www.newtimeshair.com Open in urlscan Pro
2606:4700:3035::6818:6bb2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newtimeshair.com/
Effective URL:
https://www.newtimeshair.com/
Submission: On September 01 via api (September 1st 2020, 10:10:29 pm UTC) from US

Summary HTTP 87 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 19 IPs in 8 countries across 11 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3035::6818:6bb2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newtimeshair.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2020. Valid for: a year.

This is the only time www.newtimeshair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:303... 2606:4700:3035::6818:6bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	47.96.194.133 47.96.194.133	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3033::6812:3339	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.185.162.135 35.185.162.135	15169 (GOOGLE) (GOOGLE)
3	47.244.226.94 47.244.226.94	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
16	128.1.135.160 128.1.135.160	135377 (UHGL-AS-A...) (UHGL-AS-AP UCloud (HK) Holdings Group Limited)
2	35.241.94.78 35.241.94.78	15169 (GOOGLE) (GOOGLE)
2	18.185.226.88 18.185.226.88	16509 (AMAZON-02) (AMAZON-02)
1	59.111.160.230 59.111.160.230	45062 (NETEASE-A...) (NETEASE-AS Guangzhou NetEase Computer System Co.)
87	19

33 2606:4700:3035::6818:6bb2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.newtimeshair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.96.194.133 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

admin.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3033::6812:3339 (United States)

ASN13335 (CLOUDFLARENET, US)

lib.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analysis-js.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.162.135 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 135.162.185.35.bc.googleusercontent.com

weblib.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 47.244.226.94 (China)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

hkend.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 128.1.135.160 (Central, Hong Kong)

ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK)

cnend.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.94.78 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 78.94.241.35.bc.googleusercontent.com

analysis.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.226.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-226-88.eu-central-1.compute.amazonaws.com

lbs.netease.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weblinkoutsea01.netease.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.111.160.230 (Hangzhou, China)

ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN)

dr.netease.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	leadscloud.com admin.leadscloud.com lib.leadscloud.com weblib.leadscloud.com hkend.leadscloud.com cnend.leadscloud.com analysis-js.leadscloud.com analysis.leadscloud.com	371 KB
33	newtimeshair.com 1 redirects www.newtimeshair.com	722 KB
4	google-analytics.com www.google-analytics.com	18 KB
3	netease.im lbs.netease.im weblinkoutsea01.netease.im dr.netease.im	1 KB
3	facebook.com www.facebook.com	520 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	facebook.net connect.facebook.net	166 KB
2	google.de www.google.de	644 B
2	google.com www.google.com	237 B
2	googletagmanager.com www.googletagmanager.com	65 KB
1	googleadservices.com www.googleadservices.com	12 KB
87	11

	Domain	Requested by
33	www.newtimeshair.com	1 redirects www.newtimeshair.com
16	cnend.leadscloud.com	lib.leadscloud.com
9	lib.leadscloud.com	www.newtimeshair.com lib.leadscloud.com admin.leadscloud.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newtimeshair.com
3	hkend.leadscloud.com	lib.leadscloud.com
3	www.facebook.com	www.newtimeshair.com connect.facebook.net
2	analysis.leadscloud.com	analysis-js.leadscloud.com
2	connect.facebook.net	www.newtimeshair.com connect.facebook.net
2	www.google.de	www.newtimeshair.com
2	www.google.com	www.newtimeshair.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	www.newtimeshair.com lib.leadscloud.com
1	dr.netease.im	lib.leadscloud.com
1	weblinkoutsea01.netease.im	lib.leadscloud.com
1	lbs.netease.im	lib.leadscloud.com
1	analysis-js.leadscloud.com	lib.leadscloud.com
1	weblib.leadscloud.com	lib.leadscloud.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.newtimeshair.com
1	admin.leadscloud.com	www.newtimeshair.com
87	20

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
fr.newtimeshair.com
es.newtimeshair.com
it.newtimeshair.com
de.newtimeshair.com
ru.newtimeshair.com
pt.newtimeshair.com
ar.newtimeshair.com
order.newtimeshair.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.twitter.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-20` - `2021-08-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.leadscloud.com GoGetSSL RSA DV CA	`2020-02-07` - `2022-02-06`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.netease.im GeoTrust CN RSA CA G1	`2020-02-12` - `2022-05-11`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.newtimeshair.com/
Frame ID: 0F63D3F4911946561D20B817BB49E5F2
Requests: 91 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.newtimeshair.com/ HTTP 301
https://www.newtimeshair.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

87
Requests

100 %
HTTPS

56 %
IPv6

11
Domains

20
Subdomains

19
IPs

8
Countries

1359 kB
Transfer

3280 kB
Size

11
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=8618561569661&text=Hi%20there

Search URL Search Domain Scan URL

URL: https://fr.newtimeshair.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://es.newtimeshair.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://it.newtimeshair.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://de.newtimeshair.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: http://ru.newtimeshair.com/
Title: Pусский

Search URL Search Domain Scan URL

URL: http://pt.newtimeshair.com/
Title: Português

Search URL Search Domain Scan URL

URL: http://ar.newtimeshair.com/

Search URL Search Domain Scan URL

URL: https://order.newtimeshair.com/
Title: Track Order

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newtimeshairofficial/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/newtimeshairofficial
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newtimeshairofficial/
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/NewtimesH
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_Aizh93NX3eKvoNMH12tgw
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/NewtimesH

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newtimeshairofficial

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+86%2018561569661&text=Hi%20there
Title: +86 18561569661

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newtimeshair.com/ HTTP 301
https://www.newtimeshair.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newtimeshair.com/
Redirect Chain

http://www.newtimeshair.com/
https://www.newtimeshair.com/

391 KB
87 KB

400ms
384ms

Document
text/html

2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41f34bc9a18378c157bb9afd3f2378ad57c391012ba4582124e643144cefcc9

Request headers

:method: GET
:authority: www.newtimeshair.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d493bb94777d400c905a39f1913dffbca1598998209
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 22:10:09 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Tue, 01 Sep 2020 09:40:46 GMT
cache-control: max-age=600
expires: Tue, 01 Sep 2020 22:20:09 GMT
cf-cache-status: DYNAMIC
cf-request-id: 04ed517c11000063891b16f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5cc251d9bd086389-FRA
content-encoding: br

Redirect headers

Date: Tue, 01 Sep 2020 22:10:09 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d493bb94777d400c905a39f1913dffbca1598998209; expires=Thu, 01-Oct-20 22:10:09 GMT; path=/; domain=.newtimeshair.com; HttpOnly; SameSite=Lax
Location: https://www.newtimeshair.com/
CF-Cache-Status: DYNAMIC
cf-request-id: 04ed517aff0000d6d54d81c200000001
Server: cloudflare
CF-RAY: 5cc251d7fe2ed6d5-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
30 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVTSKR3

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2d4f6db627511d639daa734a95f9a66d6f809908a7e8a96ddeebc9c5127cef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:09 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30343
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Sep 2020 22:10:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVTSKR3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3269
date: Tue, 01 Sep 2020 21:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Tue, 01 Sep 2020 23:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1179830735&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newtimeshair.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2111182155&gjid=1193426425&cid=836917356.1598998210&tid=UA-45453425-1&_gid=272239424.1598998210&_r=1&gtm=2wg8j2WVTSKR3&z=865541208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.newtimeshair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-45453425-1&cid=836917356.1598998210&jid=2111182155&gjid=1193426425&_gid=272239424.1598998210&_u=YEBAAEAAAAAAAC~&z=1257470687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Sep 2020 22:10:10 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.newtimeshair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-45453425-1&cid=836917356.1598998210&jid=2111182155&_u=YEBAAEAAAAAAAC~&z=1970890224

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 24ms
24ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-45453425-1&cid=836917356.1598998210&jid=2111182155&_u=YEBAAEAAAAAAAC~&z=1970890224

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.js Show response
www.newtimeshair.com/wp-includes/js/jquery/ 95 KB
32 KB 21ms
20ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 08:45:28 GMT
server: cloudflare
age: 639406
etag: W/"17a69-5a7b6ddade454-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251ddbed16389-FRA
cf-request-id: 04ed517e90000063891b18a200000001
expires: Thu, 24 Sep 2020 12:33:24 GMT

GET
H2 200 jquery-2.2.4.js Show response
www.newtimeshair.com/wp-content/themes/9cBiz/js/ 132 KB
37 KB 19ms
19ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/js/jquery-2.2.4.js
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b945f786a112cc9e915dad9b956e2c7af7652ef643445a562831787782796ec0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 08:22:15 GMT
server: cloudflare
age: 490384
etag: W/"210d4-5a7dec64ded2e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251ddbed26389-FRA
cf-request-id: 04ed517e90000063891b18b200000001
expires: Sat, 26 Sep 2020 05:57:06 GMT

GET
H2 200 autoptimize_c5bba1c0ca1e812ee24313df30c8b043.js Show response
www.newtimeshair.com/wp-content/cache/autoptimize/js/ 95 KB
26 KB 16ms
16ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-content/cache/autoptimize/js/autoptimize_c5bba1c0ca1e812ee24313df30c8b043.js
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c0e88c7da0019bff36bb53d5b02ea00bb43776afaa170ef0883bc00d126b34

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Aug 2020 06:06:18 GMT
server: cloudflare
age: 568139
etag: W/"17b00-5adc19e33dc07-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=30672000
cf-ray: 5cc251ddfee46389-FRA
cf-request-id: 04ed517eb9000063891b18f200000001
expires: Mon, 16 Aug 2021 08:21:11 GMT

GET
H2 200 email-decode.min.js Show response
www.newtimeshair.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
853 B 8ms
7ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newtimeshair.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 26 Aug 2020 10:05:56 GMT
server: cloudflare
etag: W/"5f463404-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5cc251ddeee16389-FRA
cf-request-id: 04ed517eb1000063891b18e200000001
expires: Thu, 03 Sep 2020 22:10:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.newtimeshair.com/wp-includes/js/ 14 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 08:45:28 GMT
server: cloudflare
age: 479392
etag: W/"364d-5a7b6ddaeaf72-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251de0ee86389-FRA
cf-request-id: 04ed517ec0000063891b190200000001
expires: Sat, 26 Sep 2020 09:00:18 GMT

GET
H2 200 lazysizes.min.js Show response
www.newtimeshair.com/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 39ms
38ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.7
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Aug 2020 05:55:04 GMT
server: cloudflare
age: 484604
etag: W/"22ea-5adc1760c9ded-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251de0ee96389-FRA
cf-request-id: 04ed517ec0000063891b191200000001
expires: Sat, 26 Sep 2020 07:33:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: rhXsBNKJmvljyjlYN8ZXFE3QQItsJg32F0MEmU1RqrsuBkS6J+Cx7XNE+jApJEieowQavhP2+s35DHzxZvnPWA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 01 Sep 2020 22:10:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK xhlform.js Show response
admin.leadscloud.com/Front-Form/buryForm/ 2 KB
2 KB 1413ms
640ms Script
application/javascript 47.96.194.133
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.leadscloud.com/Front-Form/buryForm/xhlform.js
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.96.194.133 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: 4efa6aeb8cfe06a579f3d9f94f307496fe39ce38095d715765618fe4ed09a0cd

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:11 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4435
Cf-Polished: origSize=2124
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 04ed5183540000999bef38c200000001
Last-Modified: Tue, 25 Aug 2020 10:46:14 GMT
Server: nginx/1.15.12
ETag: W/"5f44ebf6-84c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Tue, 25 Aug 2020 11:59:36 GMT
Cache-Control: max-age=7200
CF-RAY: 5cc251e55d1f999b-LAX
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Cf-Bgj: minify

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 body-bkg.gif
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 324 B
529 B 10ms
9ms Image
image/gif 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/body-bkg.gif
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d2f13be51e1b9a8cbdaf0c80795143c78ec670427d4f042a1630cf5e2c7e79

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 324
cf-request-id: 04ed517ec1000063891b192200000001
last-modified: Mon, 18 Nov 2019 09:33:12 GMT
server: cloudflare
etag: "144-5979ba2e20600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de0eea6389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 body-bkg2.gif
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 324 B
447 B 10ms
10ms Image
image/gif 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/body-bkg2.gif
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d2f13be51e1b9a8cbdaf0c80795143c78ec670427d4f042a1630cf5e2c7e79

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 324
cf-request-id: 04ed517ec1000063891b193200000001
last-modified: Thu, 01 Sep 2016 15:59:55 GMT
server: cloudflare
etag: "144-53b744e08d4c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de0eeb6389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5826aa5e5e378326b6ff259d318bac7eac4a8b24fc2b2cd271cc7156cc25ebd1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 096a9435cced21a1fff8c457666df5003ffc4d0ec35d375836b4b2c1c8d42d73

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75c4bfe2c8945e31226e5ec649321015159e5f903abd07e82fb6f10211a8d02c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e1cf1f0fcaef3b9fa0b7d8dbc729dce369a2b02e915b0c493d6b016741f6053

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8332374a9492ca8d5de8e6b12a65928a147e8782165befa0d79aaac62b787e88

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 321a6f842fe9c5190e26175b4b0c7f9c2b11a025f8fdcedd5db6fb88d81052ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icon.png
www.newtimeshair.com/wp-content/themes/9cBiz/statics/images/ 6 KB
6 KB 13ms
12ms Image
image/png 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/statics/images/icon.png
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 949a3ee14ae4c0d078caabb111b0769ffcad7dbb2805b2844b3a6ca08696b320

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 204601
status: 200
content-length: 6383
cf-request-id: 04ed517ed2000063891b194200000001
last-modified: Fri, 12 Jun 2020 13:27:47 GMT
server: cloudflare
etag: "18ef-5a7e30b048617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de1eef6389-FRA
expires: Mon, 30 Aug 2021 13:20:09 GMT

GET
H2 200 mbg.jpg
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 306 B
522 B 12ms
11ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/mbg.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae5e2269ea79492d47bfcd04950aec4315b764d04fb79164fc26dc4e7738550

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 306
cf-request-id: 04ed517ed3000063891b195200000001
last-modified: Thu, 01 Sep 2016 16:01:25 GMT
server: cloudflare
etag: "132-53b7453661f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de1ef06389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 mbg1.jpg
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 311 B
437 B 14ms
14ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/mbg1.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101c508b9ef3bee819d6d5c1115b9af57ac71a25145be708d4df9cfc1487d02f

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 311
cf-request-id: 04ed517ed3000063891b196200000001
last-modified: Thu, 01 Sep 2016 16:00:15 GMT
server: cloudflare
etag: "137-53b744f3a01c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de1ef16389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 loading-icon-128x128.gif
www.newtimeshair.com/wp-content/plugins/slideshow-jquery-image-gallery/images/SlideshowPlugin/ 9 KB
9 KB 11ms
10ms Image
image/gif 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/plugins/slideshow-jquery-image-gallery/images/SlideshowPlugin/loading-icon-128x128.gif
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ecce3623ff253244051a0a7107687b1716e4e70a4f642ae2d277ff2412eb02

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 9303
cf-request-id: 04ed517ed4000063891b197200000001
last-modified: Fri, 02 Sep 2016 15:26:41 GMT
server: cloudflare
etag: "2457-53b87f5062e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de2ef26389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 lt1.jpg
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 478 B
605 B 12ms
11ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/lt1.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711c80f1240d30bccd2e341635204aa1bbec68af32f02f87f84ca78761a51151

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 478
cf-request-id: 04ed517ed5000063891b198200000001
last-modified: Thu, 01 Sep 2016 15:59:44 GMT
server: cloudflare
etag: "1de-53b744d60fc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de2ef46389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 dot.gif
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 97 B
223 B 18ms
17ms Image
image/gif 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/dot.gif
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d6f6e75915c72c832e09b7650790eb9f29f8f22916893d0a5d52a46f6eff39

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 18
status: 200
content-length: 97
cf-request-id: 04ed517ed5000063891b199200000001
last-modified: Thu, 01 Sep 2016 16:01:49 GMT
server: cloudflare
etag: "61-53b7454d45540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de2ef56389-FRA
expires: Wed, 01 Sep 2021 22:09:52 GMT

GET
H2 200 fontawesome-webfont.woff
www.newtimeshair.com/wp-content/themes/9cBiz/fonts/ 96 KB
96 KB 613ms
612ms Font
application/font-woff 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/fonts/fontawesome-webfont.woff?v=4.6.1
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Origin: https://www.newtimeshair.com
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 16 Aug 2017 08:53:22 GMT
server: cloudflare
etag: W/"17ee8-556db07308480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251de2ef86389-FRA
cf-request-id: 04ed517ed8000063891b19a200000001
expires: Thu, 01 Oct 2020 22:10:10 GMT

GET
H2 200 467847563707948 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467847563707948?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d37bb3eb8f2782c90dffe3eeb2066237cac9abed378a2ca876d72e9ee5aff16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134822
x-xss-protection: 0
pragma: public
x-fb-debug: D0Ro7q3qtSQP8FDdP88fZXneu2S/FRGRifCO17QGmR2mxqOxQgRhMqPo2OYfKLTxbPJMRxc4zBo2LaR9gZQDog==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 01 Sep 2020 22:10:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.newtimeshair.com/wp-content/themes/9cBiz/js/ 2 KB
895 B 374ms
374ms Script
application/javascript 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/js/jquery.cookie.min.js?ver=1598953246
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2be4e7d0406c59da925a1358fcb3852724a2f1f81bdac8022ad97d6aebb6e6

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Mar 2019 06:15:30 GMT
server: cloudflare
etag: W/"7f9-583f3bb868480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5cc251de8f156389-FRA
cf-request-id: 04ed517f12000063891b19b200000001
expires: Thu, 01 Oct 2020 22:10:10 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 158ms
58ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

d79cb98fad05c3c4e74a25b856530b70db20e4bcf316efaff31ea07035be1064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11428
x-xss-protection: 0
server: cafe
etag: 17067610797739635032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Sep 2020 22:10:10 GMT

GET
H2 200 live2_home.png
www.newtimeshair.com/wp-content/themes/9cBiz/broadcast/images/ 2 KB
2 KB 10ms
10ms Image
image/png 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/broadcast/images/live2_home.png
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9c9a490ad927aaf3b9e26f170817b1bbc845c956da96425d344026f7750225

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 628126
status: 200
content-length: 2045
cf-request-id: 04ed517f20000063891b19d200000001
last-modified: Sat, 25 Jul 2020 02:33:18 GMT
server: cloudflare
etag: "7fd-5ab3ae994b5eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de9f226389-FRA
expires: Wed, 25 Aug 2021 15:41:24 GMT

GET
H2 200 logo.png
www.newtimeshair.com/wp-content/uploads/2016/09/ 2 KB
2 KB 10ms
10ms Image
image/png 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2016/09/logo.png
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65c42dc5f1b68f40e4ed2c296315bfb052e0712f8a3f345e4040378e8f68d86

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 17
status: 200
content-length: 1983
cf-request-id: 04ed517f21000063891b19e200000001
last-modified: Fri, 23 Aug 2019 01:33:03 GMT
server: cloudflare
etag: "7bf-590bec989f1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251de9f236389-FRA
expires: Wed, 01 Sep 2021 22:09:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467847563707948&ev=PageView&dl=https%3A%2F%2Fwww.newtimeshair.com%2F&rl=&if=false&ts=1598998210357&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1598998210356.1739264779&it=1598998210308&coo=false&rqm=GET

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 01 Sep 2020 22:10:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467847563707948&ev=ViewContent&dl=https%3A%2F%2Fwww.newtimeshair.com%2F&rl=&if=false&ts=1598998210359&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1598998210356.1739264779&it=1598998210308&coo=false&rqm=GET

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 01 Sep 2020 22:10:10 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978431488/ 2 KB
2 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978431488/?random=1598998210699&cv=9&fst=1598998210699&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newtimeshair.com%2F&tiba=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7292a70e8285f416a2dee54fdc9468cce5eeadecfd5cb7702e0673dd7d0bc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xhltrackingwithchat.js Show response
lib.leadscloud.com/ 4 KB
2 KB 28ms
12ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3c12e60a8c319c00e6f05c5964a374ab0d51f3294cffd10c54ba94c218ed60

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 2835
status: 200
cf-request-id: 04ed5180a10000074ac314e200000001
last-modified: Tue, 25 Aug 2020 10:48:52 GMT
server: cloudflare
etag: W/"5f44ec94-f89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 13:52:39 GMT
cache-control: max-age=7200
cf-ray: 5cc251e10abd074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H/1.1 200
OK websiteCode.js Show response
weblib.leadscloud.com/ 89 KB
89 KB 1522ms
595ms Script
application/javascript 35.185.162.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weblib.leadscloud.com/websiteCode.js
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.185.162.135 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 135.162.185.35.bc.googleusercontent.com
Software: nginx/1.17.7 /
Resource Hash: 2c9083e37bbe50d2972747e91b832712a433db2e01dd6f5fa916d695588c8d2d

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:11 GMT
Last-Modified: Tue, 01 Sep 2020 18:00:00 GMT
Server: nginx/1.17.7
ETag: "5f4e8c20-16441"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91201

GET
H2 200 getStatus Show response
hkend.leadscloud.com/piwik/websiteSettings/ 121 B
571 B 723ms
245ms XHR
application/json 47.244.226.94
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hkend.leadscloud.com/piwik/websiteSettings/getStatus?website=newtimeshair.com
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.244.226.94 , China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: f4e46faa4e1d1af01a589f6ef5c672addf7f3a6462db6b14eeb9b394c7ea02ee

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
amp-access-control-allow-source-origin: https://www.newtimeshair.com
server: nginx/1.15.12
amp-same-origin: true
status: 200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newtimeshair.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
access-control-allow-headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/978431488/ 42 B
131 B 25ms
24ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978431488/?random=1598998210699&cv=9&fst=1598997600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newtimeshair.com%2F&tiba=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&fmt=3&is_vtc=1&random=3207396559&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/978431488/ 42 B
538 B 45ms
31ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978431488/?random=1598998210699&cv=9&fst=1598997600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newtimeshair.com%2F&tiba=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&fmt=3&is_vtc=1&random=3207396559&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner-071.jpg
www.newtimeshair.com/wp-content/uploads/2020/06/ 98 KB
98 KB 21ms
18ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2020/06/banner-071.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd42f4e10e6c51fb75f8cf330f7e260fd3cfc22299364777402d04af86136388

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 16
status: 200
content-length: 100051
cf-request-id: 04ed5180d7000063891b1ac200000001
last-modified: Fri, 12 Jun 2020 08:39:42 GMT
server: cloudflare
etag: "186d3-5a7df04b8abbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e1582d6389-FRA
expires: Wed, 01 Sep 2021 22:09:54 GMT

GET
H2 200 banner2.17-14.jpg
www.newtimeshair.com/wp-content/uploads/2016/02/ 49 KB
50 KB 15ms
13ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2016/02/banner2.17-14.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618a0c9cbe43c2a9f681d5012961305ece62987edecb98fe9c1073412d2bb064

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 16
status: 200
content-length: 50612
cf-request-id: 04ed5180d7000063891b1ad200000001
last-modified: Tue, 07 Jan 2020 02:50:39 GMT
server: cloudflare
etag: "c5b4-59b83d7513dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e1582e6389-FRA
expires: Wed, 01 Sep 2021 22:09:54 GMT

GET
H2 200 Leading-company-of-hair-manufactures.jpg
www.newtimeshair.com/wp-content/uploads/2020/02/ 37 KB
38 KB 14ms
11ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2020/02/Leading-company-of-hair-manufactures.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40bfe4303115613580119f934ce5c73179116b577d061384dc66703af7eed77b

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 16
status: 200
content-length: 38303
cf-request-id: 04ed5180d7000063891b1ae200000001
last-modified: Tue, 18 Feb 2020 09:07:52 GMT
server: cloudflare
etag: "959f-59ed601af2a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e1582f6389-FRA
expires: Wed, 01 Sep 2021 22:09:54 GMT

GET
H2 200 order-status-management.jpg
www.newtimeshair.com/wp-content/uploads/2020/06/ 55 KB
55 KB 18ms
16ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2020/06/order-status-management.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75c1ba31fc358ae4929dbab39a72e1b254f871a945ca7275377549fdc07f795

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 56243
cf-request-id: 04ed5180d7000063891b1af200000001
last-modified: Sat, 13 Jun 2020 08:32:11 GMT
server: cloudflare
etag: "dbb3-5a7f307b32e01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e158306389-FRA
expires: Wed, 01 Sep 2021 22:09:55 GMT

GET
H2 200 newtimeshair-youtube.jpg
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 57 KB
58 KB 24ms
22ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/newtimeshair-youtube.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2047931d2b1d5f53c570b06f5059d2fbc88fb935c5fc1b4dfcdde65d9cb71794

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 627639
status: 200
content-length: 58668
cf-request-id: 04ed5180d7000063891b1b0200000001
last-modified: Fri, 12 Jun 2020 13:18:10 GMT
server: cloudflare
etag: "e52c-5a7e2e8a208ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e158316389-FRA
expires: Wed, 25 Aug 2021 15:49:31 GMT

GET
H2 200 HS25-Ultra-Thin-Skin-0.03mm-V-looped-Stock-Toupee-6-11-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2018/09/ 14 KB
14 KB 16ms
14ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2018/09/HS25-Ultra-Thin-Skin-0.03mm-V-looped-Stock-Toupee-6-11-300x300.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a46def7869e249a8c7b833d48413ac046ca3d85a5e6265b5936749ad82dbe545

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 16
status: 200
content-length: 14657
cf-request-id: 04ed5180d8000063891b1b1200000001
last-modified: Wed, 12 Jun 2019 10:10:09 GMT
server: cloudflare
etag: "3941-58b1d9e422240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e158326389-FRA
expires: Wed, 01 Sep 2021 22:09:54 GMT

GET
H2 200 INS-Injected-Super-Thin-Skin-Stock-High-Quality-Mens-Toupee-2-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2018/09/ 12 KB
12 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2018/09/INS-Injected-Super-Thin-Skin-Stock-High-Quality-Mens-Toupee-2-300x300.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8af47c08e2fd9ee94fe493a2409872178fa702c8979a7ef86599252f99c7e7

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 12012
cf-request-id: 04ed5180d8000063891b1b2200000001
last-modified: Tue, 30 Oct 2018 10:10:49 GMT
server: cloudflare
etag: "2eec-5796f66591c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e158336389-FRA
expires: Wed, 01 Sep 2021 22:09:55 GMT

GET
H2 200 P3-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2018/09/ 16 KB
16 KB 23ms
22ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2018/09/P3-300x300.jpg
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809a88a9cb71708768bfe371a7cb80ccfca141ca58134a9dbb5dd97c05b5a528

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:10 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 16720
cf-request-id: 04ed5180d8000063891b1b3200000001
last-modified: Thu, 01 Nov 2018 02:03:18 GMT
server: cloudflare
etag: "4150-57990d2890580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251e158356389-FRA
expires: Wed, 01 Sep 2021 22:09:55 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
52 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOoGnNBhgyTIEoEBf

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 01 Sep 2020 22:10:10 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.newtimeshair.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 getPageIdBySiteId Show response
hkend.leadscloud.com/social/messengerWebsitRelation/ 69 B
518 B 245ms
244ms XHR
application/json 47.244.226.94
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hkend.leadscloud.com/social/messengerWebsitRelation/getPageIdBySiteId?matomoSiteId=21252
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.244.226.94 , China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: 18cf32e810106c78b2d1ce6ad862eaeafd3addc8f34d304fc66ee02baf2857f9

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
amp-access-control-allow-source-origin: https://www.newtimeshair.com
server: nginx/1.15.12
amp-same-origin: true
status: 200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newtimeshair.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
access-control-allow-headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H2 200 userchatmain.js Show response
lib.leadscloud.com/js/ 592 KB
156 KB 29ms
28ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3c76a61326e3364ed46fd150f769d21294df80ec427b0f3a35f9cae96c9f59

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4646
status: 200
cf-request-id: 04ed5183a80000074ac3176200000001
last-modified: Tue, 25 Aug 2020 10:48:52 GMT
server: cloudflare
etag: W/"5f44ec94-9413d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 11:53:40 GMT
cache-control: max-age=7200
cf-ray: 5cc251e5de25074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 42ms
29ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-124614447-1

Requested by

Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2b8bc7685ff34301540faeb05173fe235de1bc6dcc439f4f40120ec5173931d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35279
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Sep 2020 22:10:11 GMT

GET
H2 200 userbase.css
lib.leadscloud.com/css/ 97 KB
12 KB 15ms
15ms Stylesheet
text/css 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/css/userbase.css?v=20190416
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ce622cb961e19573030c02f08eaaba2f76cded5ac6dc4d78c42d21e24df10a

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4644
cf-polished: origSize=99109
status: 200
cf-request-id: 04ed5184050000074ac3180200000001
last-modified: Tue, 25 Aug 2020 10:48:52 GMT
server: cloudflare
etag: W/"5f44ec94-18325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 11:57:21 GMT
cache-control: max-age=7200
cf-ray: 5cc251e66f53074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 userchat.html Show response
lib.leadscloud.com/cors/ 14 KB
4 KB 1443ms
1428ms XHR
text/html 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/cors/userchat.html?v=20200610
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49257b39986eb209c839e2d8ade97eae553ec92dd8d05b0957b0f8a1623e711d

Request headers

Accept: */*
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Aug 2020 10:48:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 5cc251e68f11d725-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-request-id: 04ed5184170000d725feac2200000001
expires: Tue, 01 Sep 2020 23:10:12 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
47 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1179830735&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newtimeshair.com%2F&ul=en-us&de=UTF-8&dt=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=1536577425&gjid=982350036&cid=836917356.1598998210&tid=UA-124614447-1&_gid=272239424.1598998210&_r=1&gtm=2ou8j2&z=1275050847

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 22:10:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.newtimeshair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1179830735&t=event&_s=2&dl=https%3A%2F%2Fwww.newtimeshair.com%2F&ul=en-us&de=UTF-8&dt=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=LCView&_u=6GDAAUABAAAAAC~&jid=&gjid=&cid=836917356.1598998210&tid=UA-124614447-1&_gid=272239424.1598998210&gtm=2ou8j2&cd1=10491&cd2=10491FK2020090200101076849&z=1083450043

Requested by

Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 19:01:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1912097
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 52ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-124614447-1&cid=836917356.1598998210&jid=1536577425&gjid=982350036&_gid=272239424.1598998210&_u=6GDAAUABAAAAAC~&z=2080260917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Sep 2020 22:10:11 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.newtimeshair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 empty.css
lib.leadscloud.com/Front-Form/js/ 0
138 B 15ms
14ms Stylesheet
text/css 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/Front-Form/js/empty.css
Requested by: Host: admin.leadscloud.com
URL: https://admin.leadscloud.com/Front-Form/buryForm/xhlform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
cf-cache-status: HIT
age: 16
status: 200
content-length: 0
cf-request-id: 04ed5184470000074ac3183200000001
last-modified: Wed, 22 Apr 2020 12:02:04 GMT
server: cloudflare
etag: "5ea0323c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
expires: Wed, 05 Aug 2020 14:27:51 GMT
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 5cc251e6d852074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 XHLDEFAULTFORM.css
lib.leadscloud.com/Front-Form/js/ 570 B
307 B 18ms
17ms Stylesheet
text/css 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/Front-Form/js/XHLDEFAULTFORM.css
Requested by: Host: admin.leadscloud.com
URL: https://admin.leadscloud.com/Front-Form/buryForm/xhlform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7367d0d7f8449557d2020fed6722da9cc3c6e1fb348a2251d326dd9607e1d8

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4412
cf-polished: origSize=757
status: 200
cf-request-id: 04ed5184470000074ac3184200000001
last-modified: Tue, 25 Aug 2020 10:46:14 GMT
server: cloudflare
etag: W/"5f44ebf6-2f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 11:47:36 GMT
cache-control: max-age=7200
cf-ray: 5cc251e6d859074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 _XHLFjquery.js Show response
lib.leadscloud.com/Front-Form/js/3rd/ 94 KB
32 KB 16ms
16ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Requested by: Host: admin.leadscloud.com
URL: https://admin.leadscloud.com/Front-Form/buryForm/xhlform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab78c1379bae787c6cc8b80874218ead6a8c9328820000b01e617a481a2fd793

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4412
cf-polished: origSize=96052
status: 200
cf-request-id: 04ed5184470000074ac3185200000001
last-modified: Tue, 25 Aug 2020 10:46:14 GMT
server: cloudflare
etag: W/"5f44ebf6-17734"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 11:47:36 GMT
cache-control: max-age=7200
cf-ray: 5cc251e6d85d074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 XHLFORM.js Show response
lib.leadscloud.com/Front-Form/js/ 22 KB
6 KB 13ms
12ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403
Requested by: Host: admin.leadscloud.com
URL: https://admin.leadscloud.com/Front-Form/buryForm/xhlform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8686eb04df7886910b5188c44752ba105654a2cf58cb3e17851e1c6c24ac05

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4412
cf-polished: origSize=42788
status: 200
cf-request-id: 04ed5184470000074ac3186200000001
last-modified: Tue, 25 Aug 2020 10:46:14 GMT
server: cloudflare
etag: W/"5f44ebf6-a724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 25 Aug 2020 12:15:39 GMT
cache-control: max-age=7200
cf-ray: 5cc251e6d863074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

POST
H/1.1 200 getXSShow Show response
cnend.leadscloud.com/form-cust/form/ 3 KB
2 KB 860ms
249ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getXSShow
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 4c025745ebda3008663d4f6fc16750d86d51429896ac280a9260ef1179d2350a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 01 Sep 2020 22:10:12 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

OPTIONS
H/1.1 200 getConfigOrBrowserLanguageForForm
cnend.leadscloud.com/cuss-login/translate/ 0
0 242ms
241ms Other
text/html 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForForm
Protocol: HTTP/1.1
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newtimeshair.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Sep 2020 22:10:12 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,orgId
Access-Control-Allow-Credentials: true
AMP-Same-Origin: true
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Content-Encoding: gzip

POST
H/1.1 200 getConfigOrBrowserLanguageForForm Show response
cnend.leadscloud.com/cuss-login/translate/ 3 KB
2 KB 259ms
258ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForForm
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 20a419291d36b3c9005e0efe5724e4a9b3e73538bbaf406456ff10866ec69b90

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 01 Sep 2020 22:10:12 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

OPTIONS
H/1.1 200 getConfigOrBrowserLanguageForChat
cnend.leadscloud.com/cuss-login/translate/ 0
0 248ms
241ms Other
text/html 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForChat
Protocol: HTTP/1.1
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newtimeshair.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,orgId
Access-Control-Allow-Credentials: true
AMP-Same-Origin: true
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Content-Encoding: gzip

POST
H/1.1 200 getConfigOrBrowserLanguageForChat Show response
cnend.leadscloud.com/cuss-login/translate/ 3 KB
2 KB 528ms
260ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForChat
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: d5ad48796eb3fe0915bfc166598fa5099f8a9c4fa07dea156d2dcaee49b48a88

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H2 200 delete.png
lib.leadscloud.com/img/ 177 B
593 B 12ms
11ms Image
image/png 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lib.leadscloud.com/img/delete.png
Requested by: Host: www.newtimeshair.com
URL: https://www.newtimeshair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81645980bc65ab7ba1da6f4d8c25083af482beff116a3706a54ee9f6c211bb01

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 2362449
status: 200
content-length: 177
cf-request-id: 04ed5189c80000074ac31e2200000001
last-modified: Wed, 05 Aug 2020 13:12:17 GMT
server: cloudflare
etag: "5f2ab031-b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5cc251efaec9074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200 getColumnsShow Show response
cnend.leadscloud.com/form-cust/form/ 2 KB
1 KB 496ms
264ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getColumnsShow?parentTempateId=a1918ce488634a70955bc58b1f3f51e2&templateId=9fd39fd76f0d4b8783f20b372f679518
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 603a7dadcfb5dab252bb0a8afd5111dab11b597c77b1be10da65182172cc41e7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 getColumnsShow Show response
cnend.leadscloud.com/form-cust/form/ 1 KB
1 KB 670ms
264ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getColumnsShow?parentTempateId=a1918ce488634a70955bc58b1f3f51e2&templateId=575d4b94f0154c52b1ac2f9a83c0e4d5
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 80c7329aba1d61a45b5e181ae5f362a3de9c0581df47501432b5167cf46b4a3a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H2 200 container_TGEdFgA1.js Show response
analysis-js.leadscloud.com/js/ 169 KB
48 KB 20ms
18ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analysis-js.leadscloud.com/js/container_TGEdFgA1.js
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73f76e3357c08343e7d085fae0557921f806fc0e1556b0f3f91cfeb54e8d37a

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 17
cf-polished: origSize=173428
status: 200
cf-request-id: 04ed518a460000074ac31e9200000001
last-modified: Wed, 23 Oct 2019 04:12:00 GMT
server: cloudflare
etag: W/"5dafd310-2a574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 5cc251f078c4074a-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 iso.jpg
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 8 KB
8 KB 12ms
10ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/iso.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 054c11ad6fbe3fe3f6d316044dd4ba045b714a390531ae2b4b5d6b7ee77314f8

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 8216
cf-request-id: 04ed518a66000063891b1f6200000001
last-modified: Thu, 01 Sep 2016 16:00:58 GMT
server: cloudflare
etag: "2018-53b7451ca2280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251f0ade56389-FRA
expires: Wed, 01 Sep 2021 22:09:58 GMT

GET
H2 200 paypal-golden-key-supplier.png
www.newtimeshair.com/wp-content/themes/9cBiz/images/ 8 KB
8 KB 20ms
18ms Image
image/png 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/themes/9cBiz/images/paypal-golden-key-supplier.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8442cd6faaec4e9784373b277a9cba48f381a4b45318a0b72762e798d179b7

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 8461
cf-request-id: 04ed518a66000063891b1f7200000001
last-modified: Fri, 23 Aug 2019 01:49:46 GMT
server: cloudflare
etag: "210d-590bf05528280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251f0ade66389-FRA
expires: Wed, 01 Sep 2021 22:09:58 GMT

GET
H2 200 4-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2019/10/ 15 KB
15 KB 13ms
12ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2019/10/4-300x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e963dd641421634ea0a7df1189396c459f438ea87766eac62c4b22ea570b872

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 15273
cf-request-id: 04ed518a66000063891b1f8200000001
last-modified: Tue, 08 Oct 2019 03:05:51 GMT
server: cloudflare
etag: "3ba9-5945d721e21c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251f0ade76389-FRA
expires: Wed, 01 Sep 2021 22:09:58 GMT

GET
H2 200 30-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2018/01/ 21 KB
21 KB 20ms
18ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2018/01/30-300x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c891fc2f60dd41c7321447a1cf6f217ff0ffd50683701d45a859bf7c817210e2

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 21202
cf-request-id: 04ed518a66000063891b1f9200000001
last-modified: Wed, 13 Feb 2019 08:03:33 GMT
server: cloudflare
etag: "52d2-581c1fa62bf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251f0ade86389-FRA
expires: Wed, 01 Sep 2021 22:09:58 GMT

GET
H2 200 360-Lace-and-Machine-Weft-Base-Stock-Women%E2%80%99s-Natural-and-Straight-Hair-Wig-5-300x300.jpg
www.newtimeshair.com/wp-content/uploads/2018/05/ 17 KB
18 KB 13ms
12ms Image
image/jpeg 2606:4700:3035::6818:6bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newtimeshair.com/wp-content/uploads/2018/05/360-Lace-and-Machine-Weft-Base-Stock-Women%E2%80%99s-Natural-and-Straight-Hair-Wig-5-300x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2302466f810b5e00c15f58174e0d74f612a9993c6fa12e3589f03ade55b77305

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 22:10:13 GMT
cf-cache-status: HIT
age: 15
status: 200
content-length: 17887
cf-request-id: 04ed518a66000063891b1fa200000001
last-modified: Wed, 13 Feb 2019 02:27:47 GMT
server: cloudflare
etag: "45df-581bd49972ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5cc251f0adea6389-FRA
expires: Wed, 01 Sep 2021 22:09:58 GMT

GET
H2 200 piwik.php
analysis.leadscloud.com/ 43 B
144 B 1471ms
835ms Image
image/gif 35.241.94.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analysis.leadscloud.com/piwik.php?action_name=Wig%20Manufacturers%20In%20China%20%7C%20Wholesale%20Wigs%20Suppliers%20%26%20Distributors%20-%20NewTimes%20Hair&idsite=21252&rec=1&r=246129&h=0&m=10&s=13&url=https%3A%2F%2Fwww.newtimeshair.com%2F&uid=10491FK2020090200101076849&_id=335e2939a5cca0d0&_idts=1598998213&_idvc=1&_idn=0&_refts=0&_viewts=1598998213&send_image=1&cookie=1&res=1600x1200&dimension1=10491FK2020090200101076849&dimension2=10491&gt_ms=734&pv_id=Ybp9WT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.94.78 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 78.94.241.35.bc.googleusercontent.com
Software: nginx/1.19.2 / PHP/7.1.33
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 22:10:14 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.1.33
content-type: image/gif

GET
H2 200 configs.php Show response
analysis.leadscloud.com/plugins/HeatmapSessionRecording/ 120 B
246 B 982ms
351ms Script
application/javascript 35.241.94.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analysis.leadscloud.com/plugins/HeatmapSessionRecording/configs.php?idsite=21252&trackerid=l1tadJ&url=https%3A%2F%2Fwww.newtimeshair.com%2F
Requested by: Host: analysis-js.leadscloud.com
URL: https://analysis-js.leadscloud.com/js/container_TGEdFgA1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.94.78 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 78.94.241.35.bc.googleusercontent.com
Software: nginx/1.19.2 / PHP/7.1.33
Resource Hash: 139397111867a3ae19544abb5132acbbd67b92ac1b3ec7d3705eac4494b6765c

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 22:10:14 GMT
content-encoding: gzip
server: nginx/1.19.2
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200 getTemplateConfig Show response
cnend.leadscloud.com/form-cust/form/ 443 B
955 B 321ms
237ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getTemplateConfig?id=9fd39fd76f0d4b8783f20b372f679518
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 294c3b933f24fb3e2fcb0905bee4fbe5eb223349138c31f71183c62546ac9251

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 getListForClient Show response
cnend.leadscloud.com/new-privilege/formFieldConfig/ 3 KB
1 KB 427ms
327ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/new-privilege/formFieldConfig/getListForClient?serviceFlag=save_form&orgId=10491
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6d2bfd159eb2dd44f89e1dea9aa011ee48d7d6c4875746093f9b045736673581

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS,PUT,DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With

GET
H/1.1 200 getTemplateConfig Show response
cnend.leadscloud.com/form-cust/form/ 446 B
958 B 244ms
244ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getTemplateConfig?id=575d4b94f0154c52b1ac2f9a83c0e4d5
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0d4f81854a9d977ec1a364b8031173d17f099181d628f0df212e83cc0f1558fd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 getListForClient Show response
cnend.leadscloud.com/new-privilege/formFieldConfig/ 3 KB
1 KB 267ms
266ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/new-privilege/formFieldConfig/getListForClient?serviceFlag=save_form&orgId=10491
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/Front-Form/js/3rd/_XHLFjquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6d2bfd159eb2dd44f89e1dea9aa011ee48d7d6c4875746093f9b045736673581

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS,PUT,DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With

POST
H2 200 visitorInfoTraceAndLogin Show response
hkend.leadscloud.com/visitortrace/ 208 B
657 B 873ms
872ms XHR
application/json 47.244.226.94
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hkend.leadscloud.com/visitortrace/visitorInfoTraceAndLogin
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.244.226.94 , China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: b92e367570a7e29a70ddd2c83febf631a78228bd88c714d34f081fe072dba0a4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 22:10:14 GMT
amp-access-control-allow-source-origin: https://www.newtimeshair.com
server: nginx/1.15.12
amp-same-origin: true
status: 200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newtimeshair.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
access-control-allow-headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 getByOrgId Show response
cnend.leadscloud.com/cuss-login/offline/ 575 B
1 KB 237ms
237ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/offline/getByOrgId?orgId=10491
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: a121b1147f66c091fe5dd19e10577366bdf08abd3aef6db1dec6c7211209a35c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:14 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 webconf.jsp Show response
lbs.netease.im/lbs/ 260 B
699 B 362ms
294ms XHR
application/json 18.185.226.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.netease.im/lbs/webconf.jsp?k=216ec91d0f9c962dd8134033c9a5aa22&id=3f00e51a01ae407aae2b11ba502f3ccd&sv=70&pv=1
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.226.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-226-88.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f6c63cc152d7bad0c81811e5b05875f9caf7233b5ead33b31c99fe96dab025f

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 200 getConfigOrBrowserLanguageForForm
cnend.leadscloud.com/cuss-login/translate/ 0
0 234ms
234ms Other
text/html 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForForm
Protocol: HTTP/1.1
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newtimeshair.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,orgId
Access-Control-Allow-Credentials: true
AMP-Same-Origin: true
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Content-Encoding: gzip

POST
H/1.1 200 getConfigOrBrowserLanguageForForm Show response
cnend.leadscloud.com/cuss-login/translate/ 3 KB
2 KB 252ms
252ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForForm
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 5136dab0d4af1d277818dba836bfb93a37741e58b6b6f97974929c8023a2e3ff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200
OK / Show response
weblinkoutsea01.netease.im/socket.io/1/ 64 B
415 B 599ms
532ms XHR
text/plain 18.185.226.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weblinkoutsea01.netease.im:9090/socket.io/1/?t=1598998215087
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.226.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-226-88.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 75abe8423b9168601cd2aa94d649fe44c930d962b1d161167f1427d7b131daca

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200 getColumnsShow Show response
cnend.leadscloud.com/form-cust/form/ 2 KB
1 KB 257ms
257ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/form-cust/form/getColumnsShow?parentTempateId=a1918ce488634a70955bc58b1f3f51e2&templateId=5236ad856a5948b2a8b6a9ae24f89ae5
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 970bf1a1f50c930c238b63f05fa3f58fe057822a94c5d6dbcea5554f2d22b3e6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://www.newtimeshair.com
Server: nginx
AMP-Same-Origin: true
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H/1.1 200 getListForClient Show response
cnend.leadscloud.com/new-privilege/formFieldConfig/ 3 KB
1 KB 265ms
264ms XHR
application/json 128.1.135.160
UHGL-AS-AP UCloud...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/new-privilege/formFieldConfig/getListForClient?serviceFlag=save_form&orgId=10491
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UHGL-AS-AP UCloud (HK) Holdings Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6d2bfd159eb2dd44f89e1dea9aa011ee48d7d6c4875746093f9b045736673581

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 22:10:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS,PUT,DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.newtimeshair.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With

GET
H/1.1 200
OK 1.gif Show response
dr.netease.im/ 43 B
372 B 790ms
197ms XHR
image/gif 59.111.160.230
NETEASE-AS Guangz...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.netease.im/1.gif?event=ws_connected&appkey=216ec91d0f9c962dd8134033c9a5aa22&uid=3f00e51a01ae407aae2b11ba502f3ccd&os=web&session=&ver=70&type=im&platform=chrome83
Requested by: Host: lib.leadscloud.com
URL: https://lib.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.111.160.230 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newtimeshair.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 22:10:16 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Fri, 01 Jan 1980 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newtimeshair.com/	1970-01-22 12:09:58	Name: _xhlMatomoSiteId Value: 355709914957920
.newtimeshair.com/	1970-01-19 12:09:58	Name: _gat_gtag_UA_124614447_1 Value: 1
www.newtimeshair.com/	1969-12-31 23:59:59	Name: _xhlufirstvisitstate Value: 1
www.newtimeshair.com/	1970-01-22 12:09:58	Name: _xhluvisitorid Value: 10491FK2020090200101076849
www.newtimeshair.com/	1970-02-18 12:09:58	Name: _xhlufirstvisit Value: 1
www.newtimeshair.com/	1970-01-22 12:09:58	Name: enterpriseId Value: 10491
.newtimeshair.com/	1970-01-19 14:19:34	Name: _fbp Value: fb.1.1598998210356.1739264779
.newtimeshair.com/	1970-01-19 12:53:10	Name: __cfduid Value: d493bb94777d400c905a39f1913dffbca1598998209
.newtimeshair.com/	1970-01-19 12:09:58	Name: _gat_UA-45453425-1 Value: 1
.newtimeshair.com/	1970-01-19 12:11:24	Name: _gid Value: GA1.2.272239424.1598998210
.newtimeshair.com/	1970-01-20 05:41:10	Name: _ga Value: GA1.2.836917356.1598998210

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.newtimeshair.com/wp-content/cache/autoptimize/js/autoptimize_c5bba1c0ca1e812ee24313df30c8b043.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 15) Message: en-us
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 21) Message: en
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 23) Message: browLang en
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 33) Message: object
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 33) Message: 循环 9fd39fd76f0d4b8783f20b372f679518
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 33) Message: 循环 e20000cef8c54ab69d491fca9183fedb
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 33) Message: 循环 4368c3338b2c4ce7972134191ddce861
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 33) Message: 循环 575d4b94f0154c52b1ac2f9a83c0e4d5
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 43) Message: .BURY_CODE_9fd39fd76f0d4b8783f20b372f679518
console-api	log	URL: https://lib.leadscloud.com/Front-Form/js/XHLFORM.js?v=20200403(Line 43) Message: .BURY_CODE_575d4b94f0154c52b1ac2f9a83c0e4d5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.leadscloud.com
analysis-js.leadscloud.com
analysis.leadscloud.com
cnend.leadscloud.com
connect.facebook.net
dr.netease.im
googleads.g.doubleclick.net
hkend.leadscloud.com
lbs.netease.im
lib.leadscloud.com
stats.g.doubleclick.net
weblib.leadscloud.com
weblinkoutsea01.netease.im
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.newtimeshair.com
128.1.135.160
18.185.226.88
216.58.207.66
2606:4700:3033::6812:3339
2606:4700:3035::6818:6bb2
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81f::2008
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.185.162.135
35.241.94.78
47.244.226.94
47.96.194.133
59.111.160.230
054c11ad6fbe3fe3f6d316044dd4ba045b714a390531ae2b4b5d6b7ee77314f8
096a9435cced21a1fff8c457666df5003ffc4d0ec35d375836b4b2c1c8d42d73
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0d4f81854a9d977ec1a364b8031173d17f099181d628f0df212e83cc0f1558fd
101c508b9ef3bee819d6d5c1115b9af57ac71a25145be708d4df9cfc1487d02f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
139397111867a3ae19544abb5132acbbd67b92ac1b3ec7d3705eac4494b6765c
18cf32e810106c78b2d1ce6ad862eaeafd3addc8f34d304fc66ee02baf2857f9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2047931d2b1d5f53c570b06f5059d2fbc88fb935c5fc1b4dfcdde65d9cb71794
20a419291d36b3c9005e0efe5724e4a9b3e73538bbaf406456ff10866ec69b90
20ecce3623ff253244051a0a7107687b1716e4e70a4f642ae2d277ff2412eb02
2302466f810b5e00c15f58174e0d74f612a9993c6fa12e3589f03ade55b77305
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
294c3b933f24fb3e2fcb0905bee4fbe5eb223349138c31f71183c62546ac9251
2a9c9a490ad927aaf3b9e26f170817b1bbc845c956da96425d344026f7750225
2c9083e37bbe50d2972747e91b832712a433db2e01dd6f5fa916d695588c8d2d
2e1cf1f0fcaef3b9fa0b7d8dbc729dce369a2b02e915b0c493d6b016741f6053
321a6f842fe9c5190e26175b4b0c7f9c2b11a025f8fdcedd5db6fb88d81052ef
3d3c76a61326e3364ed46fd150f769d21294df80ec427b0f3a35f9cae96c9f59
40bfe4303115613580119f934ce5c73179116b577d061384dc66703af7eed77b
49257b39986eb209c839e2d8ade97eae553ec92dd8d05b0957b0f8a1623e711d
4c025745ebda3008663d4f6fc16750d86d51429896ac280a9260ef1179d2350a
4e8af47c08e2fd9ee94fe493a2409872178fa702c8979a7ef86599252f99c7e7
4efa6aeb8cfe06a579f3d9f94f307496fe39ce38095d715765618fe4ed09a0cd
4f6c63cc152d7bad0c81811e5b05875f9caf7233b5ead33b31c99fe96dab025f
5136dab0d4af1d277818dba836bfb93a37741e58b6b6f97974929c8023a2e3ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5826aa5e5e378326b6ff259d318bac7eac4a8b24fc2b2cd271cc7156cc25ebd1
5ae5e2269ea79492d47bfcd04950aec4315b764d04fb79164fc26dc4e7738550
5e2be4e7d0406c59da925a1358fcb3852724a2f1f81bdac8022ad97d6aebb6e6
603a7dadcfb5dab252bb0a8afd5111dab11b597c77b1be10da65182172cc41e7
618a0c9cbe43c2a9f681d5012961305ece62987edecb98fe9c1073412d2bb064
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2bfd159eb2dd44f89e1dea9aa011ee48d7d6c4875746093f9b045736673581
6e963dd641421634ea0a7df1189396c459f438ea87766eac62c4b22ea570b872
711c80f1240d30bccd2e341635204aa1bbec68af32f02f87f84ca78761a51151
75abe8423b9168601cd2aa94d649fe44c930d962b1d161167f1427d7b131daca
75c4bfe2c8945e31226e5ec649321015159e5f903abd07e82fb6f10211a8d02c
75d6f6e75915c72c832e09b7650790eb9f29f8f22916893d0a5d52a46f6eff39
7b8442cd6faaec4e9784373b277a9cba48f381a4b45318a0b72762e798d179b7
809a88a9cb71708768bfe371a7cb80ccfca141ca58134a9dbb5dd97c05b5a528
80c7329aba1d61a45b5e181ae5f362a3de9c0581df47501432b5167cf46b4a3a
81645980bc65ab7ba1da6f4d8c25083af482beff116a3706a54ee9f6c211bb01
81ce622cb961e19573030c02f08eaaba2f76cded5ac6dc4d78c42d21e24df10a
8332374a9492ca8d5de8e6b12a65928a147e8782165befa0d79aaac62b787e88
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
8f8686eb04df7886910b5188c44752ba105654a2cf58cb3e17851e1c6c24ac05
949a3ee14ae4c0d078caabb111b0769ffcad7dbb2805b2844b3a6ca08696b320
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
970bf1a1f50c930c238b63f05fa3f58fe057822a94c5d6dbcea5554f2d22b3e6
99c0e88c7da0019bff36bb53d5b02ea00bb43776afaa170ef0883bc00d126b34
9d37bb3eb8f2782c90dffe3eeb2066237cac9abed378a2ca876d72e9ee5aff16
a121b1147f66c091fe5dd19e10577366bdf08abd3aef6db1dec6c7211209a35c
a46def7869e249a8c7b833d48413ac046ca3d85a5e6265b5936749ad82dbe545
a75c1ba31fc358ae4929dbab39a72e1b254f871a945ca7275377549fdc07f795
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
ab78c1379bae787c6cc8b80874218ead6a8c9328820000b01e617a481a2fd793
af7367d0d7f8449557d2020fed6722da9cc3c6e1fb348a2251d326dd9607e1d8
b2b8bc7685ff34301540faeb05173fe235de1bc6dcc439f4f40120ec5173931d
b65c42dc5f1b68f40e4ed2c296315bfb052e0712f8a3f345e4040378e8f68d86
b92e367570a7e29a70ddd2c83febf631a78228bd88c714d34f081fe072dba0a4
b945f786a112cc9e915dad9b956e2c7af7652ef643445a562831787782796ec0
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c7292a70e8285f416a2dee54fdc9468cce5eeadecfd5cb7702e0673dd7d0bc29
c73f76e3357c08343e7d085fae0557921f806fc0e1556b0f3f91cfeb54e8d37a
c891fc2f60dd41c7321447a1cf6f217ff0ffd50683701d45a859bf7c817210e2
cd42f4e10e6c51fb75f8cf330f7e260fd3cfc22299364777402d04af86136388
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d4f6db627511d639daa734a95f9a66d6f809908a7e8a96ddeebc9c5127cef2
d41f34bc9a18378c157bb9afd3f2378ad57c391012ba4582124e643144cefcc9
d5ad48796eb3fe0915bfc166598fa5099f8a9c4fa07dea156d2dcaee49b48a88
d79cb98fad05c3c4e74a25b856530b70db20e4bcf316efaff31ea07035be1064
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d2f13be51e1b9a8cbdaf0c80795143c78ec670427d4f042a1630cf5e2c7e79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3c12e60a8c319c00e6f05c5964a374ab0d51f3294cffd10c54ba94c218ed60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e46faa4e1d1af01a589f6ef5c672addf7f3a6462db6b14eeb9b394c7ea02ee

www.newtimeshair.com Open in urlscan Pro 2606:4700:3035::6818:6bb2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

56 %IPv6

11 Domains

20 Subdomains

19 IPs

8 Countries

1359 kBTransfer

3280 kBSize

11 Cookies

17 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newtimeshair.com Open in urlscan Pro
2606:4700:3035::6818:6bb2 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

56 %
IPv6

11
Domains

20
Subdomains

19
IPs

8
Countries

1359 kB
Transfer

3280 kB
Size

11
Cookies

87 HTTP transactions
7 data transactions