login.haircut.page Open in urlscan Pro
2600:9000:21f3:4e00:1f:6e07:2f80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.haircut.page/
Submission: On March 04 via automatic, source certstream-suspicious (March 4th 2023, 7:50:27 pm UTC) — Scanned from DE

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 76 HTTP transactions. The main IP is 2600:9000:21f3:4e00:1f:6e07:2f80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is login.haircut.page.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 4th 2023. Valid for: a year.

This is the only time login.haircut.page was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:21f... 2600:9000:21f3:4e00:1f:6e07:2f80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.122.95 18.66.122.95	16509 (AMAZON-02) (AMAZON-02)
1	34.96.106.200 34.96.106.200	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.8.157 151.101.8.157	54113 (FASTLY) (FASTLY)
8	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5 13	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2600:9000:212... 2600:9000:2127:b400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
15	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:212... 2600:9000:2127:4400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.188.165.239 54.188.165.239	16509 (AMAZON-02) (AMAZON-02)
76	27

5 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

login.haircut.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-95.fra60.r.cloudfront.net

cdn.freshmarketer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.200 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 200.106.96.34.bc.googleusercontent.com

static.parastorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.8.157 (Singapore)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:b400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:4400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.188.165.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-165-239.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	stripe.com js.stripe.com — Cisco Umbrella Rank: 1051 q.stripe.com — Cisco Umbrella Rank: 6717 r.stripe.com — Cisco Umbrella Rank: 4126 m.stripe.com — Cisco Umbrella Rank: 1056	334 KB
10	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9427	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 firebase.googleapis.com — Cisco Umbrella Rank: 6136 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 567	7 KB
5	haircut.page login.haircut.page	11 MB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 564 px4.ads.linkedin.com — Cisco Umbrella Rank: 6058	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	223 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3674	73 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	210 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1159	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 6149	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	421 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813	737 B
2	gstatic.com fonts.gstatic.com	76 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 628	393 B
1	t.co t.co — Cisco Umbrella Rank: 536	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 633	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 704	5 KB
1	parastorage.com static.parastorage.com — Cisco Umbrella Rank: 5326	23 KB
1	freshmarketer.com cdn.freshmarketer.com — Cisco Umbrella Rank: 45247	105 KB
76	22

	Domain	Requested by
10	mc.yandex.com	3 redirects login.haircut.page mc.yandex.ru
10	r.stripe.com	js.stripe.com
8	js.stripe.com	login.haircut.page js.stripe.com
5	q.stripe.com	login.haircut.page
5	login.haircut.page	login.haircut.page
4	connect.facebook.net	login.haircut.page connect.facebook.net
3	mc.yandex.ru	2 redirects login.haircut.page
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	login.haircut.page www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.facebook.com	login.haircut.page
2	www.google.de	login.haircut.page
2	www.google.com	login.haircut.page
2	stats.g.doubleclick.net	www.google-analytics.com
2	firebaseinstallations.googleapis.com	login.haircut.page
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	firebase.googleapis.com	login.haircut.page
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	login.haircut.page
1	m.stripe.com	m.stripe.network
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.twitter.com	login.haircut.page
1	t.co	login.haircut.page
1	px4.ads.linkedin.com	login.haircut.page
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	login.haircut.page
1	snap.licdn.com	www.googletagmanager.com
1	static.parastorage.com	login.haircut.page
1	cdn.freshmarketer.com	login.haircut.page
76	30

This site contains no links.

Subject Issuer	Validity	Valid
login.haircut.page Amazon RSA 2048 M01	`2023-03-04` - `2024-04-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.freshmarketer.com Amazon RSA 2048 M01	`2023-02-28` - `2023-06-28`	4 months	crt.sh
*.parastorage.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-04-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-12`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://login.haircut.page/
Frame ID: B72969380AC0CED97F90EBE6C798CAD8
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
Frame ID: 738FF564A66B0B1835F8E9EC5663C1DB
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: BBE0CE644E201389F3F9217E82820986
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E6904268D7E2230D4EA42735ACB9F26D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Platform

Detected technologies

Wix (CMS) Expand

Overall confidence: 100%
Detected patterns

static\.parastorage\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Freshmarketer (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.freshmarketer\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

76
Requests

93 %
HTTPS

67 %
IPv6

22
Domains

30
Subdomains

27
IPs

6
Countries

12172 kB
Transfer

14760 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1604769%252C1727537%26time%3D1677959420310%26url%3Dhttps%253A%252F%252Flogin.haircut.page%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true&e_ipv6=AQJW5Fxc8PIjEAAAAYauLNua3qQPRm6fDNzcselq3pK6F3Dwa9hao8FXJJSSgfkSoNtZ9dVFFHbCJw

Request Chain 56

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9932.cO78lIxCgAJZ2ztVqvVliX1zGedUc1LAccZQJGGNoitd2ot4wJhn2Rv6Sr7vDjgi.thocBgaQ3of2xmVf6u3UXLBZiBQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9932.8Ja9TBL-CZ9VGugyTcT4F0LFH3pFg8Q-m5C8DaRG1qgviminiHvJqqYkpp6Xt338Y7cuHNtZwzYyZOiFUb45p2d_Cbnn5c9dIql7W5H9Jbg%2C.Us7RR4gNp11SlUtLUxyLNiSGx7Q%2C

Request Chain 58

https://mc.yandex.com/watch/66086482?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1248905187759%3Ahid%3A745023518%3Az%3A0%3Ai%3A20230304195020%3Aet%3A1677959421%3Ac%3A1%3Arn%3A255983257%3Arqn%3A1%3Au%3A1677959421705439762%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A47%2C22%2C79%2C1%2C0%2C0%2C%2C1029%2C0%2C%2C%2C%2C1179%3Aco%3A0%3Acpf%3A1%3Ans%3A1677959419127%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677959421%3At%3APlatform&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/66086482/1?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1248905187759%3Ahid%3A745023518%3Az%3A0%3Ai%3A20230304195020%3Aet%3A1677959421%3Ac%3A1%3Arn%3A255983257%3Arqn%3A1%3Au%3A1677959421705439762%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A47%2C22%2C79%2C1%2C0%2C0%2C%2C1029%2C0%2C%2C%2C%2C1179%3Aco%3A0%3Acpf%3A1%3Ans%3A1677959419127%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677959421%3At%3APlatform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 59

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9932.W8gPfu1_zv3krDCTLXWNo67gWpE-4uwN-4hWHJgJXefR92kL4-4VykfNTndaup9k.KFrWmFxSKo_J07nWd0XYcSdnEiA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9932.QAM102mCxwsxLyj9jDlp3ctmXcI4v-AjfhjrCgI8d7LvipAjaMnppDjOj9lOZIj3iDVhJur-kPqu6cyVzZzElXs_OEHsq9Gg0XCJwV9nHok%2C.tYsQr2x_XTxQ07_6WacUACS5n50%2C

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.haircut.page/ 7 KB
7 KB 148ms
79ms Document
text/html 2600:9000:21f3:4e00:1f:6e07:2f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0c5b8b8466540190850c20140873f229128a7c0380a2271da950adc75ba9593

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 7260
content-type: text/html
date: Sat, 04 Mar 2023 19:50:20 GMT
etag: "dac26e8a2231bc49c1e0bd6260dd723d"
last-modified: Fri, 23 Dec 2022 07:21:06 GMT
server: AmazonS3
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-id: -DBF-IZW9n3fTyL0gjW1KSZxjjGhLuzwN_OSO9XbbdDi200Jhl2-_w==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 749 B
795 B 135ms
52ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla&display=swap

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3298b164220bf48078b99eb19740d95f8a4345c8077c3215d45e7f38e48a0d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Mar 2023 19:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 19:39:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Mar 2023 19:50:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 121 KB
5 KB 143ms
59ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:ital,wght@0,400;0,900;1,400;1,900&family=Archivo:ital@0;1&family=B612:ital@0;1&family=BioRhyme&family=Cairo:wght@400;900&family=Concert+One&family=Crimson+Text:ital@0;1&family=Fjalla+One&family=Fondamento:ital@0;1&family=Lato:ital,wght@0,400;0,900;1,400;1,900&family=Lora:ital@0;1&family=Modak&family=Montserrat:ital,wght@0,400;0,900;1,400;1,900&family=Nunito+Sans:ital,wght@0,400;0,900;1,400;1,900&family=Open+Sans:ital@0;1&family=Oswald&family=PT+Sans:ital@0;1&family=Playfair+Display:ital,wght@0,400;0,900;1,400;1,900&family=Prompt:ital,wght@0,400;0,900;1,400;1,900&family=Raleway:ital,wght@0,400;0,600;0,700;0,800;0,900;1,400;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,400;0,900;1,400;1,900&family=Rubik:ital,wght@0,400;0,900;1,400;1,900&family=Source+Sans+Pro:ital,wght@0,400;0,900;1,400;1,900&family=Teko&family=Titillium+Web:ital,wght@0,400;0,900;1,400&family=Ubuntu:ital@0;1&family=Varela&family=Vollkorn:ital,wght@0,400;0,900;1,400;1,900&family=Work+Sans:ital,wght@0,400;0,900;1,400;1,900&display=swap

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10de3720239442e8b0cdbd2173382ee233bcbd516fd4998af45d739dbebffbd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Mar 2023 19:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 19:50:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Mar 2023 19:50:19 GMT

GET
H2 200 1599029.js Show response
cdn.freshmarketer.com/583534/ 389 KB
105 KB 496ms
445ms Script
text/javascript 18.66.122.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.freshmarketer.com/583534/1599029.js
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b919d41f83a879b80098bc8fec1fd5a02a8b6e4519853f2861cb43fab3e3db3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: aexnEaXOkACBetaB8XtDL5auOvmcXrbY
content-encoding: gzip
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
date: Sat, 04 Mar 2023 19:50:20 GMT
last-modified: Fri, 17 Feb 2023 09:36:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"50505c73fc33cbdf918c3f531141321c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
x-amz-cf-id: t-yx7f7hQc92SU0lLeNTdznm9pxridq7Fw2zUw0b_5_PqQqGq4Lmng==

GET
H2 200 2.99eb91e6.chunk.css
login.haircut.page/static/css/ 133 KB
133 KB 138ms
137ms Stylesheet
text/css 2600:9000:21f3:4e00:1f:6e07:2f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.haircut.page/static/css/2.99eb91e6.chunk.css
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c866de337cad1797f4da1bc79404762187138204c767bbffa90440eebc7a12cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 07:21:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "39c544aceef82a24ff794ebb7e949f6b"
x-cache: Miss from cloudfront
content-type: text/css
content-length: 135938
x-amz-cf-id: 8nFFvdwL9l4q_wUotAH2iojLoChZGjJLZcwpMHIoE5k9x4rT8rSu6A==

GET
H2 200 main.c3c39b2e.chunk.css
login.haircut.page/static/css/ 182 KB
182 KB 123ms
122ms Stylesheet
text/css 2600:9000:21f3:4e00:1f:6e07:2f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.haircut.page/static/css/main.c3c39b2e.chunk.css
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496994f6333d8bae723739501e57280bb97e13bc3a002fbda9209678f7fd9a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 07:21:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "1907694447af765ae04182411d3a0426"
x-cache: Miss from cloudfront
content-type: text/css
content-length: 186330
x-amz-cf-id: oXcCR9_2Ea16McDCgaVbLJ3MGX-5R8vFKQnN0lO898yANjFiRFWmpw==

GET
H2 200 wix.min.js Show response
static.parastorage.com/services/js-sdk/1.537.0/js/ 100 KB
23 KB 120ms
15ms Script
application/javascript 34.96.106.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.10 /
Resource Hash: 365c579b5f25a1b0157ae3ec0a4849dc364d141a641c5e3aa3a8267286b8aae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ys3LzRDsOQzzQWt5vTQtKJmH6kA1.Q2c
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 google
date: Fri, 17 Feb 2023 02:21:21 GMT
age: 1358938
x-cache-status: HIT
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22871
x-wix-request-id: 1676600481.006310338779455754
last-modified: Wed, 29 Jul 2020 09:34:49 GMT
server: Pepyaka/1.19.10
etag: "7712dcae0e50b7d91fac1fd1dffe0568"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 925921688 302516241
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVcyc3RE2AEtYWQGVQ/2ywuOgeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 2.b8415196.chunk.js Show response
login.haircut.page/static/js/ 7 MB
7 MB 131ms
130ms Script
application/javascript 2600:9000:21f3:4e00:1f:6e07:2f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.haircut.page/static/js/2.b8415196.chunk.js
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40d1d6f5e1760a8a4e9e656c76080dadd7d9d661c2d559bf6b8086b6932a4eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 07:21:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "6813cc4d53fd6fc12192808ff620a28c"
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 7373214
x-amz-cf-id: aKViDB2snPDpz5LeqO3XJ5WsYDbWN1gv_JhoRP_qRqQKjWeBCJw8QA==

GET
H2 200 main.2f5ab81b.chunk.js Show response
login.haircut.page/static/js/ 3 MB
3 MB 103ms
102ms Script
application/javascript 2600:9000:21f3:4e00:1f:6e07:2f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.haircut.page/static/js/main.2f5ab81b.chunk.js
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30592d71d65f4b32975650e691bec8abc502fdf46ad58895a3d1cfcfa927637f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 07:20:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8072073cd6835ac6613215fdfe47e7c3"
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 3607812
x-amz-cf-id: nG6K9WOLGmNzl_HKD2-SsjT_phFypdnkQBUVep7_EpNuFz8xlIeFyw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
76 KB 66ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7QXCC9

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

692a52c42813606005943ed274e416aa18112695bceb47fb5e5662b8d2bcbd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77819
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Mar 2023 19:50:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 04 Mar 2023 19:50:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ch96IwVOhUW3PtUxciN8SIS9Tcgo/Alp3+UQpIIrfRlWU3aBx9yCuh6DBvqrMchIoAgfwuo1JUie+54F8i5/9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7QXCC9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1840
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Mar 2023 21:19:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 38ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7QXCC9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=53663
accept-ranges: bytes
content-length: 4777

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d236c49864f3876cf4c59df5c38cf5394d83de06e784f1779239643f1d5da4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:19 GMT
content-md5: kw0Zjn0v76ptB+76+OXYKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: YGMnrqFoEWGuzsenGR45xFbtFyzfaYmjYa39DIvd+MqkxhVmwKgmDApLSFzJRhoHzVP8zGBLudLMLTsAFxpo6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 7e8d4fe4f88797f786e387701820b971
cross-origin-opener-policy: same-origin-allow-popups
etag: "e4d0d77bbac3de671a112ca826b24742"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 04 Mar 2023 19:54:52 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 65ms
17ms Script
application/javascript 151.101.8.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.8.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-bru1480050-BRU

GET
H2 200 v3 Show response
js.stripe.com/ 438 KB
118 KB 110ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/static/js/2.b8415196.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

379e9964b89c3a34788397d3922c33a71d33b37fa9cc5fee89100a649211ea55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 varnish
age: 40
x-cache: HIT
content-length: 120392
x-request-id: 3339ecdc-52a6-4905-9dc3-6b9be48d8555
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 03 Mar 2023 22:12:22 GMT
server: Fastly
etag: "5d0a5abdc95ed2ece9003d7cad46ad47"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 178ms
60ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:ital,wght@0,400;0,900;1,400;1,900&family=Archivo:ital@0;1&family=B612:ital@0;1&family=BioRhyme&family=Cairo:wght@400;900&family=Concert+One&family=Crimson+Text:ital@0;1&family=Fjalla+One&family=Fondamento:ital@0;1&family=Lato:ital,wght@0,400;0,900;1,400;1,900&family=Lora:ital@0;1&family=Modak&family=Montserrat:ital,wght@0,400;0,900;1,400;1,900&family=Nunito+Sans:ital,wght@0,400;0,900;1,400;1,900&family=Open+Sans:ital@0;1&family=Oswald&family=PT+Sans:ital@0;1&family=Playfair+Display:ital,wght@0,400;0,900;1,400;1,900&family=Prompt:ital,wght@0,400;0,900;1,400;1,900&family=Raleway:ital,wght@0,400;0,600;0,700;0,800;0,900;1,400;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,400;0,900;1,400;1,900&family=Rubik:ital,wght@0,400;0,900;1,400;1,900&family=Source+Sans+Pro:ital,wght@0,400;0,900;1,400;1,900&family=Teko&family=Titillium+Web:ital,wght@0,400;0,900;1,400&family=Ubuntu:ital@0;1&family=Varela&family=Vollkorn:ital,wght@0,400;0,900;1,400;1,900&family=Work+Sans:ital,wght@0,400;0,900;1,400;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.haircut.page
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:08:31 GMT
x-content-type-options: nosniff
age: 200509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:08:31 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 147ms
29ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.haircut.page
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 342863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 20:35:57 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:852084246621:web:404038fa980e93859825b4/ 345 B
421 B 32ms
31ms Fetch
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:852084246621:web:404038fa980e93859825b4/webConfig

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/static/js/2.b8415196.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34476af57d6d8fb4f1d1ac535118b8599a373158741f440bdb466d2c2646a8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://login.haircut.page/
x-goog-api-key: AIzaSyB3gOJKjnxztSV8xF2pO3FvTyqFRJgR5FY
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://login.haircut.page
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:852084246621:web:404038fa980e93859825b4/ Frame 0
0 78ms
23ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:852084246621:web:404038fa980e93859825b4/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://login.haircut.page
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://login.haircut.page
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 04 Mar 2023 19:50:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 255ms
94ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Sat, 04 Mar 2023 20:50:20 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1604769,1727537/domain/login.haircut.page/ 36 B
370 B 257ms
182ms XHR
application/json 2600:9000:2127:b400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1604769,1727537/domain/login.haircut.page/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: MY5HDE_LBj3xIPCtWmmUoTltyPKWKER_qVzfb_dIElieCGth0S9YBw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1604769%252C1727537%26time%3D1677959420310%26url%3Dhttps%253A%252F%252Flogin.hair...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true&e_ipv6=AQJW5Fxc8PIjEAAAAYauLNua3qQPRm6fDNzcselq3pK6F3Dwa...

0
481 B

211ms
179ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true&e_ipv6=AQJW5Fxc8PIjEAAAAYauLNua3qQPRm6fDNzcselq3pK6F3Dwa9hao8FXJJSSgfkSoNtZ9dVFFHbCJw
Requested by: Host: login.haircut.page
URL: https://login.haircut.page/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A99C28990E85473393C401F77CE319A9 Ref B: FRAEDGE1305 Ref C: 2023-03-04T19:50:20Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2GF88+nfhJDU6OCm0yQ==

Redirect headers

date: Sat, 04 Mar 2023 19:50:20 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D8157DF7521C4D6B8162CAF2FE738A1E Ref B: FRAEDGE1314 Ref C: 2023-03-04T19:50:20Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1604769%2C1727537&time=1677959420310&url=https%3A%2F%2Flogin.haircut.page%2F&liSync=true&e_ipv6=AQJW5Fxc8PIjEAAAAYauLNua3qQPRm6fDNzcselq3pK6F3Dwa9hao8FXJJSSgfkSoNtZ9dVFFHbCJw
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2GF85uz0/uni/iWWGCQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1604769,1727537/domain/login.haircut.page/ 36 B
367 B 257ms
183ms XHR
application/json 2600:9000:2127:b400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1604769,1727537/domain/login.haircut.page/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: fB7QGUBt2ULnweCgV0zOZmuhwQWlxi91zjlfBBdQTD_q2mbCe89x9w==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 21ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=684559214&t=pageview&_s=1&dl=https%3A%2F%2Flogin.haircut.page%2F&ul=en-us&de=UTF-8&dt=Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=258158798&gjid=145701470&cid=1362433967.1677959420&tid=UA-101921015-1&_gid=1321078497.1677959420&_r=1&_slc=1&gtm=45He3310n81K7QXCC9&z=1191479305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.haircut.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 21ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=684559214&t=pageview&_s=1&dl=https%3A%2F%2Flogin.haircut.page%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1313143954&gjid=844316449&cid=1362433967.1677959420&tid=UA-101921015-1&_gid=1321078497.1677959420&_r=1&z=838822202

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.haircut.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2866216793404535 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2866216793404535?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe0aefbfcc30b8e2fe7e5d7c5e11669b363e43272d2bf26f684960340eb5e59a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 04 Mar 2023 19:50:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: C5Dw/ZmP6dhgD0pGFirqN1PNj7QUCqd/ubRK5+NGk5iYhVagRx/7FmPK8JEqzk+2AwPpk1CMSc77Q4EF5idGig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7dd70e61a64d038755b3eabbb58060c7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fef3eb70b14e47fdb07207f94dd80543cc37d6000fe66097046efbb41e7700a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.haircut.page/
Origin: https://login.haircut.page
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:20 GMT
content-md5: z1m1vs8pGYnXZdeZCZ7xVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87054
x-fb-rlafr: 0
x-fb-debug: CgJE3psacp8/3wnwoa3LH/xEyaN6wfT2NioOMfX1BbckzxpMu3vSJSb9BEfFyHmCy/5JIa+r0yjZZvDXdAZOyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2c0350d4f634bb6629f2ba1aeced3c4e
cross-origin-opener-policy: same-origin-allow-popups
etag: "f0cf6aca2f2cb1a130cf0e630213bece"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Mar 2024 19:04:57 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 152ms
124ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6555a084-12e2-4584-af60-0f20fb5ed9fb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=590783da-f798-48bb-b789-7b61ac357db0&tw_document_href=https%3A%2F%2Flogin.haircut.page%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4c7&type=javascript&version=2.3.29

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 117
date: Sat, 04 Mar 2023 19:50:19 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5e8381dd63d8208c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e53ab8302b01daa840c8e24da61a2267a116594caf1a4b2d17d617e631bd5469
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 187ms
115ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6555a084-12e2-4584-af60-0f20fb5ed9fb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=590783da-f798-48bb-b789-7b61ac357db0&tw_document_href=https%3A%2F%2Flogin.haircut.page%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4c7&type=javascript&version=2.3.29

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 108
date: Sat, 04 Mar 2023 19:50:19 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0f7c0da8dbe98bf2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1e16d7d6302c057d5d329597c0d5f33ca67cc80ee3a588e7431e62212371ab86
content-length: 43

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/beezer-c947f/ 626 B
679 B 357ms
357ms Fetch
application/json 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/beezer-c947f/installations

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/static/js/2.b8415196.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f31e9f775cac680e47801066dffeace133e36bc5073219d507689724f02205c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://login.haircut.page/
x-goog-api-key: AIzaSyB3gOJKjnxztSV8xF2pO3FvTyqFRJgR5FY
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://login.haircut.page
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/beezer-c947f/ Frame 0
0 139ms
49ms Preflight
text/html 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/beezer-c947f/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://login.haircut.page
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://login.haircut.page
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 04 Mar 2023 19:50:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=258158798&gjid=145701470&_gid=1321078497.1677959420&_u=YEBAAEAAAAAAACAAI~&z=1808176599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.haircut.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=1313143954&gjid=844316449&_gid=1321078497.1677959420&_u=YEDAAEABAAAAACAAI~&z=1143402352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.haircut.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-4b36ccd8e57982c88507576b9c36e8e9.html Show response
js.stripe.com/v3/ Frame 738F 325 B
1 KB 8ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8787a6bcc84198383ab9a491bb74eaa9c8df1f10e17357e36f6d3763184fdb69

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 04 Mar 2023 19:50:20 GMT
etag: "4b36ccd8e57982c88507576b9c36e8e9"
last-modified: Fri, 03 Mar 2023 21:44:23 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 9b8d7cc1-3a29-41ee-8244-6029a25be6b9
x-served-by: cache-fra-eddf8230062-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 738F 0
601 B 582ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 13
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 738F 0
601 B 570ms
185ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-418bcde74fbe0d6d080c64e038ca8212.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 738F 367 KB
89 KB 8ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9238c514b9ab645f51a6177ab93b06ecf8bb6bfbc9ea59ef68adb147adff1007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 varnish
age: 79422
x-cache: HIT
content-length: 91178
x-request-id: 9a8f449f-4f50-4da6-901e-8605541e00fa
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 03 Mar 2023 21:44:33 GMT
server: Fastly
etag: "f64b25930cef26077e3d3699fd363151"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4140

GET
H2 200 controller-3e37c93e3845f8fd945f345b8a2cfc79.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 738F 433 KB
119 KB 9ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3e37c93e3845f8fd945f345b8a2cfc79.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4cdd88ddba64fd2709fffdc2098d6f07d65e3f69fb8980e627028733c45a3479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:20 GMT
via: 1.1 varnish
age: 79422
x-cache: HIT
content-length: 121698
x-request-id: 7798099a-8193-401f-ad79-702c9d6318e2
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 03 Mar 2023 21:44:31 GMT
server: Fastly
etag: "a33bc9d809ce690885fb779493c707c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4021

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 149ms
63ms Image
image/gif 2a00:1450:400d:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=258158798&_u=YEBAAEAAAAAAACAAI~&z=1827981342

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
37ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=258158798&_u=YEBAAEAAAAAAACAAI~&z=1827981342

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 152ms
67ms Image
image/gif 2a00:1450:400d:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=1313143954&_u=YEDAAEABAAAAACAAI~&z=1720033313

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 84ms
36ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-101921015-1&cid=1362433967.1677959420&jid=1313143954&_u=YEDAAEABAAAAACAAI~&z=1720033313

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
67 KB 29ms
26ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-4TY499TC15

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/static/js/2.b8415196.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5de66b0932ea0f39adf3eaf746a57e6890449074b41e3f8b41d777dac1969354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Mar 2023 19:50:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
67 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4TY499TC15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7QXCC9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03a5b67d5d6a4560b7f50e524b17865197a9f727b05f4efa01c7594d2de93ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68175
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Mar 2023 19:50:20 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 738F 474 B
612 B 20ms
6ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69a26c060717c77c09e75bd76cb15e198fa93050c6db96369aeaa2d6c4c9c7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 31
x-cache: HIT
content-length: 298
x-request-id: 975da015-f7b4-404b-a416-dd8ed763a5c8
x-served-by: cache-fra-eddf8230101-FRA
last-modified: Fri, 03 Mar 2023 22:13:10 GMT
server: Fastly
etag: "a1b452244e4eccaf6c847fec6049c3bf"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 62ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4TY499TC15&gtm=45je3310&_p=684559214&_fid=eOTNMBt9vfu7gMEX4XvgXw&cid=1362433967.1677959420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677959420&sct=1&seg=0&dl=https%3A%2F%2Flogin.haircut.page%2F&dt=Platform&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-4TY499TC15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.haircut.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 738ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 737ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
158 B 736ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 737ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 738ms
367ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 736ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 737ms
367ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 736ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 736ms
367ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2866216793404535&ev=PageView&dl=https%3A%2F%2Flogin.haircut.page%2F&rl=&if=false&ts=1677959420577&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677959420576.1168045157&it=1677959420329&coo=false&rqm=GET

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 Mar 2023 19:50:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9932.cO78lIxCgAJZ2ztVqvVliX1zGedUc1LAccZQJGGNoitd2ot4wJhn2Rv6Sr7vDjgi.thocBgaQ3of2xmVf6u3UXLBZiBQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9932.8Ja9TBL-CZ9VGugyTcT4F0LFH3pFg8Q-m5C8DaRG1qgviminiHvJqqYkpp6Xt338Y7cuHNtZwzYyZOiFUb45p2d_Cbnn5c9dIql7W5H9Jbg%2C.Us7RR4gNp11SlUtLUxyLNiSGx7Q%2C

43 B
67 B

47ms
47ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9932.8Ja9TBL-CZ9VGugyTcT4F0LFH3pFg8Q-m5C8DaRG1qgviminiHvJqqYkpp6Xt338Y7cuHNtZwzYyZOiFUb45p2d_Cbnn5c9dIql7W5H9Jbg%2C.Us7RR4gNp11SlUtLUxyLNiSGx7Q%2C

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9932.8Ja9TBL-CZ9VGugyTcT4F0LFH3pFg8Q-m5C8DaRG1qgviminiHvJqqYkpp6Xt338Y7cuHNtZwzYyZOiFUb45p2d_Cbnn5c9dIql7W5H9Jbg%2C.Us7RR4gNp11SlUtLUxyLNiSGx7Q%2C
date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 60ms
47ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 04 Mar 2023 20:50:20 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/66086482/
Redirect Chain

https://mc.yandex.com/watch/66086482?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/66086482/1?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

435 B
518 B

47ms
47ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66086482/1?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1248905187759%3Ahid%3A745023518%3Az%3A0%3Ai%3A20230304195020%3Aet%3A1677959421%3Ac%3A1%3Arn%3A255983257%3Arqn%3A1%3Au%3A1677959421705439762%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A47%2C22%2C79%2C1%2C0%2C0%2C%2C1029%2C0%2C%2C%2C%2C1179%3Aco%3A0%3Acpf%3A1%3Ans%3A1677959419127%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677959421%3At%3APlatform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8f63a5da240d72149578fb8a2030cfe03578fce5f3198c7b3f1f49d9b4016291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 04-Mar-2023 19:50:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://login.haircut.page
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sat, 04-Mar-2023 19:50:20 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:20 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 04-Mar-2023 19:50:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/66086482/1?wmode=7&page-url=https%3A%2F%2Flogin.haircut.page%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1248905187759%3Ahid%3A745023518%3Az%3A0%3Ai%3A20230304195020%3Aet%3A1677959421%3Ac%3A1%3Arn%3A255983257%3Arqn%3A1%3Au%3A1677959421705439762%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A47%2C22%2C79%2C1%2C0%2C0%2C%2C1029%2C0%2C%2C%2C%2C1179%3Aco%3A0%3Acpf%3A1%3Ans%3A1677959419127%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677959421%3At%3APlatform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://login.haircut.page
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 04-Mar-2023 19:50:20 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9932.W8gPfu1_zv3krDCTLXWNo67gWpE-4uwN-4hWHJgJXefR92kL4-4VykfNTndaup9k.KFrWmFxSKo_J07nWd0XYcSdnEiA%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9932.QAM102mCxwsxLyj9jDlp3ctmXcI4v-AjfhjrCgI8d7LvipAjaMnppDjOj9lOZIj3iDVhJur-kPqu6cyVzZzElXs_OEHsq9Gg0XCJwV9nHok%2C.tYsQr2x_XTxQ07_6Wa...

43 B
101 B

47ms
47ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9932.QAM102mCxwsxLyj9jDlp3ctmXcI4v-AjfhjrCgI8d7LvipAjaMnppDjOj9lOZIj3iDVhJur-kPqu6cyVzZzElXs_OEHsq9Gg0XCJwV9nHok%2C.tYsQr2x_XTxQ07_6WacUACS5n50%2C

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9932.QAM102mCxwsxLyj9jDlp3ctmXcI4v-AjfhjrCgI8d7LvipAjaMnppDjOj9lOZIj3iDVhJur-kPqu6cyVzZzElXs_OEHsq9Gg0XCJwV9nHok%2C.tYsQr2x_XTxQ07_6WacUACS5n50%2C
date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame BBE0 200 B
900 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.haircut.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5171874
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 04 Mar 2023 19:50:21 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 79589
x-content-type-options: nosniff
x-request-id: 916aee87-505d-492e-bea3-283a5764c026
x-served-by: cache-fra-eddf8230062-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame 738F 0
157 B 186ms
185ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 04 Mar 2023 19:50:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame BBE0 0
600 B 186ms
185ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BBE0 0
600 B 186ms
186ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BBE0 631 B
490 B 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:21 GMT
via: 1.1 varnish
age: 9589531
x-cache: HIT
content-length: 332
x-request-id: fe00218a-3aa4-4885-9344-4a8822109736
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 66727

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E690 930 B
2 KB 114ms
25ms Document
text/html 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 04 Mar 2023 19:45:57 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-id: w_GsGHwpqKXLq15SmSye2RPLT-UaUxOIBQfrSpAaFvasCij94SNkyQ==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame E690 0
374 B 187ms
186ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: login.haircut.page
URL: https://login.haircut.page/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame E690 86 KB
14 KB 27ms
27ms Script
text/javascript 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:46:03 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 263
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: imJknpw2-f3eQRxH5LbpclrjWvOP580rCek30YWEBqtoC8kSE-R6mg==

POST
H2 200 6 Show response
m.stripe.com/ Frame E690 156 B
552 B 576ms
188ms XHR
application/json 54.188.165.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.165.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-165-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

662064e779cfcb6fe3953cc6aac1a8e4525e4a277763b1a4cbdbc43f09a54c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 04 Mar 2023 19:50:21 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2866216793404535&ev=Microdata&dl=https%3A%2F%2Flogin.haircut.page%2F&rl=&if=false&ts=1677959422080&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Platform%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1677959420576.1168045157&it=1677959420329&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 Mar 2023 19:50:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 66086482 Show response
mc.yandex.com/webvisor/ 43 B
154 B 147ms
146ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/66086482?wmode=0&wv-part=1&wv-hit=745023518&page-url=https%3A%2F%2Flogin.haircut.page%2F&rn=583300211&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1677959424%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230304195023%3Au%3A1677959421705439762%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677959424&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:23 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 04-Mar-2023 19:50:23 GMT
content-type: image/gif
access-control-allow-origin: https://login.haircut.page
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 04-Mar-2023 19:50:23 GMT

POST
H2 200 66086482 Show response
mc.yandex.com/webvisor/ 43 B
169 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/66086482?wmode=0&wv-part=1&wv-hit=745023518&page-url=https%3A%2F%2Flogin.haircut.page%2F&rn=94210885&wv-type=3&browser-info=we%3A1%3Aet%3A1677959424%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230304195024%3Au%3A1677959421705439762%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677959424&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:24 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 04-Mar-2023 19:50:24 GMT
content-type: image/gif
access-control-allow-origin: https://login.haircut.page
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 04-Mar-2023 19:50:24 GMT

POST
H2 200 66086482 Show response
mc.yandex.com/webvisor/ 43 B
145 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/66086482?wmode=0&wv-part=2&wv-hit=745023518&page-url=https%3A%2F%2Flogin.haircut.page%2F&rn=441921907&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1677959425%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230304195025%3Au%3A1677959421705439762%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677959425&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.haircut.page/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 19:50:25 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 04-Mar-2023 19:50:25 GMT
content-type: image/gif
access-control-allow-origin: https://login.haircut.page
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 04-Mar-2023 19:50:25 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
355 B 9ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haircut.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 19:50:26 GMT
via: 1.1 varnish
age: 9589510
x-cache: HIT
content-length: 209
x-request-id: 3dae29b6-15fc-4b47-bdea-1cf144b7e964
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9608

POST 66086482
mc.yandex.com/webvisor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/66086482?wmode=0&wv-part=3&wv-hit=745023518&page-url=https%3A%2F%2Flogin.haircut.page%2F&rn=365047007&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1677959427%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230304195027%3Au%3A1677959421705439762%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677959427&t=gdpr(14)ti(2)

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.haircut.page/	1970-01-20 12:15:35	Name: _gcl_au Value: 1.1.1870578884.1677959420
.haircut.page/	1970-01-20 18:51:35	Name: zarget_user_id Value: 7d727115-df66-438b-b3dd-d6e73d9052aa
.haircut.page/	1970-01-20 18:51:35	Name: 7d727115-df66-438b-b3dd-d6e73d9052aa Value: 1
login.haircut.page/	1970-01-20 18:51:35	Name: 7d727115-df66-438b-b3dd-d6e73d9052aa Value: 1
.haircut.page/	1970-01-20 10:07:25	Name: _gid Value: GA1.2.1321078497.1677959420
.haircut.page/	1970-01-20 10:05:59	Name: _gat_UA-101921015-1 Value: 1
.haircut.page/	1970-01-20 10:05:59	Name: _gat Value: 1
.t.co/	1970-01-20 19:41:59	Name: muc_ads Value: 58ec4674-ab6d-44f4-a95e-d2d2212b0d6d
.haircut.page/	1970-01-20 19:41:59	Name: _ga_4TY499TC15 Value: GS1.1.1677959420.1.0.1677959420.0.0.0
.haircut.page/	1970-01-20 19:41:59	Name: _ga Value: GA1.1.1362433967.1677959420
.twitter.com/	1970-01-20 19:41:59	Name: personalization_id Value: "v1_QuTwblWshF7lepI5pJ9c5w=="
.linkedin.com/	1970-01-20 10:49:11	Name: UserMatchHistory Value: AQJ0RC2esFw79QAAAYauLNooR8rOTgMkOiww2rC6bAkcdtfvc_8NKTQL0y0ImHPgUwvuTH2Vl5ewLg
.linkedin.com/	1970-01-20 10:49:11	Name: AnalyticsSyncHistory Value: AQK2b3INMrSxtgAAAYauLNoo6Qwr9xII-_Pzhk_2Pi-80885l2_p07yYFdr6jkftc2PdHOcfyp9zDgCDzLGXjg
.linkedin.com/	1970-01-20 18:51:35	Name: bcookie Value: "v=2&b7be4099-59d9-4068-82fe-12ebce11b0d6"
.linkedin.com/	1970-01-20 10:07:25	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2851:u=1:x=1:i=1677959420:t=1678045820:v=2:sig=AQGa5sWVdZlomFqqNizMDmiJtkveatJe"
.haircut.page/	1970-01-20 12:15:35	Name: _fbp Value: fb.1.1677959420576.1168045157
login.haircut.page/	1970-01-20 10:07:25	Name: ln_or Value: eyIxNjA0NzY5LDE3Mjc1MzciOiJkIn0%3D
.haircut.page/	1970-01-20 18:51:35	Name: _ym_uid Value: 1677959421705439762
.haircut.page/	1970-01-20 18:51:35	Name: _ym_d Value: 1677959421
.www.linkedin.com/	1970-01-20 18:51:35	Name: bscookie Value: "v=1&20230304195020fc841a20-a771-44eb-8156-a9ea3abe39a0AQGBm1oTE8wxdMOAsjsNQsLIrtOaRdWO"
.linkedin.com/	1970-01-20 14:25:11	Name: li_gc Value: MTswOzE2Nzc5NTk0MjA7MjswMjGXi3n71XnOwkG1jc4R3kRRRp3k6TaNyLL4QGlj443leA==
.haircut.page/	1970-01-20 10:07:11	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 10:06:00	Name: sync_cookie_csrf Value: 2876135877fake
.mc.yandex.ru/	1970-01-20 10:06:00	Name: sync_cookie_csrf Value: 2755634311fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1811774691677959420
.yandex.com/	1970-01-20 19:41:59	Name: i Value: XYv9DiU8zN+0IBDavFztYqHoMTMZTEGpFKn+U0WOGYj+TtxCPoeKZP5QwS8HLXGguJqHn36gkpIX2LzwWjqa71eRKWY=
.yandex.com/	1970-01-20 18:51:35	Name: yandexuid Value: 3294052651677959420
.yandex.com/	1970-01-20 18:51:35	Name: yuidss Value: 3294052651677959420
.yandex.com/	1970-01-20 18:51:35	Name: ymex Value: 1709495420.yc.1677959420#1709495420.yrts.1677959420#1709495420.yrtsi.1677959420
.haircut.page/	1970-01-20 10:06:01	Name: _ym_visorc Value: w
m.stripe.com/	1970-01-20 19:41:59	Name: m Value: ae927b4b-ae4c-49b7-9eb2-766dff95d197a14d77
.login.haircut.page/	1970-01-20 18:51:35	Name: __stripe_mid Value: 063d5f5d-a699-4415-bcf5-cdccfa55b7e7b324f3
.login.haircut.page/	1970-01-20 10:06:01	Name: __stripe_sid Value: e243bfe8-0f2d-4e42-b611-fce0bf1b0b8994e661

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
cdn.freshmarketer.com
cdn.linkedin.oribi.io
connect.facebook.net
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
login.haircut.page
m.stripe.com
m.stripe.network
mc.yandex.com
mc.yandex.ru
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
snap.licdn.com
static.ads-twitter.com
static.parastorage.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
mc.yandex.com
104.244.42.195
104.244.42.69
13.107.42.14
151.101.192.176
151.101.8.157
18.66.122.95
2001:4860:4802:32::36
2600:9000:2127:4400:19:7d10:bd80:93a1
2600:9000:2127:b400:2:53b2:240:93a1
2600:9000:21f3:4e00:1f:6e07:2f80:93a1
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9d
2a00:1450:400d:803::2004
2a00:1450:400d:805::200a
2a00:1450:400d:807::2003
2a00:1450:400d:80a::200a
2a02:26f0:3500:16::215:14a0
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.96.106.200
54.187.119.242
54.188.165.239
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
03a5b67d5d6a4560b7f50e524b17865197a9f727b05f4efa01c7594d2de93ea3
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
10de3720239442e8b0cdbd2173382ee233bcbd516fd4998af45d739dbebffbd1
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
30592d71d65f4b32975650e691bec8abc502fdf46ad58895a3d1cfcfa927637f
3298b164220bf48078b99eb19740d95f8a4345c8077c3215d45e7f38e48a0d07
34476af57d6d8fb4f1d1ac535118b8599a373158741f440bdb466d2c2646a8cb
365c579b5f25a1b0157ae3ec0a4849dc364d141a641c5e3aa3a8267286b8aae5
379e9964b89c3a34788397d3922c33a71d33b37fa9cc5fee89100a649211ea55
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40d1d6f5e1760a8a4e9e656c76080dadd7d9d661c2d559bf6b8086b6932a4eb6
496994f6333d8bae723739501e57280bb97e13bc3a002fbda9209678f7fd9a8f
4cdd88ddba64fd2709fffdc2098d6f07d65e3f69fb8980e627028733c45a3479
4fef3eb70b14e47fdb07207f94dd80543cc37d6000fe66097046efbb41e7700a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5de66b0932ea0f39adf3eaf746a57e6890449074b41e3f8b41d777dac1969354
662064e779cfcb6fe3953cc6aac1a8e4525e4a277763b1a4cbdbc43f09a54c7e
692a52c42813606005943ed274e416aa18112695bceb47fb5e5662b8d2bcbd86
69a26c060717c77c09e75bd76cb15e198fa93050c6db96369aeaa2d6c4c9c7a9
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8787a6bcc84198383ab9a491bb74eaa9c8df1f10e17357e36f6d3763184fdb69
8f63a5da240d72149578fb8a2030cfe03578fce5f3198c7b3f1f49d9b4016291
9238c514b9ab645f51a6177ab93b06ecf8bb6bfbc9ea59ef68adb147adff1007
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b919d41f83a879b80098bc8fec1fd5a02a8b6e4519853f2861cb43fab3e3db3e
c866de337cad1797f4da1bc79404762187138204c767bbffa90440eebc7a12cd
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0c5b8b8466540190850c20140873f229128a7c0380a2271da950adc75ba9593
d236c49864f3876cf4c59df5c38cf5394d83de06e784f1779239643f1d5da4b9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f31e9f775cac680e47801066dffeace133e36bc5073219d507689724f02205c4
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fe0aefbfcc30b8e2fe7e5d7c5e11669b363e43272d2bf26f684960340eb5e59a

login.haircut.page Open in urlscan Pro 2600:9000:21f3:4e00:1f:6e07:2f80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

93 %HTTPS

67 %IPv6

22 Domains

30 Subdomains

27 IPs

6 Countries

12172 kBTransfer

14760 kBSize

33 Cookies

0 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.haircut.page Open in urlscan Pro
2600:9000:21f3:4e00:1f:6e07:2f80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

93 %
HTTPS

67 %
IPv6

22
Domains

30
Subdomains

27
IPs

6
Countries

12172 kB
Transfer

14760 kB
Size

33
Cookies

76 HTTP transactions
0 data transactions