hairbyeli.ca Open in urlscan Pro
162.215.249.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hairbyeli.ca/
Submission Tags: falconsandbox
Submission: On March 21 via api (March 21st 2022, 11:49:15 am UTC) from US — Scanned from CA

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 20 HTTP transactions. The main IP is 162.215.249.85, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is hairbyeli.ca.

This is the only time hairbyeli.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	162.215.249.85 162.215.249.85	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
20	6

9 162.215.249.85 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: shared114.accountservergroup.com

hairbyeli.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (Queens, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hairbyeli.ca hairbyeli.ca	100 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620	48 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	137 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	83 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 821	12 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	33 KB
20	7

	Domain	Requested by
9	hairbyeli.ca	hairbyeli.ca
3	maxcdn.bootstrapcdn.com	hairbyeli.ca maxcdn.bootstrapcdn.com
2	static.xx.fbcdn.net	www.facebook.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	hairbyeli.ca connect.facebook.net
2	unpkg.com	1 redirects hairbyeli.ca
1	ajax.googleapis.com	hairbyeli.ca
20	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-28` - `2022-03-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://hairbyeli.ca/
Frame ID: 31B37CA689578F1C280D567B52853FCC
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8409b043a5d%26domain%3Dhairbyeli.ca%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhairbyeli.ca%252Ff2e6a501990706%26relation%3Dparent.parent&container_width=377&href=http%3A%2F%2Fwww.hairbyeli.ca%2F&layout=button&locale=en_GB&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 89BF623C3842EB043515BACD94AB0B47
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hair by Eli - Hair Salon in Ottawa

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

45 %
HTTPS

83 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

432 kB
Transfer

1267 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 11

http://connect.facebook.net/en_GB/sdk.js HTTP 307
https://connect.facebook.net/en_GB/sdk.js

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hairbyeli.ca/ 11 KB
4 KB 377ms
210ms Document
text/html 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 59306c6e60a082fbf11144795b6e353dc915fa73de0f21606fbf338a482a96a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Mon, 21 Mar 2022 11:49:10 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3837
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
21 KB 94ms
67ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: hairbyeli.ca
URL: http://hairbyeli.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hairbyeli.ca/
Origin: http://hairbyeli.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 845
cdn-cachedat: 03/20/2022 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"2f624089c65f12185e79925bc5a7fc42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a5c6ac756f6a8c7872124b9b9f31d706
cdn-requestcountrycode: US
cf-ray: 6ef67677b8fcca6f-YUL
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK styles.css
hairbyeli.ca/include/ 964 B
731 B 113ms
112ms Stylesheet
text/css 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://hairbyeli.ca/include/styles.css?v=1.04
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: fd80b6daf5c0daba7033308fc7a309b240454d07297dd2fdf87d3ed910c32cbe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Apr 2018 08:33:06 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 444

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

21ms
20ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: hairbyeli.ca
URL: http://hairbyeli.ca/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6223967
fly-request-id: 01FRWNA4WP85SQWMTQDDA65SPW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ef67677ed8f714b-YUL

Redirect headers

date: Mon, 21 Mar 2022 11:49:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FYP4CEJN5E40DKYPSY5YXJDP-yyz
server: cloudflare
age: 593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ef67677cd6f714b-YUL
access-control-allow-origin: *

GET
H/1.1 200
OK eli_sig.jpg
hairbyeli.ca/images/ 29 KB
30 KB 210ms
108ms Image
image/jpeg 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/eli_sig.jpg
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 61c78cca330583da1a44c10b45e885ad39fd9e4095d37f38e58bbd7e043a18ec

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 30007

GET
H/1.1 200
OK fashion-woman-model-portrait.jpg
hairbyeli.ca/images/ 61 KB
62 KB 213ms
107ms Image
image/jpeg 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/fashion-woman-model-portrait.jpg
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 79d71d7c22759fa4662e2bf0eab8ff42b5cefbe6ba0cd2899cb574ca6edad6c2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 62848

GET
H/1.1 200
OK star.gif
hairbyeli.ca/images/ 759 B
1 KB 210ms
105ms Image
image/gif 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/star.gif
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 294183cd3eaaf7858b03f608f73d31d5c51feee35ea07e9bfd741a7e77263fb2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 759

GET
H/1.1 200
OK shop.gif
hairbyeli.ca/images/ 668 B
935 B 211ms
106ms Image
image/gif 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/shop.gif
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 7258bfc1e1d2c357282272cd048376776e2b5f8e5ba3327881fd3ebe402e95a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 668

GET
H/1.1 200
OK divider.gif
hairbyeli.ca/images/ 44 B
284 B 105ms
104ms Image
image/gif 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/divider.gif
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 5875e5b51f0fe67fb6700b3bc0495f2ab56796dc968278e323ba0eedac009547

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 44

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 70ms
21ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: hairbyeli.ca
URL: http://hairbyeli.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 07:10:09 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 156ms
132ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: hairbyeli.ca
URL: http://hairbyeli.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hairbyeli.ca/
Origin: http://hairbyeli.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 845
cdn-cachedat: 03/20/2022 19:19:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 883fd1dbb674f5fdc2782fc192699ace
cdn-requestcountrycode: US
cf-ray: 6ef67677b8feca6f-YUL
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK scripts.js Show response
hairbyeli.ca/include/ 2 KB
1 KB 211ms
108ms Script
application/javascript 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://hairbyeli.ca/include/scripts.js
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 498a8c953b504c55c8eb0ec64bb722f8bff9d66c2032358095714c6eeb480c88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Apr 2018 08:33:06 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 860

GET
H2

200

sdk.js Show response
connect.facebook.net/en_GB/
Redirect Chain

http://connect.facebook.net/en_GB/sdk.js
https://connect.facebook.net/en_GB/sdk.js

3 KB
2 KB

68ms
22ms

Script
application/x-javascript

2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: hairbyeli.ca
URL: http://hairbyeli.ca/

Protocol

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcac15adc58c08524f1e14233c4d3fdcfb248dd502c99fe258ea41be73257546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ryuJjWH4Xf+OSunwwaJ56w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: 9/wu8hUhKKTBwnAc5fBkJ31D6tVFmEdySObm7F2bzT2EPCLyZUWOPOvW8fA5Zp9Zv3U+A/melcYhXZ3k5yIqEA==
x-fb-trip-id: 2050670934
x-fb-content-md5: d058f460be495e9bda744f2d7473a2bb
x-frame-options: DENY
date: Mon, 21 Mar 2022 11:49:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cb674a8d4f05aeb0fa2b6eef9a6bed2d"
timing-allow-origin: *
expires: Mon, 21 Mar 2022 12:04:37 GMT

Redirect headers

Location: https://connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.8
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK bk_dot.gif
hairbyeli.ca/images/ 46 B
286 B 195ms
104ms Image
image/gif 162.215.249.85
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hairbyeli.ca/images/bk_dot.gif
Requested by: Host: hairbyeli.ca
URL: http://hairbyeli.ca/include/styles.css?v=1.04
Protocol: HTTP/1.1
Server: 162.215.249.85 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: shared114.accountservergroup.com
Software: Apache /
Resource Hash: 090c1a6a46b80d0f0cb912f4e4dd0dbc9b256da6a0dbda2ddfb34dd4f2945f06

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/include/styles.css?v=1.04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 11:49:11 GMT
Last-Modified: Tue, 17 Apr 2018 08:33:07 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 46

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 52ms
52ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Origin: http://hairbyeli.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718
cdn-proxyver: 1.02
cdn-cachedat: 03/12/2022 17:48:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "448c34a56d699c29117adc64c43affeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ea7a180c3f9460880ef567b46c10d19c
cdn-requestcountrycode: US
accept-ranges: bytes
cf-ray: 6ef6767879c6ca6f-YUL
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 283 KB
81 KB 40ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=c79949bbb318766a2864f6f949844149

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c11022c3e002f2fde27f5d0539cbd0584383bcecef05ca020b78f83bdbb96e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://hairbyeli.ca/
Origin: http://hairbyeli.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BhAJtM1qblAkRxbBCngrqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Mar 2023 11:17:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82640
x-fb-rlafr: 0
x-fb-debug: T7mbMzFZrTa8StNf+5GW+VUL2VyywLKxW2DK9Vuot5z4GrsJVFNKv9DJIpR+E1b5ENYJKcifSgG0sLh+nujr+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 89a867ed72ec9cb43fedd8606957a8e5
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 11:49:11 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e8a584c3361ec3d7d4b55c974be6bf35"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 89BF 47 KB
18 KB 323ms
281ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8409b043a5d%26domain%3Dhairbyeli.ca%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhairbyeli.ca%252Ff2e6a501990706%26relation%3Dparent.parent&container_width=377&href=http%3A%2F%2Fwww.hairbyeli.ca%2F&layout=button&locale=en_GB&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=c79949bbb318766a2864f6f949844149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d40bcbbd495fa80c36c2ddc38785106f8bb2de3e35ae383c35e6208ab98604db

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://hairbyeli.ca/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: wxAB2tfhEe27i8DzWYOycRvg3X+upRnyJk2I/pcEHzv9/3zXep43UfZjeHxYe9wckaQDyK/tuynvtSI9DC6mKA==
date: Mon, 21 Mar 2022 11:49:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 89BF 400 B
623 B 19ms
18ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8409b043a5d%26domain%3Dhairbyeli.ca%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhairbyeli.ca%252Ff2e6a501990706%26relation%3Dparent.parent&container_width=377&href=http%3A%2F%2Fwww.hairbyeli.ca%2F&layout=button&locale=en_GB&sdk=joey&share=false&show_faces=false&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: RvRv/DNL2Ktsvx82wixVFD5F/V+KsnHAzGF/+uG3Rtvt3OxGujzQVx8mNrgoAAQ2LM9UE0DOk6i1tq0AjSmM6A==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 14 Mar 2023 18:06:24 GMT

GET
H2 200 O1HAmSXE-0h.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/ Frame 89BF 523 KB
137 KB 56ms
18ms XHR
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/O1HAmSXE-0h.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

beea11ec0bc3e186866b59cea6dbbed58947fdeaedc1d0dfa6526784dc75fa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /MW3ePUDYLUEzFGOVz2aQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139426
x-fb-rlafr: 0
x-fb-debug: JuIiX9G89bGbWR9nfnw8fb6NWbgyZNZ9Qt/W+/xe8U7vx/+rd0aEPyni3NFn1ns9Pp8aMDMV7oxw4+JwTi5S0Q==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Mar 2023 00:48:40 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 89BF 67 B
105 B 68ms
46ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1647863351761&t_start=1647863351762&t_domcontent=1647863351779&t_layout=1647863351859&t_onload=1647863351859&t_paint=1647863351859&t_creport=1647863351859&t_tti=1647863351779&lid=7077519201237516798-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8409b043a5d%26domain%3Dhairbyeli.ca%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhairbyeli.ca%252Ff2e6a501990706%26relation%3Dparent.parent&container_width=377&href=http%3A%2F%2Fwww.hairbyeli.ca%2F&layout=button&locale=en_GB&sdk=joey&share=false&show_faces=false&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: oiTxOmHEG43MoAJXXPWWhCfEjdRX63Nc6CrsW3gtYT+FTpmVILZFZIvljmXhcPCMz8C5spIdeI8hSqG8MAkmJA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Mar 2022 11:49:11 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hairbyeli.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: easmlk4thc6tjdf6qu700c6tn4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
hairbyeli.ca
maxcdn.bootstrapcdn.com
static.xx.fbcdn.net
unpkg.com
www.facebook.com
162.215.249.85
2606:4700::6810:7daf
2606:4700::6812:bcf
2607:f8b0:4006:820::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
090c1a6a46b80d0f0cb912f4e4dd0dbc9b256da6a0dbda2ddfb34dd4f2945f06
294183cd3eaaf7858b03f608f73d31d5c51feee35ea07e9bfd741a7e77263fb2
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
498a8c953b504c55c8eb0ec64bb722f8bff9d66c2032358095714c6eeb480c88
5875e5b51f0fe67fb6700b3bc0495f2ab56796dc968278e323ba0eedac009547
59306c6e60a082fbf11144795b6e353dc915fa73de0f21606fbf338a482a96a0
61c78cca330583da1a44c10b45e885ad39fd9e4095d37f38e58bbd7e043a18ec
7258bfc1e1d2c357282272cd048376776e2b5f8e5ba3327881fd3ebe402e95a0
79d71d7c22759fa4662e2bf0eab8ff42b5cefbe6ba0cd2899cb574ca6edad6c2
9c11022c3e002f2fde27f5d0539cbd0584383bcecef05ca020b78f83bdbb96e2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
beea11ec0bc3e186866b59cea6dbbed58947fdeaedc1d0dfa6526784dc75fa5e
d40bcbbd495fa80c36c2ddc38785106f8bb2de3e35ae383c35e6208ab98604db
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fcac15adc58c08524f1e14233c4d3fdcfb248dd502c99fe258ea41be73257546
fd80b6daf5c0daba7033308fc7a309b240454d07297dd2fdf87d3ed910c32cbe
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

hairbyeli.ca Open in urlscan Pro 162.215.249.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

45 %HTTPS

83 %IPv6

7 Domains

7 Subdomains

6 IPs

1 Countries

432 kBTransfer

1267 kBSize

1 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

Indicators

hairbyeli.ca Open in urlscan Pro
162.215.249.85 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

45 %
HTTPS

83 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

432 kB
Transfer

1267 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions