urlscan.io logo urlscan.io
SecurityTrails logo

hairswitchboost.com Open in urlscan Pro
68.183.96.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yan.soundestlink.com/ce/c/672b5a48277a13dc7af87c32/676d52037b65955fcc487767/676dab42a42dead03e3a48d1?signature=fc1c6e...
Effective URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=...
Submission: On December 31 via api from BE — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 7 countries across 32 domains to perform 75 HTTP transactions. The main IP is 68.183.96.179, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hairswitchboost.com.
TLS certificate: Issued by E5 on November 29th 2024. Valid for: 3 months.
This is the only time hairswitchboost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.145.78 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 44.240.169.52 16509 (AMAZON-02)
1 1 34.107.199.247 396982 (GOOGLE-CL...)
5 68.183.96.179 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.3.10.31 14618 (AMAZON-AES)
3 76.223.24.108 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 172.217.18.3 15169 (GOOGLE)
1 142.250.181.228 15169 (GOOGLE)
1 3.163.248.4 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
5 23.36.162.208 20940 (AKAMAI-AS...)
1 146.75.120.157 54113 (FASTLY)
1 18.244.20.50 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2600:9000:27e... ()
3 23.35.237.86 16625 (AKAMAI-AS)
1 162.159.152.17 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 157.240.0.35 32934 (FACEBOOK)
1 2 142.250.186.166 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.134 15169 (GOOGLE)
5 35.190.43.134 15169 (GOOGLE)
1 3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.3 13414 (TWITTER)
3 3.167.226.56 ()
2 70.42.32.31 22075 (AS-OUTBRAIN)
1 35.169.51.241 14618 (AMAZON-AES)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.225.224.75 14618 (AMAZON-AES)
3 20.114.189.70 8075 (MICROSOFT...)
1 134.209.162.206 14061 (DIGITALOC...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
75 39
1    172.64.145.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
yan.soundestlink.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
track.medlinealerts.com
1    44.240.169.52 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-169-52.us-west-2.compute.amazonaws.com
www.clkmg.com
1    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.bg6yrfg.com
5    68.183.96.179 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: hairswitchboost.com
hairswitchboost.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.3.10.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-10-31.compute-1.amazonaws.com
secure.hairswitchformula.com
3    76.223.24.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: aeaf2f55fa0d20077.awsglobalaccelerator.com
secure2.hairswitchformula.com
5    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
1    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
1    3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dynamic.criteo.com
5    23.36.162.208 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-36-162-208.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    18.244.20.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-50.fra56.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2600:9000:27e6:f000:8:8845:1500:93a1 (United States)

ASN ()
b-code.liadm.com
3    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
1    162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)
q.quora.com
1    2600:9000:223c:4a00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.attn.tv
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
14623190.fls.doubleclick.net
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.es
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    3.167.226.56 (United States)

ASN ()
PTR: server-3-167-226-56.fra60.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    35.169.51.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-51-241.compute-1.amazonaws.com
i.liadm.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
1    2600:1f18:730:b110:5e2a:4542:4d7d:879a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.225.224.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-224-75.compute-1.amazonaws.com
rp4.liadm.com
3    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
t.clarity.ms — Cisco Umbrella Rank: 8178
c.clarity.ms — Cisco Umbrella Rank: 1269
31 KB
6 doubleclick.net
14623190.fls.doubleclick.net — Cisco Umbrella Rank: 648626
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
1 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 903
tr6.snapchat.com — Cisco Umbrella Rank: 1333
985 B
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3405
wave.outbrain.com — Cisco Umbrella Rank: 4277
tr.outbrain.com — Cisco Umbrella Rank: 3357
12 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
139 KB
5 gstatic.com
fonts.gstatic.com
108 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
432 KB
5 hairswitchboost.com
hairswitchboost.com
313 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3229
i.liadm.com — Cisco Umbrella Rank: 572
rp.liadm.com — Cisco Umbrella Rank: 966
rp4.liadm.com — Cisco Umbrella Rank: 5689
47 KB
4 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
22 KB
4 hairswitchformula.com
secure.hairswitchformula.com
secure2.hairswitchformula.com
4 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3682
gum.criteo.com — Cisco Umbrella Rank: 450
sslwidget.criteo.com Failed
22 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
86 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
774 B
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 310022
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
724 B
1 t.co
t.co — Cisco Umbrella Rank: 904
629 B
1 google.es
www.google.es — Cisco Umbrella Rank: 25894
408 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 3969
245 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1109
24 KB
1 quora.com
a.quora.com Failed
q.quora.com — Cisco Umbrella Rank: 5280
282 B
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3683
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 bg6yrfg.com
www.bg6yrfg.com
814 B
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 498614
987 B
1 medlinealerts.com
track.medlinealerts.com
1 KB
1 soundestlink.com
yan.soundestlink.com
398 B
75 32
Domain Requested by
5 analytics.tiktok.com hairswitchboost.com
analytics.tiktok.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.googletagmanager.com hairswitchboost.com
www.googletagmanager.com
5 hairswitchboost.com hairswitchboost.com
4 tr.snapchat.com sc-static.net
hairswitchboost.com
3 t.clarity.ms www.clarity.ms
3 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
3 secure2.hairswitchformula.com hairswitchboost.com
secure2.hairswitchformula.com
2 c.clarity.ms 1 redirects
2 tr.outbrain.com amplify.outbrain.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 td.doubleclick.net www.googletagmanager.com
2 14623190.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com hairswitchboost.com
2 amplify.outbrain.com hairswitchboost.com
amplify.outbrain.com
2 www.clarity.ms hairswitchboost.com
www.clarity.ms
2 www.youtube.com hairswitchboost.com
www.youtube.com
2 connect.facebook.net hairswitchboost.com
connect.facebook.net
1 c.bing.com 1 redirects
1 service3.purehealthresearch.com hairswitchboost.com
1 tr6.snapchat.com sc-static.net
1 rp4.liadm.com hairswitchboost.com
1 rp.liadm.com 1 redirects
1 gum.criteo.com dynamic.criteo.com
1 i.liadm.com b-code.liadm.com
1 wave.outbrain.com amplify.outbrain.com
1 analytics.twitter.com hairswitchboost.com
1 t.co hairswitchboost.com
1 www.google.es hairswitchboost.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com hairswitchboost.com
1 ad.doubleclick.net hairswitchboost.com
1 cdn.attn.tv www.googletagmanager.com
1 q.quora.com hairswitchboost.com
1 b-code.liadm.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 static.ads-twitter.com hairswitchboost.com
1 dynamic.criteo.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 www.youtube-nocookie.com hairswitchboost.com
1 secure.hairswitchformula.com hairswitchboost.com
1 fonts.googleapis.com hairswitchboost.com
1 www.bg6yrfg.com 1 redirects
1 www.clkmg.com 1 redirects
1 track.medlinealerts.com 1 redirects
1 yan.soundestlink.com 1 redirects
0 sslwidget.criteo.com Failed dynamic.criteo.com
0 a.quora.com Failed www.googletagmanager.com
75 49

This site contains no links.

Subject Issuer Validity Valid
hairswitchboost.com
E5		 2024-11-29 -
2025-02-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
secure.hairswitchformula.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-28 -
2025-12-28		 a year crt.sh
secure2.hairswitchformula.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-26 -
2025-09-26		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-09 -
2025-01-07		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-12-09 -
2025-12-09		 a year crt.sh
quora.com
WR1		 2024-12-13 -
2025-03-13		 3 months crt.sh
*.attn.tv
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-28		 a year crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.es
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
t.co
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-19 -
2025-08-18		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
service3.purehealthresearch.com
E6		 2024-12-02 -
2025-03-02		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Frame ID: 2B8B8ADF477F676CCE1FF43AA0772D32
Requests: 66 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/RQnbnuqx10k?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: DD8F8E9AF65AA38B997F3D2F107C2600
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fhairswitchboost.com
Frame ID: ED46B7711B776BD518AC3C8740B2E26F
Requests: 1 HTTP requests in this frame

Frame: https://14623190.fls.doubleclick.net/activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Frame ID: E5A8A6C40DB4E9C3FED7E4DF8CFD6708
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Frame ID: B5D7D4687CDC5A9B9D32A86ECEC3B1D5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=b26722aa-d53d-49a7-adc5-01910d5eb3ac&u_sclid=2a676364-6ce0-4334-99e1-e2afbd344055
Frame ID: 66E8A8595631B526CD2694878966C052
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1881964228.1735632367&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1542649073
Frame ID: DCF6F9DF3D0F2F2C957F509C269C5781
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/b-01e6?duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&euns=1&s=&version=v3.6.0&cd=.hairswitchboost.com&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa
Frame ID: 075674B0D8B9880841ABD2FF604D186A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hairswitchboost.com&origin=onetag
Frame ID: 573B513EC6C63AEE3B1014890497FA84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hair Switch

Page URL History Show full URLs

  1. https://yan.soundestlink.com/ce/c/672b5a48277a13dc7af87c32/676d52037b65955fcc487767/676dab42a42dead03e3a4... HTTP 302
    https://track.medlinealerts.com/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendContactID=67... HTTP 302
    https://www.clkmg.com/healthy11/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendCo... HTTP 302
    https://www.bg6yrfg.com/26KN315/72DQR3/?sub1=ronald.vermylen@telenet.be&sub2=180MLA&sub3=B&sub4=IRHS... HTTP 302
    https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

75
Requests

93 %
HTTPS

34 %
IPv6

32
Domains

49
Subdomains

39
IPs

7
Countries

1271 kB
Transfer

3208 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yan.soundestlink.com/ce/c/672b5a48277a13dc7af87c32/676d52037b65955fcc487767/676dab42a42dead03e3a48d1?signature=fc1c6e76add81e3d681ea52909dbb10243d18c7eddce948d5692c24ca451a2ce HTTP 302
    https://track.medlinealerts.com/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendContactID=672b5a48277a13dc7af87c32&utm_campaign=campaign%3A+IRHS2_2+26.12+%28676d2d4808aca308c984da96%29&utm_medium=email&utm_source=omnisend HTTP 302
    https://www.clkmg.com/healthy11/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendContactID=672b5a48277a13dc7af87c32&utm_campaign=campaign%3A+IRHS2_2+26.12+%28676d2d4808aca308c984da96%29&utm_medium=email&utm_source=omnisend HTTP 302
    https://www.bg6yrfg.com/26KN315/72DQR3/?sub1=ronald.vermylen@telenet.be&sub2=180MLA&sub3=B&sub4=IRHS2_2&sub5=IRHS HTTP 302
    https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122 HTTP 302
  • https://14623190.fls.doubleclick.net/activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Request Chain 42
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&_p=1735632366401&_gaz=1&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1881964228.1735632367&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1735632367&sct=1&seg=0&dl=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&dt=Hair%20Switch&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=3506 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1881964228.1735632367&dbk=16279216566823810223&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fhairswitchboost.com%3F
Request Chain 57
  • https://rp.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&wpn=lc-bundle&wpv=v3.6.0&cd=.hairswitchboost.com&c=PHRpdGxlPkhhaXIgU3dpdGNoPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj5UaGlubmluZyBIYWlyIEluIE9sZCBBZ2U_IFRyeSBUaGlzIEhvbWUgUmVtZWR5PC9oMT4&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&wpn=lc-bundle&wpv=v3.6.0&cd=.hairswitchboost.com&c=PHRpdGxlPkhhaXIgU3dpdGNoPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj5UaGlubmluZyBIYWlyIEluIE9sZCBBZ2U_IFRyeSBUaGlzIEhvbWUgUmVtZWR5PC9oMT4&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa&i6=MjAwMTphYzg6MjM6ODc6OjJl&n3pc=true
Request Chain 67
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&RedC=c.clarity.ms&MXFR=2984A813B87B6FD43966BD75BC7B6189 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&MUID=04D0C62D0AF966CA38EFD34B0B4D676C

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hairswitchboost.com/
Redirect Chain
  • https://yan.soundestlink.com/ce/c/672b5a48277a13dc7af87c32/676d52037b65955fcc487767/676dab42a42dead03e3a48d1?signature=fc1c6e76add81e3d681ea52909dbb10243d18c7eddce948d5692c24ca451a2ce
  • https://track.medlinealerts.com/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendContactID=672b5a48277a13dc7af87c32&utm_campaign=campaign%3A+IRHS2_2+26.12+%28676d2d4808aca308c984da96...
  • https://www.clkmg.com/healthy11/ofr46/ronald.vermylen@telenet.be/180MLA/B/IRHS2_2/IRHS/?omnisendContactID=672b5a48277a13dc7af87c32&utm_campaign=campaign%3A+IRHS2_2+26.12+%28676d2d4808aca308c984da96...
  • https://www.bg6yrfg.com/26KN315/72DQR3/?sub1=ronald.vermylen@telenet.be&sub2=180MLA&sub3=B&sub4=IRHS2_2&sub5=IRHS
  • https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.96.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
hairswitchboost.com
Software
nginx / Express
Resource Hash
c409ba9c51251919d1a613baa3ecdf4e3daba5b7ed733a0f46518739ca4bd372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Dec 2024 08:06:06 GMT
ETag
W/"c822-V9S/KR1LuRqk/C1x53pFeM0Jm2E"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
content-type
text/html; charset=utf-8
date
Tue, 31 Dec 2024 08:06:05 GMT
location
https://hairswitchboost.com?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
ac89032c-cbf6-41ee-b614-719ace1ff2b1
css2
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 08:06:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 31 Dec 2024 08:06:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
play-img-d.gif
hairswitchboost.com/img/video/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairswitchboost.com/img/video/play-img-d.gif
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.96.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
hairswitchboost.com
Software
nginx / Express
Resource Hash
0f58ea5bd0a4a8ed84c2bd5ae55bac950d22107b8be615a734f18e29702428d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122

Response headers

Cache-Control
public, max-age=0
ETag
W/"39805-18def290e5b"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
235525
Date
Tue, 31 Dec 2024 08:06:06 GMT
Content-Type
image/gif
X-Powered-By
Express
Server
nginx
Last-Modified
Wed, 28 Feb 2024 10:01:01 GMT
UCAffiliateNetworkPixel
secure.hairswitchformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.10.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-10-31.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3df6e0c489bf83be1f0aa0cef0a860261aceb39ce93b02c6da6ade72b1e018a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
content-length
857
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Apache
UCAffiliateNetworkPixel
secure2.hairswitchformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure2.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.24.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aeaf2f55fa0d20077.awsglobalaccelerator.com
Software
Apache /
Resource Hash
ef163c8e28946c194754c6b2c05982b042752c9b6b15ae7e666fd81aafeeec34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
content-length
858
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Apache
gtm.js
www.googletagmanager.com/ 		436 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
843d4d6c9bca8374c20506dc035da138640c47135e58d27852826f83cb1213d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 31 Dec 2024 08:06:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131984
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-H7vQN7kT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-H7vQN7kT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=23, mss=1232, tbw=4491, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
nGxUdXXuX/ZPP8/7US/h2KTsriRMuJ29+boKTMkD7LthzDUMgRrbodX/+dsQguPsP8jkTRRmhnTcWI80V45mqQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
RQnbnuqx10k
www.youtube-nocookie.com/embed/ Frame DD8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/RQnbnuqx10k?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Tue, 31 Dec 2024 08:06:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=es for more info."
date
Tue, 31 Dec 2024 08:06:06 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hairswitchboost.com
Referer
https://fonts.googleapis.com/

Response headers

age
600524
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:17:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:17:22 GMT
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27120
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hairswitchboost.com
Referer
https://fonts.googleapis.com/

Response headers

age
58681
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 30 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hairswitchboost.com
Referer
https://fonts.googleapis.com/

Response headers

age
426914
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Dec 2025 09:30:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 09:30:52 GMT
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27976
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hairswitchboost.com
Referer
https://fonts.googleapis.com/

Response headers

age
601188
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
lisa-king-d.png
hairswitchboost.com/img/featured-on/king/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairswitchboost.com/img/featured-on/king/lisa-king-d.png
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.96.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
hairswitchboost.com
Software
nginx / Express
Resource Hash
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122

Response headers

Cache-Control
public, max-age=0
ETag
W/"f6d8-18e4143d94a"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63192
Date
Tue, 31 Dec 2024 08:06:07 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Fri, 15 Mar 2024 08:39:09 GMT
featured-logo-d.svg
hairswitchboost.com/img/featured-on/king/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairswitchboost.com/img/featured-on/king/featured-logo-d.svg
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.96.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
hairswitchboost.com
Software
nginx / Express
Resource Hash
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"1e33-18c7d2ce98c"
Connection
keep-alive
Date
Tue, 31 Dec 2024 08:06:07 GMT
Content-Type
image/svg+xml
Vary
Accept-Encoding
Server
nginx
Last-Modified
Mon, 18 Dec 2023 13:45:44 GMT
X-Powered-By
Express
1564727430697990
connect.facebook.net/signals/config/ 		126 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1564727430697990?v=2.9.179&r=stable&domain=hairswitchboost.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f4234ea4a0709feb048abb7b794020292d0044eeb8c82887157b5d60b7281759
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8glWiohz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8glWiohz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=77, mss=1232, tbw=70537, tp=66, tpl=0, uplat=222, ullat=0
pragma
public
x-fb-debug
22ARPwvnUwr4SVFphn/JE8B4il2ZNkB6pHlSyR38623xJ2NnorLgaC0EBKrnWYuMknxBBrH4bCp15SGjwUN1jg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
www-widgetapi.js
www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
age
1307
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 31 Dec 2025 07:44:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 07:44:19 GMT
last-modified
Mon, 16 Dec 2024 05:14:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fhairswitchboost.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1869117550.1735632367&dt=Hair%20Switch&auid=1802574102.1735632367&navt=n&npa=0&gtm=45He4cc1v9171599442za200&gcs=G111&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735632367072&tfd=3229&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers
js
www.googletagmanager.com/gtag/ 		431 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b3d3bac5b7ed1d9bd1e1db99d2ec34556d93e0d173422c08bf61ca733d319bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 31 Dec 2024 08:06:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
138972
x-xss-protection
0
server
Google Tag Manager
qevents.js
a.quora.com/ 		0
0
scevent.min.js
sc-static.net/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
300a8a5d2745578efb5cc8c55d73f2443e395df85fe5cc7df01a05f8ebf694c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 ab49c5a8c1c53e53f38751ded0e447f8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23827
x-amz-cf-id
9hHAWYD1WXsKgdpBk5iQFpocH3dJ2nnN8YRHCYgC7bEQXDJzN-vjIA==
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
MAD53-P2
server
CloudFront
access-control-allow-headers
Content-Type
destination
www.googletagmanager.com/gtag/ 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc3647ce9791fac658dfaf49e4e300f95184283d9887dbf48a30763cc3c70cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 31 Dec 2024 08:06:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84790
x-xss-protection
0
server
Google Tag Manager
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=111561&a=112036&a=114338
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0372380ae086408bc3d0599991aa376708dcd211f84dbb64e4bfa7c40971dc05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPKKTPRC77U0TG5MGQF0&lib=ttq
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2fb0c71aaeef4eb19baa8b30899d9cec72bf9b35c7b1f898f9648a813a90d407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-223-83.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Tue, 31 Dec 2024 08:06:07 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=4
x-cache
TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
aa7511ab.274f4eb6
x-tt-trace-host
01b59571cf771f8d0a99a02338e77cd580ba04c1110216209e0ca9bf93e1dcdf714cfa07b9ae7ef0ac4a16840f77c9c624c83728ad678e0dd3c0aab0cfed73693a282e1cc65dd34d8c0bcb1206bf71c0d03db1d275feebded282003168923b972066c09a92f98d37c2ea21c20dde7955f5
x-origin-response-time
8,23.218.223.83
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241231080607D97A9BCC1395A9A95296-4C370B2D4A027B75-00
x-parent-response-time
94,23.206.213.201
x-tt-logid
20241231080607D97A9BCC1395A9A95296
server
nginx
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 31 Dec 2024 08:06:07 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-etou8220142-FRA
x-amz-server-side-encryption
AES256
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		105 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.hairswitchformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
gzip
etag
"c8164200b1af114ca9af998ceedb1fc2"
age
353252
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zSV4e5--nbYVM2HoPW2IyATwsHIKYJtALR0vND-WnDU-bbLaiAc6ww==
date
Fri, 27 Dec 2024 05:58:35 GMT
content-type
application/x-javascript; charset=UTF-8
last-modified
Fri, 12 Jul 2024 12:32:30 GMT
cache-control
max-age=604800,s-maxage=604800
via
1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20382
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
lk2ip2iyom
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lk2ip2iyom?ref=gtm2
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354137a6f4fd72766a217bf2c006edf4633cb01a68bc2d44a50a8f9c2d5c3b5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/x-javascript
x-azure-ref
20241231T080607Z-r17d45bc79fdrg9nhC1PAR9dqc0000000d5g00000000cmbn
js
www.googletagmanager.com/gtag/ 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14623190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9eac8a7ae3a6a461f1725dc1c98455e91040d6f74ac90678024bcf2c77014d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 31 Dec 2024 08:06:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84819
x-xss-protection
0
server
Google Tag Manager
b-01e6.min.js
b-code.liadm.com/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/b-01e6.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27e6:f000:8:8845:1500:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
d07b7d555d137fb87c34cd1a4a8b7292b04c94c04459bf125f5b3a765fcb9156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
41934
via
1.1 321608f40a0cbef23b6add681d95b456.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
OyitId5AUHIJiCFT75x12lI6TFnIRFtbI8vYIvvuYZWTNWtTh-1hhw==
date
Mon, 30 Dec 2024 20:27:13 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P11
obtp.js
amplify.outbrain.com/cp/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
653b426c068ce6dfa6a88b461a10d3807f3907519068bd89afeba4dbbab9f2c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"5a8203f47a61fde091898a866ccbf5b3:1734957068.133716"
Connection
keep-alive
Expires
Tue, 31 Dec 2024 08:26:07 GMT
Accept-Ranges
bytes
X-CC
ES
Content-Length
8465
X-RG
EU
Date
Tue, 31 Dec 2024 08:06:07 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 23 Dec 2024 09:09:24 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
pixel
q.quora.com/_/ad/c45f969771bd45a3ad231d0184782cb1/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/c45f969771bd45a3ad231d0184782cb1/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-q-stat
,a15362a67241b6cd12d106852e9d1cac,10.0.0.235,12230,146.70.74.113,,15935415040,1,1735632367.313,0.002,,.,0,0,0.000,0.000,-,0,0,203,115,57,10,34729,,,,,,-,
cf-ray
8fa8c4b769c6e056-MAD
alt-svc
h3=":443"; ma=86400
content-length
43
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
image/gif
server
cloudflare
dtag.js
cdn.attn.tv/NaturalHairBooster/ 		0
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/NaturalHairBooster/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
public, max-age=120
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
6LFEuuLN1dRKL9oghuPLJwpa7BnbU28tDyLzPqACybfv72Lk6YIzIA==
date
Tue, 31 Dec 2024 08:06:08 GMT
x-amz-cf-pop
FRA56-P2
vary
Origin
server
CloudFront
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame ED46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fhairswitchboost.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJQ2L2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:04:24 GMT
expires
Wed, 31 Dec 2025 08:04:24 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fhairswitchboost.com&rl=&if=false&ts=1735632367156&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735632367153.730929739995918770&pm=1&hrl=efdf1f&ler=empty&cdl=API_unavailable&it=1735632366821&coo=false&cs_cc=1&cas=28281088401489634%2C9336749453025580%2C9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&rqm=GET
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=23, mss=1232, tbw=4574, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fhairswitchboost.com&rl=&if=false&ts=1735632367156&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735632367153.730929739995918770&pm=1&hrl=efdf1f&ler=empty&cdl=API_unavailable&it=1735632366821&coo=false&cs_cc=1&cas=28281088401489634%2C9336749453025580%2C9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&rqm=FGET
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7454484255531444193"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
5NsqDarB1+hrEmC3XE4OTBy/6+aYW0BMiZZXNdCGVBBm87PnQmO5OVR+FkixXjHPQNODs8dlHb/hdFobpSmAPA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7454484255531444193", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=23, mss=1232, tbw=4942, tp=13, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
UCAffiliateNetworkPixel
secure2.hairswitchformula.com/cgi-bin/ 		0
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure2.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.25635481080624856&r=&u=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Requested by
Host: secure2.hairswitchformula.com
URL: https://secure2.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.24.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aeaf2f55fa0d20077.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
server
Apache
UCAffiliateNetworkPixel
secure2.hairswitchformula.com/cgi-bin/ 		0
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure2.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.15791113265813372&r=&u=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122
Requested by
Host: secure2.hairswitchformula.com
URL: https://secure2.hairswitchformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.24.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aeaf2f55fa0d20077.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
server
Apache
activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
14623190.fls.doubleclick.net/ Frame E5A8
Redirect Chain
  • https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://14623190.fls.doubleclick.net/activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
746
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
expires
Tue, 31 Dec 2024 08:06:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMPv5bXG0YoDFUTwEQgdvVMhWw;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gt...
td.doubleclick.net/td/fls/rul/ Frame B5D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=hs_al0;ord=3103457776215;npa=0;auiddc=1802574102.1735632367;ps=1;pcor=1636477490;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89171599442za201zb9171599442;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122?
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6000915758932985379"}],"aggregatable_trigger_data":[{"filters":[{"14":["102303127"]}],"key_piece":"0xb719cc6b7cefc592","source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]},{"key_piece":"0xbd5dda3a5e71a3f4","not_filters":{"14":["102303127"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"30256384":50,"30256385":50,"30256386":50,"30256387":4889,"30266496":65,"30266497":65,"30266498":65,"30266499":6356,"644012468":36,"644012469":36,"644012470":36,"644012471":3530,"644022452":34,"644022453":34,"644022454":34,"644022455":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"1316706482069630567","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6000915758932985379","filters":[{"14":["102303127"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6000915758932985379","filters":[{"14":["102303127"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6000915758932985379","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6000915758932985379","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
content-type
image/png
x-xss-protection
0
server
cafe
21444b75-45eb-4207-bb22-dc5f286db86b.json
tr.snapchat.com/config/com/ 		117 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/21444b75-45eb-4207-bb22-dc5f286db86b.json?v=3.35.1-2412242153
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
9c658e333e4c946e766ba4bb70b2f878e6bb4ca08d32b37e61ffdeee6319be68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
94
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://hairswitchboost.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame 66E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=b26722aa-d53d-49a7-adc5-01910d5eb3ac&u_sclid=2a676364-6ce0-4334-99e1-e2afbd344055
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 31 Dec 2024 08:06:07 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=21444b75-45eb-4207-bb22-dc5f286db86b&ev=PAGE_VIEW&intg=gtm&pids=21444b75-45eb-4207-bb22-dc5f286db86b&u_c1=561b6444-e79d-4654-aa61-6be09a24e041&cdid=%40-87a9172a-264f-4398-bbf6-44b362ecb570&u_sclid=2a676364-6ce0-4334-99e1-e2afbd344055&u_scsid=b26722aa-d53d-49a7-adc5-01910d5eb3ac&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=2770&m_fcps=2914&m_pi=2770&m_pl=0&m_pv=2&m_rd=3461&m_sh=1200&m_sl=3446&m_sw=1600&pl=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&trackId=a6d8e6f3-d57f-4ea2-b0b9-250b14bfca6c&ts=1735632367305&v=3.35.1-2412242153
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
image/png
server
API Gateway
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&_p=1735632366401&_gaz=1&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1881964228.1735632367&dbk=16279216566823810223&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1881964228.1735632367&dbk=16279216566823810223&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fhairswitchboost.com%3F
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1881964228.1735632367&dbk=16279216566823810223&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fhairswitchboost.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-633CCXW5Y6&cid=1881964228.1735632367&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://hairswitchboost.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame DCF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1881964228.1735632367&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1542649073
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.es/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-633CCXW5Y6&cid=1881964228.1735632367&gtm=45je4cc1v9171594360z89171599442za200zb9171599442&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1395737465
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 31 Dec 2024 08:06:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
adsct
t.co/1/i/ 		43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=Atlantic%2FCanary%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2622%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=8f5ce741-b88c-4db1-b824-7b25678eaba3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48dc71fb-bf44-478b-8ef6-9026919cf6e0&tw_document_href=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.31
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
9a1ee0c2c0c525d7
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7265137582c4becea9b5b81a227fce05ec146de90a12a407d2ce5f35c6689149
cf-cache-status
DYNAMIC
cf-ray
8fa8c4b8efae1bad-MAD
x-response-time
173
content-length
43
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Atlantic%2FCanary%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2622%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=8f5ce741-b88c-4db1-b824-7b25678eaba3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48dc71fb-bf44-478b-8ef6-9026919cf6e0&tw_document_href=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.31
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
7c80a914ceb61f30
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a5dcca29c68db313671b91c4981f5ba3dc484b7e6132ae3f80ae4ef2ff9ccc97
x-response-time
106
content-length
43
date
Tue, 31 Dec 2024 08:06:07 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_f
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		28 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.hairswitchformula.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.hairswitchformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.56 , United States, ASN (),
Reverse DNS
server-3-167-226-56.fra60.r.cloudfront.net
Software
/
Resource Hash
fe191bdf30e6626703d2bdbb056f434eea3dfc89c16ec1be8b919503d9b4c57a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

access-control-expose-headers
date, x-api-id
via
1.1 3f300c751a6713b16b584bdb407eacee.cloudfront.net (CloudFront)
apigw-requestid
Dpbdii70oAMEMgA=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
28
alt-svc
h3=":443"; ma=86400
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
FRA60-P11
x-amz-cf-id
3kejGTzSMx7dBKTZ0xqAjSb8K8xp1WqRdex1Wpp8ngjZp4ied8fGmA==
001ac323a28065f3d332528e5524186644
wave.outbrain.com/mtWavesBundler/handler/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/001ac323a28065f3d332528e5524186644
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
396a44df54c64f3bf2e9d078b103eb02948726b022734e3bd36f1aac28099ad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1735631727478
Content-Encoding
gzip
ETag
W/"d43-hkNBbE3b/lcGVL0t4M/e7hmJ5Fo"
Connection
keep-alive
Expires
Tue, 31 Dec 2024 08:07:07 GMT
Access-Control-Allow-Origin
*
X-CC
ES
Content-Length
1553
X-RG
EU
Date
Tue, 31 Dec 2024 08:06:07 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
188d4c31c22861eb9773d5d507f09d58
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Tue, 31 Dec 2024 08:26:07 GMT
Access-Control-Allow-Origin
*
X-CC
ES
Content-Length
26
X-RG
EU
Date
Tue, 31 Dec 2024 08:06:07 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=08336361704606399&referrer=&cht=gtm&marketerId=001ac323a28065f3d332528e5524186644&name=PAGE_VIEW&dl=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&g=1&zone=euZone1&obApiVersion=1.1&obtpVersion=2.18.156
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
image/gif;
x-traceid
2dc9d441a659f36160d21830dc33bd8b
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=001ac323a28065f3d332528e5524186644
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript
x-traceid
8511e05588370c497a7e629c9d57be43
b-01e6
i.liadm.com/s/c/ Frame 0756 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/b-01e6?duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&euns=1&s=&version=v3.6.0&cd=.hairswitchboost.com&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-01e6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.51.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-51-241.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
682
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 08:06:07 GMT
Request-Time
11
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
trace-id
f953fd1ebaf2dd94
syncframe
gum.criteo.com/ Frame 573B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=hairswitchboost.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=111561&a=112036&a=114338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hairswitchboost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 08:06:07 GMT
server
Kestrel
server-processing-duration-in-ticks
435735
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
main.MWE1OTI4NzI4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		347 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPKKTPRC77U0TG5MGQF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

x-cache
TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id
00-24121913242851B9A3256D87FB1EFE38-1A9B44894D8EC023-00
content-length
97194
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024121913242851B9A3256D87FB1EFE38
server
nginx
x-akamai-request-id
274f50ad
x-tt-trace-host
0198d2766a06980295a28dd4169fc0a10762a81238b19d455c9f09caeff914bd0075eea7bfa28de400c73710f4f085a4fcc0163d193d1aae862607b6e9b3a6bced7c609c940b988affeba2cd140cdc072f5a66f4cdd281c0d552a1c39055bf0f46
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2ip2iyom?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

x-azure-ref
20241231T080607Z-r17d45bc79fdrg9nhC1PAR9dqc0000000d5g00000000cmby
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD267192E6C672"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
6a692859-101e-0017-5bc4-5887d0000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 12:25:39 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffil...
  • https://rp4.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffi...
13 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&wpn=lc-bundle&wpv=v3.6.0&cd=.hairswitchboost.com&c=PHRpdGxlPkhhaXIgU3dpdGNoPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj5UaGlubmluZyBIYWlyIEluIE9sZCBBZ2U_IFRyeSBUaGlzIEhvbWUgUmVtZWR5PC9oMT4&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa&i6=MjAwMTphYzg6MjM6ODc6OjJl&n3pc=true
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
H2
Server
54.225.224.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-224-75.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

x-pixel-event-id
b57fb7a3-5c79-413a-b0f3-6515f9846970
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Tue, 31 Dec 2024 08:06:08 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
https://rp4.liadm.com/j?dtstmp=1735632367549&aid=b-01e6&se=e30&duid=b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam&tv=v3.6.0&pu=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&wpn=lc-bundle&wpv=v3.6.0&cd=.hairswitchboost.com&c=PHRpdGxlPkhhaXIgU3dpdGNoPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj5UaGlubmluZyBIYWlyIEluIE9sZCBBZ2U_IFRyeSBUaGlzIEhvbWUgUmVtZWR5PC9oMT4&pv=692d5b60-9e03-4af0-b818-a2c0c7eccfaa&i6=MjAwMTphYzg6MjM6ODc6OjJl&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://hairswitchboost.com
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

x-cache
TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2411150502435C04946703D4111013E1-2649AB6A07F09C6A-00
content-length
39458
date
Tue, 31 Dec 2024 08:06:07 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502435C04946703D4111013E1
server
nginx
x-akamai-request-id
274f53b4
x-tt-trace-host
012250f769b68e8b62aadc66d48d555072e4078548392c303d871c5140b2e710d68784e87243e84c8668a99a6ea7a1e2e25a552a9760418ccb4f62b6169d8c21898032dfa18d787665fb1d41d45a878b85caa95dce50373be8a2a1f499407c3b9a
pixel
analytics.tiktok.com/api/v2/ 		0
881 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hairswitchboost.com/

Response headers

x-cache-remote
TCP_MISS from a23-218-223-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 31 Dec 2024 08:06:07 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=106, origin; dur=81, inner; dur=78
x-cache
TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 31 Dec 2024 08:06:07 GMT
x-akamai-request-id
503cc60d.274f53b5
access-control-allow-headers
Authorization,*
x-tt-trace-host
01b59571cf771f8d0a99a02338e77cd580ba04c1110216209e0ca9bf93e1dcdf71b3d739a9c6da683cff81c6b77613a7e0382f8cbcbb6dc1d1a30353bd9fd2d20a7e2136b3c98bba7e637f0ecf73fe2f0cbd694e86d1f78568e1116b8d11c3c561d5d66853f83e074b47b8be35dc710221
x-origin-response-time
81,23.218.223.90
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412310806074910BD145F285DCD3F36-4D96CDA8395C3A36-00
content-length
0
x-parent-response-time
178,23.206.213.201
x-tt-logid
202412310806074910BD145F285DCD3F36
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-36-162-208.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hairswitchboost.com/

Response headers

x-cache-remote
TCP_MISS from a23-55-100-9.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 31 Dec 2024 08:06:07 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=176, origin; dur=18, inner; dur=14
x-cache
TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 31 Dec 2024 08:06:07 GMT
x-akamai-request-id
4b2ded57.274f53b6
access-control-allow-headers
Authorization,*
x-tt-trace-host
01b59571cf771f8d0a99a02338e77cd580ba04c1110216209e0ca9bf93e1dcdf71e3bf77f67ab0bbbcdae15c39c72ad9dc0af08a419fb26a7021c08f5c1da7fed206df62352b64ebdf67761c7486f6f14eec881d272f650a92605dea135422159c5e6eb4466006a71a1d302213e013ee72
x-origin-response-time
18,23.55.100.9
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241231080607744022417E6B6CACFADC-3DC89C7383715191-00
content-length
0
x-parent-response-time
174,23.206.213.201
x-tt-logid
20241231080607744022417E6B6CACFADC
server
nginx
p
tr6.snapchat.com/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hairswitchboost.com/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
x-envoy-upstream-service-time
0
server
API Gateway
collect
t.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://hairswitchboost.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://hairswitchboost.com
Date
Tue, 31 Dec 2024 08:06:08 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
p
tr.snapchat.com/ 		0
91 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hairswitchboost.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://hairswitchboost.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 31 Dec 2024 08:06:07 GMT
server
API Gateway
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.hairswitchformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.56 , United States, ASN (),
Reverse DNS
server-3-167-226-56.fra60.r.cloudfront.net
Software
/
Resource Hash
c0f59fafaebb069cbae88d505d071c5dceeaaff8ce2433faa8e08eab3927f37a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://hairswitchboost.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
076918e6-000e-5a5d-b90b-470ba83eb57d
via
1.1 3f300c751a6713b16b584bdb407eacee.cloudfront.net (CloudFront)
apigw-requestid
DpbdnhygIAMEMYQ=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
514
alt-svc
h3=":443"; ma=86400
date
Tue, 31 Dec 2024 08:06:08 GMT
content-type
text/xml
x-amz-cf-pop
FRA60-P11
x-amz-cf-id
1kDeO4NDaOwKjXP9jKuhmqR_0nKKQ7KI5FKA72-_q7DjqAumVKWMzw==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.56 , United States, ASN (),
Reverse DNS
server-3-167-226-56.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hairswitchboost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
32351
alt-svc
h3=":443"; ma=86400
apigw-requestid
DoMevgBHoAMESyw=
date
Mon, 30 Dec 2024 23:06:57 GMT
via
1.1 3f300c751a6713b16b584bdb407eacee.cloudfront.net (CloudFront)
x-amz-cf-id
b84wr_i9cSvZR36BmpL0N-s6Io1bMWlsRVz5bvTPRwKaqaJbdMHmvg==
x-amz-cf-pop
FRA60-P11
x-cache
Hit from cloudfront
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: hairswitchboost.com
URL: https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 31 Dec 2024 08:06:09 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Methods
GET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&RedC=c.clarity.ms&MXFR=2984A813B87B6FD43966BD75BC7B6189
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&MUID=04D0C62D0AF966CA38EFD34B0B4D676C
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&MUID=04D0C62D0AF966CA38EFD34B0B4D676C
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Tue, 31 Dec 2024 08:06:09 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=44B791CA5BDD4B7DA1647B83C375FD5A&MUID=04D0C62D0AF966CA38EFD34B0B4D676C
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8E8750EED9B74374A30AC4140EAA4D21 Ref B: PRAEDGE1005 Ref C: 2024-12-31T08:06:09Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Tue, 31 Dec 2024 08:06:09 GMT
x-powered-by
ASP.NET
favicon.png
hairswitchboost.com/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hairswitchboost.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.96.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
hairswitchboost.com
Software
nginx / Express
Resource Hash
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/?utm_source=cpa&utm_medium=affiliate&utm_content=hairswitchvsl&utm_campaign=hairswitchcpa&affid=740&oid=122&uid=0&_ef_transaction_id=1ff475376b814460bc4c78c465153ef8&n=6122

Response headers

Cache-Control
public, max-age=0
ETag
W/"788-18c7d2ce98c"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1928
Date
Tue, 31 Dec 2024 08:06:09 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Mon, 18 Dec 2023 13:45:44 GMT
collect
t.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://hairswitchboost.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://hairswitchboost.com
Date
Tue, 31 Dec 2024 08:06:09 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hairswitchboost.com
Referer
https://fonts.googleapis.com/

Response headers

age
600086
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:24:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:24:43 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
collect
t.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://hairswitchboost.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://hairswitchboost.com
Date
Tue, 31 Dec 2024 08:06:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360za200zb9171599442&_p=1735632366401&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1881964228.1735632367&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735632367&sct=1&seg=0&dl=https%3A%2F%2Fhairswitchboost.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dhairswitchvsl%26utm_campaign%3Dhairswitchcpa%26affid%3D740%26oid%3D122%26uid%3D0%26_ef_transaction_id%3D1ff475376b814460bc4c78c465153ef8%26n%3D6122&dt=Hair%20Switch&en=scroll&epn.percent_scrolled=90&_et=45&tfd=8556
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9171599442za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hairswitchboost.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://hairswitchboost.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 08:06:12 GMT
content-type
text/plain
server
Golfe2
event
sslwidget.criteo.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.quora.com
URL
https://a.quora.com/qevents.js
Domain
sslwidget.criteo.com
URL
https://sslwidget.criteo.com/event?a=%5B111561%2C112036%2C114338%5D&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=MVeBeF9KbUFlYnRMcmlDUnJ0c2lUJTJCMGxXM1AlMkZHN0hIRFFpTE93am9vNDlJMTdzR1UlMkZNMEh0Z1drUHNsSUxjUlBZUnAlMkYlMkZvT2tGTGcxTlU3QnJGREY3SlllbndqOEVlV2ZRVFRYVXF6WTZyM0sxbjY0NGc0aThHWkdWM3ROUSUyRk15NGY1NUlSZjNBZXY0TyUyQjlVdjhpRkxoSWQ4ZHZodmxVTTZaeDMlMkJlQkpQMTM2cnZ3JTNE&sc=%7B%22fbp%22%3A%22fb.1.1735632367153.730929739995918770%22%2C%22ttp%22%3A%22lRu3JbYzx9YOhOO4t87U_MrMoq3.tt.1%22%7D&tld=hairswitchboost.com&dy=1&fu=https%253A%252F%252Fhairswitchboost.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dhairswitchvsl%2526utm_campaign%253Dhairswitchcpa%2526affid%253D740%2526oid%253D122%2526uid%253D0%2526_ef_transaction_id%253D1ff475376b814460bc4c78c465153ef8%2526n%253D6122&ceid=f606b025-95cb-41a5-a405-77beee6a8719

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data function| qp string| qpGtm function| snaptr string| TiktokAnalyticsObject object| ttq function| twq function| clarity function| obApi function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| _scPxHelper object| _scPxTeller object| gaGlobal object| regeneratorRuntime object| twttr object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit function| gtag object| webpackChunkconversion_pixel_tag object| obtpeuZone1 object| dynamicTagConfig object| Criteo object| criteo_q object| LI object| liQHub object| liQ object| liQ_instances object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| obBundle

63 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 40d9ebe90b3b49959b010f40e839335f
i.liadm.com/s Name: _li_ss
Value: CjYKBQgKENwZCgYI3QEQ3BkKBgilARDcGQoGCOEBENwZCgYIogEQ3BkKBgjSARDcGQoFCH4Q3Bk
.liadm.com/j Name: lidid
Value: 6db88b6d-b103-4530-acb1-e6b207195373
.clkmg.com/ Name: vid
Value: 1111553031
www.bg6yrfg.com/ Name: uniqueClick_72DQR3
Value: 79372ed4-9327-437a-9b6e-48cd8d988a3b:1735632365
www.bg6yrfg.com/ Name: transaction_id
Value: 1ff475376b814460bc4c78c465153ef8
.youtube.com/ Name: YSC
Value: qiljlZJ6UIM
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: CJPft9ew7eLE2AEQkNq8tcbRigMYkNq8tcbRigM%3D
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2h9qeF_BzAU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJFUxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgbg%3D%3D
secure.hairswitchformula.com/ Name: AWSALBCORS
Value: HA9djpvivBT4XFOhpGdq2GGA43LZnRZNR1bzkUermqx9/uCQDAD9a4qwJ3BZsKfM9cI7TykAGcsM/QQdmfaWhFhedXMUhR7B/CLlQyJSm9VLaKbVJXrNODMxXtmB
.hairswitchboost.com/ Name: _gcl_au
Value: 1.1.1802574102.1735632367
.hairswitchboost.com/ Name: _fbp
Value: fb.1.1735632367153.730929739995918770
.hairswitchboost.com/ Name: _scid
Value: tDxWG2RE551VVMZha-CaJOBBEpeMQli_
.hairswitchboost.com/ Name: _scid_r
Value: tDxWG2RE551VVMZha-CaJOBBEpeMQli_
secure2.hairswitchformula.com/ Name: AWSALBCORS
Value: Lt6B+JLr0PMygfUCbbpoL6p+JMTYUg3x5X45p0YCnzf2v/WFuhh6EhnHfjSBTdu4AJkrdY0mu2/ulIiVp2FFXN+VlduodhQH1td6vyL97RgZ3ADPatU7tWqwyQi/
.hairswitchboost.com/ Name: _ga
Value: GA1.1.1881964228.1735632367
.hairswitchboost.com/ Name: _ga_633CCXW5Y6
Value: GS1.1.1735632367.1.0.1735632367.60.0.0
.tiktok.com/ Name: _ttp
Value: 2qyQWcNTV6IpyX1bLWVLJOiAXqK
.hairswitchboost.com/ Name: _li_dcdm_c
Value: .hairswitchboost.com
.hairswitchboost.com/ Name: _lc2_fpi
Value: b46772cd8c85--01jgdw0bt3rp8d7p4gyj3b4pam
www.clarity.ms/ Name: CLID
Value: 62d7bfe43d6b4521baa2d1ae8b757315.20241231.20251231
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIxEPQcXjCFAxvmxJc2UElsUhuJvm1JgaOlz9uwQwbjmJDbdYH3OvBcTIAAAA=
.doubleclick.net/ Name: ar_debug
Value: 1
.hairswitchboost.com/ Name: _ScCbts
Value: %5B%5D
.hairswitchboost.com/ Name: _clck
Value: 1b0rqw0%7C2%7Cfs6%7C0%7C1826
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 70fb6626-ad6a-48ee-91ab-3a4cf6a89c80
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.hairswitchboost.com/ Name: _tt_enable_cookie
Value: 1
.hairswitchboost.com/ Name: _ttp
Value: lRu3JbYzx9YOhOO4t87U_MrMoq3.tt.1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173563236764544816
.twitter.com/ Name: guest_id_ads
Value: v1%3A173563236764544816
.twitter.com/ Name: personalization_id
Value: "v1_MHk3GiSaxGl8SsmqITy+sg=="
.twitter.com/ Name: guest_id
Value: v1%3A173563236764544816
.t.co/ Name: muc_ads
Value: 67ec5737-0911-4eab-9e4b-d3776126a969
.t.co/ Name: __cf_bm
Value: QHFIfa8NZlQLwDGzKNLXvFpQX2deK7cmCtxhwHN3jkE-1735632367-1.0.1.1-TqIC6jSCggqDShDgoyzpXc_B.r3ZpQ4SF60V7lD0VN7Wl5rdiWZZA.U2FdI0HvjVgRAxTpNfV8AxYY9sB8Bo6A
.hairswitchboost.com/ Name: cto_bundle
Value: MVeBeF9KbUFlYnRMcmlDUnJ0c2lUJTJCMGxXM1AlMkZHN0hIRFFpTE93am9vNDlJMTdzR1UlMkZNMEh0Z1drUHNsSUxjUlBZUnAlMkYlMkZvT2tGTGcxTlU3QnJGREY3SlllbndqOEVlV2ZRVFRYVXF6WTZyM0sxbjY0NGc0aThHWkdWM3ROUSUyRk15NGY1NUlSZjNBZXY0TyUyQjlVdjhpRkxoSWQ4ZHZodmxVTTZaeDMlMkJlQkpQMTM2cnZ3JTNE
hairswitchboost.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1735632367832%7D
.liadm.com/ Name: lidid
Value: 6db88b6d-b103-4530-acb1-e6b207195373
.hairswitchboost.com/ Name: ucacid
Value: 90534605.005271
.doubleclick.net/ Name: IDE
Value: AHWqTUnPRGTtfnSuPAqvUl3llPhdXwEkxAgrEbDzNWOUFX2vs0R7C5k1Up0VJZNM
.hairswitchboost.com/ Name: _clsk
Value: 1dclt8%7C1735632368168%7C1%7C1%7Ct.clarity.ms%2Fcollect
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.demdex.net/ Name: demdex
Value: 74325923108573202011623938684641482595
.turn.com/ Name: uid
Value: 4404219292709250309
.dpm.demdex.net/ Name: dpm
Value: 74325923108573202011623938684641482595
.rezync.com/ Name: zync-uuid
Value: 3f104a67-966d-49b6-b54b-3e8aa424274c:1735632368.240224
hairswitchboost.com/ Name: /:watchVideoTime:RQnbnuqx10k
Value: 0
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjEysbQwMDU3MBPiM9QNiwrKNvZ3Lsgvc4sEAAlDBqElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXB0RWAIAwDwB_XqQ_SkILbtKiDOLl33yF_e2MqbEm3cZWsBsv8mZkEEdxXDx9yuOYJNoA_GME9FDkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjEysbQwMDU3MBPiM9QNiwrKNvZ3Lsgvc4sEAAlDBqElAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRWAIAwFwAmsmCM-knx-wG0AdSBLSye19FneXYl-akZnSCN3QRuUUTDEj9o7DBaYm4YXujnrashmuNPyHdWfv_ECpmDxHFkAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNy00OgyAQQOG7zFoamBmGn8sYUJqQVtqIbmq8e1m-5HsXzN-yb6mVdkA89rNMsLzrqA7xgl5_W3lBBGuICIMlRg5eW6cF7gl66b1-2lzXYehpNCdxKoisikMWlS1nRcWnND50vETjyAohiX8ga0SG-w97JiT_.Z3Ol8A.dyaeMZzJxdx8LQPohDhZZ_LjObs
.rlcdn.com/ Name: rlas3
Value: f2mbG6Y/TwiOH803gIrye/5imHDMbRVdYhKwV0JZvKg=
.rlcdn.com/ Name: pxrc
Value: CPHLzrsGEgUI6AcQABIGCLbqARAA
.bing.com/ Name: MUID
Value: 04D0C62D0AF966CA38EFD34B0B4D676C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 04D0C62D0AF966CA38EFD34B0B4D676C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 04D0C62D0AF966CA38EFD34B0B4D676C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://a.quora.com/qevents.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14623190.fls.doubleclick.net
a.quora.com
ad.doubleclick.net
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
b-code.liadm.com
c.bing.com
c.clarity.ms
cdn.attn.tv
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hairswitchboost.com
i.liadm.com
q.quora.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
sc-static.net
secure.hairswitchformula.com
secure2.hairswitchformula.com
service3.purehealthresearch.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.clarity.ms
t.co
td.doubleclick.net
tr.outbrain.com
tr.snapchat.com
tr6.snapchat.com
track.medlinealerts.com
wave.outbrain.com
www.bg6yrfg.com
www.clarity.ms
www.clkmg.com
www.facebook.com
www.google.com
www.google.es
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
yan.soundestlink.com
a.quora.com
sslwidget.criteo.com
104.244.42.3
13.74.129.1
134.209.162.206
142.250.181.228
142.250.186.166
146.75.120.157
157.240.0.35
157.240.0.6
162.159.152.17
172.217.16.134
172.217.18.3
172.64.145.78
172.66.0.227
18.244.20.50
188.114.97.3
20.114.189.70
2001:4860:4802:32::36
23.35.237.86
23.36.162.208
2600:1f18:730:b110:5e2a:4542:4d7d:879a
2600:9000:223c:4a00:1c:9484:cec0:93a1
2600:9000:27e6:f000:8:8845:1500:93a1
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9b
2a02:2638:3::7
2a02:2638:3::c
3.163.248.4
3.167.226.56
34.107.199.247
35.169.51.241
35.190.43.134
44.240.169.52
52.3.10.31
54.225.224.75
68.183.96.179
70.42.32.31
76.223.24.108
0372380ae086408bc3d0599991aa376708dcd211f84dbb64e4bfa7c40971dc05
0f58ea5bd0a4a8ed84c2bd5ae55bac950d22107b8be615a734f18e29702428d9
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2fb0c71aaeef4eb19baa8b30899d9cec72bf9b35c7b1f898f9648a813a90d407
300a8a5d2745578efb5cc8c55d73f2443e395df85fe5cc7df01a05f8ebf694c6
332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067
354137a6f4fd72766a217bf2c006edf4633cb01a68bc2d44a50a8f9c2d5c3b5a
396a44df54c64f3bf2e9d078b103eb02948726b022734e3bd36f1aac28099ad1
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3df6e0c489bf83be1f0aa0cef0a860261aceb39ce93b02c6da6ade72b1e018a2
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
653b426c068ce6dfa6a88b461a10d3807f3907519068bd89afeba4dbbab9f2c7
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
7b3d3bac5b7ed1d9bd1e1db99d2ec34556d93e0d173422c08bf61ca733d319bd
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
843d4d6c9bca8374c20506dc035da138640c47135e58d27852826f83cb1213d8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c658e333e4c946e766ba4bb70b2f878e6bb4ca08d32b37e61ffdeee6319be68
9eac8a7ae3a6a461f1725dc1c98455e91040d6f74ac90678024bcf2c77014d5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c0f59fafaebb069cbae88d505d071c5dceeaaff8ce2433faa8e08eab3927f37a
c409ba9c51251919d1a613baa3ecdf4e3daba5b7ed733a0f46518739ca4bd372
cc3647ce9791fac658dfaf49e4e300f95184283d9887dbf48a30763cc3c70cc6
d07b7d555d137fb87c34cd1a4a8b7292b04c94c04459bf125f5b3a765fcb9156
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005
ef163c8e28946c194754c6b2c05982b042752c9b6b15ae7e666fd81aafeeec34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4234ea4a0709feb048abb7b794020292d0044eeb8c82887157b5d60b7281759
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd
fe191bdf30e6626703d2bdbb056f434eea3dfc89c16ec1be8b919503d9b4c57a