof7pHApITP74EZUWLzdUUquUpyDDVaGsY6hpL8Y4=
x-served-by
cache-hhn1525-HHN
last-modified
Thu, 09 May 2019 14:18:26 GMT
server
AmazonS3
etag
"927ed92ca93cc40c8aebe81b834e77ff"
vary
Accept-Encoding
x-amz-request-id
01EA50E53A0DCF11
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1888727903&t=timing&_s=2&dl=https%3A%2F%2Fwww.haircode.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20HairCode&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=14101&pdt=104&dns=213&rrt=298&srt=247&tcp=211&dit=1162&clt=1162&_gst=14142&_gbt=14208&_u=aHDAAEIhB~&jid=&gjid=&cid=666101675.1557414510&uid=NULL&tid=UA-127529259-1&_gid=2027478711.1557414510&cd31=(not%20set)&cd32=(not%20set)&cd33=(not%20set)&cd34=(not%20set)&cd35=(not%20set)&cd36=(not%20set)&cd37=(not%20set)&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd41=(not%20set)&cd42=(not%20set)&cd43=(not%20set)&cd48=(not%20set)&cd46=Premium&cd50=666101675.1557414510&z=1628700835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 03:35:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5312007
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1888727903&t=timing&_s=2&dl=https%3A%2F%2Fwww.haircode.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20HairCode&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=14101&pdt=104&dns=213&rrt=298&srt=247&tcp=211&dit=1162&clt=1162&_gst=14142&_gbt=14208&_u=aHDAAEIhB~&jid=&gjid=&cid=666101675.1557414510&tid=UA-32663782-1&_gid=2027478711.1557414510&cd46=Premium&z=821543695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 03:35:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5312007
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
352853311951320
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/352853311951320?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b6b34ffc2631d9729cee89f754b50f519ee18eb5f85a92cdfc885ec86ff0d1c9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
LWsUTnYQYKksoRUS0HG5qhW9r4cq+bpQfldZNNAA8GYXAH17W7orP2OLkgltOm5Xkgj7LDOMBwXaBL1bdWGWYw==
date
Thu, 09 May 2019 15:08:30 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
klaviyo_analytics.js
fast.a.klaviyo.com/media/js/analytics/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/media/js/analytics/klaviyo_analytics.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=NjaG5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f8dc817b80ca92e9440a677e51e353798f95f9d67bbefcfd4427509703bf92ee
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
content-encoding
gzip
age
62712
x-cache
HIT
status
200
strict-transport-security
max-age=900
content-length
6980
x-served-by
cache-hhn1525-HHN
last-modified
Thu, 28 Feb 2019 15:04:20 GMT
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
expires
Thu, 09 May 2019 21:43:18 GMT
cache-control
max-age=86400, public
accept-ranges
bytes
x-cache-hits
14270
modules
fast.a.klaviyo.com/onsite/api/v2/ 		53 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/onsite/api/v2/modules?company_id=NjaG5L
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=NjaG5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
application/json, text/plain, */*
Origin
https://www.haircode.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
content-encoding
gzip
age
628961
x-cache
HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
73
via
1.1 varnish
x-served-by
cache-hhn1538-HHN
access-control-allow-origin
*
server
nginx
vary
Accept-Encoding, Cookie
access-control-allow-methods
GET
content-type
application/json
x-upstream
Sync-Api, Sync-Api
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1
vendors~signupForms.8145a99b15968db6bfe3.js
static.klaviyo.com/onsite/js/ 		580 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signupForms.8145a99b15968db6bfe3.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=NjaG5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80be076154e015fdc97cfb64753a142edf6dfd49e7ffc138a07f938bb99fb172

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
eGUUTutZTD9tKdF5SnSPzAltEqhMp9AX
content-encoding
gzip
age
2985
x-cache
HIT
status
200
date
Thu, 09 May 2019 15:08:30 GMT
content-length
173673
x-amz-id-2
uswfYGLXPSdeQkf7fYnevzUUeRVl8KykaA8F4gcpIYcndeq+e/adJc7vfE8z/sopWski0bd2A+M=
x-served-by
cache-hhn1525-HHN
last-modified
Thu, 09 May 2019 14:18:25 GMT
server
AmazonS3
etag
"22c1c6eda152e406098aaf2df785cd19"
vary
Accept-Encoding
x-amz-request-id
A64ADE706F072AB9
via
1.1 varnish
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
406
signupForms.6274fe86d695ab8ea011.js
static.klaviyo.com/onsite/js/ 		209 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signupForms.6274fe86d695ab8ea011.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=NjaG5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89d64181b088ea700f5d1354e8a65fa914959b68451670dcc54f0adf7079fcec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
0gjc6YbnBoN_yLx96KQHeZmmwvUhTH43
content-encoding
gzip
age
2986
x-cache
HIT
status
200
date
Thu, 09 May 2019 15:08:30 GMT
content-length
48248
x-amz-id-2
Q4aq9habWhFx9/b7GRGSJL5X9ViwEsPgG7hprK4IzEgHRtqROSV2aJ9aGsa0ZTFcm/+5r+PP72A=
x-served-by
cache-hhn1525-HHN
last-modified
Thu, 09 May 2019 14:18:25 GMT
server
AmazonS3
etag
"1947d68cb55807cad849b93427e5ec0b"
vary
Accept-Encoding
x-amz-request-id
12910E067C412E68
via
1.1 varnish
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
500
full-forms
fast.a.klaviyo.com/forms/api/v3/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/forms/api/v3/full-forms?company_id=NjaG5L
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signupForms.6274fe86d695ab8ea011.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
6cad2a5c8a1ada84a387bef25d059f4d12c6f2eefa68380b65c2322c84256c49
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.haircode.com

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
content-encoding
gzip
age
628961
x-cache
HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
1709
via
1.1 varnish
x-served-by
cache-hhn1538-HHN
access-control-allow-origin
*
server
nginx
vary
Accept-Encoding, Cookie
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
x-upstream
Sync-Api, Sync-Api
cache-control
max-age=10
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
aeldSS6rR+i6gGjI46d3CRUVLuRw2InwM8Z0x03Ha7e+XaqPA9gIVGTRAn0rlPPt+emIuJ6D57+zkdA1l1MmuA==
date
Thu, 09 May 2019 15:08:30 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=352853311951320&ev=PageView&dl=https%3A%2F%2Fwww.haircode.com%2F&rl=&if=false&ts=1557414510586&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=29&fbp=fb.1.1557414510586.2089398704&it=1557414510143&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 May 2019 15:08:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 09 May 2019 15:08:30 GMT

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| PGdataLayer object| dataLayer function| setUpAgknTag object| google_tag_manager function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| page string| dataPath object| ___chunkMapping object| x string| adchoicesID string| adchoices string| overlayID string| overlay function| onYouTubeIframeAPIReady object| webpackJsonp object| __core-js_shared__ object| core object| asyncRequires object| ___emitter object| ___loader boolean| __navigatingToLink function| ___push function| ___replace function| ___navigate object| ___dataPaths object| PG string| sPublicKey string| sPublicKeyExp number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| process_ga_pixel function| origPush function| gaca_listener_b_com function| getClosest function| createConsumerActionEvent_b_com function| load_gaca_library function| setupEvent_b_com function| handle_ecomm_gaca_click function| find_product_by_id function| find_promo_by_id function| add_all_products function| add_event_products function| track_search_event function| myTrim undefined| allow_primary_linker boolean| brandSet boolean| globalSet boolean| bIsFirstPage string| googleOptimizeID boolean| enableOptimizely object| _gaq boolean| enable_ecommerce string| eec string| url string| no_locale_url string| domain string| search string| hash function| load_universal function| load_pageview_events function| load_gaca function| getUserID function| setCustomDimension function| safe_log function| error_log function| stripTrailingSlash function| encrypt_if_email function| is_email function| isOptimizelyEnabled function| isFirstPage function| createCookie function| getCookie function| isAnonymizer function| getUrlVarsTag function| encrypt function| is_match function| get_query_params function| checkIfEmailInString function| dataLayerDefined function| load_pageview_events_old function| setCustomDimensionOld function| get_linker_domains function| load_ecomm function| add_products function| add_transaction function| setProductInfoMap function| getElementOffset function| scroll_tracking function| promotion_scroll_tracking object| productInfoMap string| GoogleAnalyticsObject function| ga undefined| utm_source string| utm_campaign function| load_youtube function| compare function| gbs_getUrlVars function| gbs_create_cookie function| gbs_get_cookie object| trackTags object| trackSearchClicks object| pgPageTiming object| isOnIOS string| eventName object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq object| Device object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| klaviyoOnsiteJSONP object| SENTRY_RELEASE object| regeneratorRuntime object| _learnq string| __klKey function| setImmediate function| clearImmediate object| scCGSHMRCache object| __SECRET_EMOTION__

0 Cookies

11 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
Evidon - adchoices: undefined
console-api log (Line 1)
Message:
Evidon - adchoicesID: undefined
console-api log (Line 1)
Message:
Evidon OLD - overlay: undefined
console-api log (Line 1)
Message:
Evidon OLD - overlayID: undefined
console-api error URL: https://www.haircode.com/app-877a451ed8b2b549b2ab.js(Line 1)
Message:
TypeError: Cannot read property 'hasOwnProperty' of null
console-api error URL: https://www.haircode.com/app-877a451ed8b2b549b2ab.js(Line 1)
Message:
TypeError: Cannot read property 'hasOwnProperty' of null
console-api log (Line 1)
Message:
version Consumer Actions e-comm v5.1
console-api log (Line 29)
Message:
in GAP Universal v9.1
console-api log (Line 29)
Message:
in setCustomDimension for data layer - line 237
console-api log (Line 8)
Message:
setting up b.com events
console-api log (Line 1)
Message:
bounce rate pilot script - send event on unload

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://tagmanager.google.com https://www.facebook.com https://fonts.googleapis.com 'unsafe-inline' 'self'; img-src https://scontent-iad3-1.cdninstagram.com/ https://haircodestorageprod.blob.core.windows.net https://a.klaviyo.com/api/track https://a.klaviyo.com/api/identify https://stats.g.doubleclick.net/r/collect https://instagram.fluk1-1.fna.fbcdn.net/ https://user-event-tracker.crazyegg.com/ https://haircodeprod.azureedge.net/ https://haircodeassetsprod.azureedge.net/ https://haircode.azurewebsites.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com https://c.betrad.com https://l.betrad.com https://www.facebook.com https://ssl.gstatic.com https://www.gstatic.com 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' https://static.klaviyo.com/ https://fast.a.klaviyo.com/ https://static.klaviyo.com/onsite/js/klaviyo.js https://s3.amazonaws.com/ https://script.crazyegg.com/ https://haircodeprod.azureedge.net/ https://connect.facebook.net https://tagmanager.google.com https://www.googletagmanager.com https://c.betrad.com https://optout.betrad.com https://www.google-analytics.com/ https://ajax.googleapis.com/ http://js.agkn.com https://haircodestorageprod.z20.web.core.windows.net/ https://haircode.azurewebsites.net/ 'self'; connect-src https://a.klaviyo.com/ https://scontent-iad3-1.cdninstagram.com/ https://instagram.fluk1-1.fna.fbcdn.net/ https://stats.g.doubleclick.net/j/collect https://telemetrics.klaviyo.com/v1/metric https://static.klaviyo.com/onsite/js/klaviyo.js https://fast.a.klaviyo.com/ https://gsp.target.com/gsp/authorizations/v1/client_tokens https://carts.target.com/order-api/cart/v5/cartitems https://gsp.target.com/gsp/authorizations/v1/client_tokens https://haircodeprod.azureedge.net/ https://haircode-functions-prod.azurewebsites.net https://haircodestorageprod.z20.web.core.windows.net/ https://www.google-analytics.com/ https://haircode.azurewebsites.net/ https://haircode.azurewebsites.net/api 'self'; frame-src https://info.evidon.com/ http://d.agkn.com/; font-src https://haircodeprod.azureedge.net/ https://haircodestorageprod.z20.web.core.windows.net/ https://fonts.gstatic.com/ 'self' data:; media-src https://haircodeassetsprod.azureedge.net/ 'self';
Strict-Transport-Security max-age=8995000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d.agkn.com
fast.a.klaviyo.com
haircodeassetsprod.azureedge.net
haircodestorageprod.blob.core.windows.net
js.agkn.com
script.crazyegg.com
static.klaviyo.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.haircode.com
104.208.128.30
104.210.6.2
151.101.2.133
2600:9000:20bb:d800:15:efbc:e300:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6813:9308
2a00:1450:4001:815::2008
2a00:1450:4001:81d::200e
2a00:1450:400c:c09::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
54.68.162.1
0ace2ffb5050b7701c38dddd437f40d3507aba24571e794c8a470f9757f181d9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b35300a2a0d53f458f42d6ab474c3e0b3370dd57558b5d1bbb4ee65727e0cf3
1cc60bd271903e7d04526d51917c03ce33d6f8142fbda8d3f25d094ba53512da
25f5ab25f8b59bcb153482e211fa4d72b5ac5991dc36650c2eb5807620af60bd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f2081f10aad31ddc35fec51736895f404c847a0554c5c6f993b544b174941d3
35cc5b6c6a5d2b6d9be5fc6f95536166152a9dd2a7673b59bf79f39cdbfb60f1
3e19879e75af02c35d4c5cba0fab653b2fe1526e56281e92bfbe3806ce895741
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4ebbf57572553c23d28479d9d0f9b675358c991797efa4dae62c6da594a77ea3
5f6e7da89e5b3b6a6d0d02c0f79343d5f3d271a005784ea83b1f6acd18b3168f
64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c
657144fda62849fbc6699a950005fe816a0e303df7f1b270a4566aaed1c4b873
6cad2a5c8a1ada84a387bef25d059f4d12c6f2eefa68380b65c2322c84256c49
70af321c9f9ff240c092c1cf8f0f0f56fe55be082b02b46235aee5392ea04330
78428537daa3c765bec67357b3090ffc33df8caa1bc238b77fc1bc6e6621886c
78607bf9395b3b3ec04502d868b50a90a9ac13ad3871b927509bc853713a3834
795ce5bb3194328f6fdd5baa32b55a783b7f11d0055dd1ae7652a4020af3ca81
80be076154e015fdc97cfb64753a142edf6dfd49e7ffc138a07f938bb99fb172
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89d64181b088ea700f5d1354e8a65fa914959b68451670dcc54f0adf7079fcec
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991f0f700271f9bc76e6219338edd4602cd99465d4fa68659bdf2a2ad3b74b7e
9b130166cc68386240352401a50499a3b08a93517c698fb1f42cc6c7505e366a
a13b09a10c59025d881814f66c6c145408cc4d278de863fe7ac1a2381a8e8a69
a6af329bb3056c6900a1172e07175b740955eb2b40e9a5ada3560a10d8614601
a8f86564d1ed665d263b9314e014b2c7c650b2d7379348a702d1142744acf301
ae2acc3be1692b3d67ec4b036cdfab9e13c66f14a14fa68028663a623d6d227f
b51d144a37ede15337130f8cb10b0d539c7a626c718ee886f0654ae3b53738a4
b6b34ffc2631d9729cee89f754b50f519ee18eb5f85a92cdfc885ec86ff0d1c9
b6de95067f387a7502caf98cc87da9fac659f401596c3d616c0d7087fe30978b
b860b209b15e67fb2e35bf4c610fec4a6e15a7af40987cfd10598aab091a67b4
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c1b93ddf9a37817fa21a1bfcb955af209a626e6e9afc0eaf4012088a52cbfb41
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d2844c2a46f08552149e00d7a77eb18fc6ef43a44b4b44d34a38dbb0404b8cfd
f8dc817b80ca92e9440a677e51e353798f95f9d67bbefcfd4427509703bf92ee
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3