urlscan.io logo urlscan.io
SecurityTrails logo

windows.hairscare.net Open in urlscan Pro
172.67.183.211  Public Scan

Go To Rescan Add Verdict Report
URL: https://windows.hairscare.net/
Submission: On May 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 17 domains to perform 26 HTTP transactions. The main IP is 172.67.183.211, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows.hairscare.net.
TLS certificate: Issued by GTS CA 1P5 on May 11th 2024. Valid for: 3 months.
This is the only time windows.hairscare.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.183.211 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.59.252.164 16276 (OVH)
1 3.5.30.102 14618 (AMAZON-AES)
1 128.199.32.138 14061 (DIGITALOC...)
1 2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 217.64.202.154 12637 (SEEWEB We...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.127 16276 (OVH)
26 15
6    172.67.183.211 (United States)

ASN13335 (CLOUDFLARENET, US)
windows.hairscare.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a02:26f0:3500:18::1724:a299 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.orvis.com
1    146.59.252.164 (France)

ASN16276 (OVH, FR)
PTR: ns3183678.ip-146-59-252.eu
www.sardiniapost.it
1    3.5.30.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
dimensionsguide.s3.amazonaws.com
1    128.199.32.138 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
www.laroma24.it
2    2a02:26f0:ab00:393::3198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.androidworld.it
www.smartworld.it
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    217.64.202.154 (Frosinone, Italy)

ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT)
PTR: server1.lightage.it
www.spoletoposteservizi.it
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ts2.mm.bing.net
1    2606:4700:10::6814:1347 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
6 hairscare.net
windows.hairscare.net
115 KB
3 bing.net
ts2.mm.bing.net — Cisco Umbrella Rank: 83168
108 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 771
57 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 13913
s4.histats.com — Cisco Umbrella Rank: 13947
5 KB
2 gstatic.com
fonts.gstatic.com
37 KB
1 spoletoposteservizi.it
www.spoletoposteservizi.it
51 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
1 KB
1 smartworld.it
www.smartworld.it
22 KB
1 androidworld.it
www.androidworld.it
458 B
1 laroma24.it
www.laroma24.it
437 KB
1 amazonaws.com
dimensionsguide.s3.amazonaws.com — Cisco Umbrella Rank: 975859
125 KB
1 sardiniapost.it
www.sardiniapost.it
1 orvis.com
assets.orvis.com — Cisco Umbrella Rank: 367153
71 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
0 etgroup.info Failed
www.etgroup.info Failed
0 used.forsale Failed
www.used.forsale Failed
0 altervista.org Failed
parrocchiadecima.altervista.org Failed
26 17
Domain Requested by
6 windows.hairscare.net windows.hairscare.net
3 ts2.mm.bing.net windows.hairscare.net
3 unpkg.com 1 redirects windows.hairscare.net
unpkg.com
2 fonts.gstatic.com fonts.googleapis.com
1 s4.histats.com s10.histats.com
1 s10.histats.com windows.hairscare.net
1 www.spoletoposteservizi.it windows.hairscare.net
1 i.ytimg.com windows.hairscare.net
1 www.smartworld.it windows.hairscare.net
1 www.androidworld.it 1 redirects
1 www.laroma24.it windows.hairscare.net
1 dimensionsguide.s3.amazonaws.com windows.hairscare.net
1 www.sardiniapost.it windows.hairscare.net
1 assets.orvis.com windows.hairscare.net
1 fonts.googleapis.com windows.hairscare.net
0 www.etgroup.info Failed windows.hairscare.net
0 www.used.forsale Failed windows.hairscare.net
0 parrocchiadecima.altervista.org Failed windows.hairscare.net
26 18

This site contains no links.

Subject Issuer Validity Valid
hairscare.net
GTS CA 1P5		 2024-05-11 -
2024-08-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
unpkg.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
secure2s.scene7.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-08-13		 4 months crt.sh
www.sardiniapost.it
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.laroma24.it
AlphaSSL CA - SHA256 - G4		 2023-08-17 -
2024-09-17		 a year crt.sh
edgestatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
spoletoposteservizi.it
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://windows.hairscare.net/
Frame ID: 47BBAEC8C0F3B491793E0D049FB45F43
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows Hairscare Net

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

26
Requests

81 %
HTTPS

57 %
IPv6

17
Domains

18
Subdomains

15
IPs

6
Countries

1030 kB
Transfer

5741 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg HTTP 301
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
Request Chain 7
  • https://www.used.forsale/sh-img/5147_cerchi%2Blega%2B14%2B4x100.jpg HTTP 301
  • https://www.used.forsale/
Request Chain 10
  • https://www.androidworld.it/wp-content/uploads/2019/08/duolingo-supporto-latino-02.png HTTP 301
  • https://www.smartworld.it/wp-content/uploads/android/2019/08/duolingo-supporto-latino-02.png
Request Chain 19
  • https://unpkg.com/ionicons@4.2.2/dist/fonts/ionicons.woff2?v=4.2.1 HTTP 302
  • https://unpkg.com/ionicons@4.2.2/dist/fonts/ionicons.woff2

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windows.hairscare.net/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7c6658e53afe951b6622a94873c9cfcf5525ac87d13e2671577f3fba5705b4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
885ec55e1a429f2e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 18 May 2024 20:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5vmn7sv0bUCETuDiTurTIqg%2FzmY00VUY0FfXHlCzxK%2BQ7adQCJtiI17eiqU0bk31hEvpf98r2oXapyaEutekU2ljzhdUBmr4V1GJZkhLmILeauba4r19hpmHpb8%2BerENNS%2FfmfHyD8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:700%7CRoboto:400,500
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc013ae2a5e345ba261e0ac1a86895e207d030d0e907633e4dd445db8fd5f15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 May 2024 20:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 May 2024 20:59:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 May 2024 20:59:27 GMT
ionicons.min.css
unpkg.com/ionicons@4.2.2/dist/css/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.2.2/dist/css/ionicons.min.css
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0f769b4d17647911814d87ff2f39c3ef9a16e91cc4d49567424e68f77b3d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5717668
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB7Q14WW7JHEYPDT4K7PBJ-fra
server
cloudflare
etag
W/"b5ff-pH+L4NhHSqBqrrf7++mey+g7twE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
885ec56b5ecaa040-FRA
style.css
windows.hairscare.net/themes/hally/assets/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows.hairscare.net/themes/hally/assets/style.css
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980d192df685febf408cf82c7285bfc856a2b360f2104ce6b26d083b5f845fcc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 06:58:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f1715-a103"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaXZpFRMcXtwOyyMJidb0lPp2xjCRxii7zOHkN81xHRLIq0iJfwVuZbylFQQjSb0f%2BG489wzxQPmFbzTzcKMBoH7cgECs3M2tnYLyJglvyCcspkhgojWLutjlGwGpt3cS1Qx3UuBHP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
885ec56aaa5d9f2e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 May 2024 08:59:27 GMT
01.jpg
windows.hairscare.net/themes/hally/assets/images/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows.hairscare.net/themes/hally/assets/images/01.jpg
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdd9efda2ec1cabb7f098b9258012469696a49edd8e68fc18f11b641c6b7d9a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 06:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"663f1718-cdd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeMZd4BNZn2ItIf%2BMnUerRRbT9joBas8mz1vgFYGUqk1%2FKfIppAlLHNilXt2ckvSPQEjo4KHUp%2F2XzYFNJTXVajWBvBXd6WIt573LPChGOzxNrniqhFq3%2F4vDbDdddjP4qjHnKWFSIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
885ec56aaa5f9f2e-FRA
alt-svc
h3=":443"; ma=86400
content-length
52695
expires
Mon, 17 Jun 2024 20:59:27 GMT
AdobeStock_44788020
assets.orvis.com/is/image/orvisprd/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.orvis.com/is/image/orvisprd/AdobeStock_44788020
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a299 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
b7ea500fc6668d10380aae5c76f293d7c610bbe908c04c7e237f13cb06931e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 18 May 2024 20:59:28 GMT
last-modified
Thu, 11 Mar 2021 16:51:43 GMT
server
Unknown
akamai-grn
0.99a02417.1716065967.12477164
x-adobe-modifierlist
QlpoOTFBWSZTWR+mXYgAAAACAAAKIAAwgEFYu5IpwoSA/TLsQA==
etag
"e91e725f5501536b13f7752c4b41dea2"
x-adobe-assetlist
QlpoOTFBWSZTWWGeGEoAAAWfgAAA1MAgAAgKnijdACAAMUAGI000aFBo0DRoHqJIitJhGeLmumcRRtRwCoF/i7kinChIMM8MJQA=
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
38580
x-akamai-cache
RefreshHit
content-length
72174
expires
Sun, 19 May 2024 06:59:28 GMT
Bithia@Genova_20020328.jpg
www.sardiniapost.it/wp-content/uploads/2014/08/ 		4 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sardiniapost.it/wp-content/uploads/2014/08/Bithia@Genova_20020328.jpg
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
146.59.252.164 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3183678.ip-146-59-252.eu
Software
nginx/1.14.2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 20:59:28 GMT
Last-Modified
Tue, 27 Oct 2020 18:00:36 GMT
Server
nginx/1.14.2
ETag
"5f986044-4952b0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4805296
cpp_al_lavoro.jpg
parrocchiadecima.altervista.org/wp-content/uploads/2021/06/
Redirect Chain
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
  • https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
0
0
/
www.used.forsale/
Redirect Chain
  • https://www.used.forsale/sh-img/5147_cerchi%2Blega%2B14%2B4x100.jpg
  • https://www.used.forsale/
0
0
Dimensions-Guide-Digital-Televisions-TVs-TCL-4-Series-Roku-Smart-TV-49-Inch.svg
dimensionsguide.s3.amazonaws.com/12-DIGITAL/TELEVISIONS-TVS/TCL-4-SERIES-ROKU-SMART-TV-49-INCH/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dimensionsguide.s3.amazonaws.com/12-DIGITAL/TELEVISIONS-TVS/TCL-4-SERIES-ROKU-SMART-TV-49-INCH/Dimensions-Guide-Digital-Televisions-TVs-TCL-4-Series-Roku-Smart-TV-49-Inch.svg
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.30.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
14858733907403dd9e1a911f0c96d81bf8bb309506067e679181722e13f5be4b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 20:59:29 GMT
Last-Modified
Thu, 12 Mar 2020 21:21:01 GMT
Server
AmazonS3
x-amz-request-id
KGY6FBHMPWT7H4BX
ETag
"1ac7fe8376c01fac5e7ca2f1c3465389"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
127288
x-amz-id-2
/zrqd3hCbzIllncdUbUcRN8+GfvjOTPrOocoMSNQ8F4pityoqh/fe2Jh59i5rSHlKExdSB7sFLKrM5cIpK1sJKmfcEtxX8AG
12158549_small.jpg
www.laroma24.it/wp-content/uploads/2020/12/ 		436 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.laroma24.it/wp-content/uploads/2020/12/12158549_small.jpg
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
128.199.32.138 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cecae7dd505e1f7373cc96a908e1704ee351769840a1a1bcfd9a5bb0f51118d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 20:59:28 GMT
Via
1.1 varnish (Varnish/6.2)
Age
0
Grace
X-Cache
MISS
Connection
keep-alive
Content-Length
446881
Last-Modified
Wed, 26 May 2021 14:10:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-TTL
TTL (600.000)
ETag
W/"6d1a1-179a9031898"
Content-Type
image/jpeg
X-Varnish
405897663
Cache-Control
public; max-age: 600s
Accept-Ranges
bytes
X-Cache-Hits
0
duolingo-supporto-latino-02.png
www.smartworld.it/wp-content/uploads/android/2019/08/
Redirect Chain
  • https://www.androidworld.it/wp-content/uploads/2019/08/duolingo-supporto-latino-02.png
  • https://www.smartworld.it/wp-content/uploads/android/2019/08/duolingo-supporto-latino-02.png
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smartworld.it/wp-content/uploads/android/2019/08/duolingo-supporto-latino-02.png
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Server
2a02:26f0:ab00:393::3198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
9b9ca8c5a1e5e1386c1d3b4c2ce4955b68c8089c91f7e86abdfe1a7be79d81b4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://windows.hairscare.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
last-modified
Tue, 10 Oct 2023 18:39:26 GMT
server
Akamai Image Server
etag
"38d100ad2c857ef7ae0ce175417233d9"
content-type
image/jpeg
cache-control
private, no-transform, max-age=1800
content-length
22321
expires
Sat, 18 May 2024 21:29:28 GMT

Redirect headers

location
https://www.smartworld.it/wp-content/uploads/android/2019/08/duolingo-supporto-latino-02.png
date
Sat, 18 May 2024 20:59:28 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
maxres2.jpg
i.ytimg.com/vi/SXhzJjQW8Wg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/SXhzJjQW8Wg/maxres2.jpg?sqp=-oaymwEoCIAKENAF8quKqQMcGADwAQH4Ac4FgAKACooCDAgAEAEYfyBJKCAwDw==&rs=AOn4CLDfUq0vAVO9xrZP8IwLo5obs-_jEQ
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
x-content-type-options
nosniff
server
sffe
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=30
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1097
x-xss-protection
0
expires
Sat, 18 May 2024 20:59:58 GMT
Busta-lettea.png
www.spoletoposteservizi.it/wp-content/uploads/2022/11/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spoletoposteservizi.it/wp-content/uploads/2022/11/Busta-lettea.png
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.64.202.154 Frosinone, Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
server1.lightage.it
Software
nginx / PleskLin
Resource Hash
be4fe623337be7490a9a3a06d3889d3596b84f6a6ba127e6b4d2e03572d74376
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 08 Jul 2023 08:27:39 GMT
server
nginx
etag
"64a91dfb-c91c"
x-powered-by
PleskLin
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
51484
expires
Sat, 15 Jun 2024 20:59:28 GMT
DSC_3740-scaled.jpg
www.etgroup.info/blog/wp-content/uploads/2019/11/ 		0
0
scripts.min.js
windows.hairscare.net/themes/hally/assets/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows.hairscare.net/themes/hally/assets/scripts.min.js
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb3c76b2830156f326f20bf2f5aab0d4435839f04c048be297d0a5bcc65e830

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 06:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f1713-1fd51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zE2wh7oCDuiAqf2H2%2BeCyAJ6mk0bfL7PsgaZvoom8lbtRUWJUqzxiznwik6NWEPCotUcqtTqEAZo6J1%2F0ZuSOvnD2gQqpa3uATZ9b9BqOTVk%2FTirWSNlLM0H2CHeTAsm3l9xelRS2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
885ec56b6ba59f2e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 May 2024 08:59:28 GMT
common.min.js
windows.hairscare.net/themes/hally/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows.hairscare.net/themes/hally/assets/common.min.js
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588927d57a3de77e54b0ba64553dfdeba57aa97b2f2a2c6028b9c3ef1153f768

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 06:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f1714-8c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geLTCTnDfQXwTebmc0LfaIefP7ciir432%2FKzJsX%2Bstyx4oSiOkLaOZNr8fYkeBtwAIszx2V2suIs6HLjeoo7cqxHLb4rsMXEIraJXjYiz%2Bus8ko5836lQ0fzsWPnNedPY9yeHEUQTt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
885ec56b6ba79f2e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 May 2024 08:59:28 GMT
stats.js
windows.hairscare.net/assets/ 		963 B
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows.hairscare.net/assets/stats.js
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637fd68c9daef90c9900c1763ec1891732248ccbce534fd758e95d08ee4baf12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 06:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f1717-3c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VJElCaKp0tjAZMsUpNG0lPDh2ESTP90SfH%2FlJS74wkTGimpa7%2FuAgcVzP9knMJuBRmYwh0egpLMZ%2BIjmuby%2F5gAisfS%2BnDrvp1ikyextRBi3G5F001mvsaljj57II5cpOogwmV4vbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
885ec56b6ba89f2e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 May 2024 08:59:28 GMT
0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2
fonts.gstatic.com/s/lora/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700%7CRoboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d359880fa99ef4c99b45828b69ea479bbe8a98acad2dab05fa033fdcf161101c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://windows.hairscare.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:59:37 GMT
x-content-type-options
nosniff
age
370791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21128
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:59:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:700%7CRoboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://windows.hairscare.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 13:48:35 GMT
x-content-type-options
nosniff
age
25853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 13:48:35 GMT
ionicons.woff2
unpkg.com/ionicons@4.2.2/dist/fonts/
Redirect Chain
  • https://unpkg.com/ionicons@4.2.2/dist/fonts/ionicons.woff2?v=4.2.1
  • https://unpkg.com/ionicons@4.2.2/dist/fonts/ionicons.woff2
49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@4.2.2/dist/fonts/ionicons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@4.2.2/dist/css/ionicons.min.css
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://unpkg.com/ionicons@4.2.2/dist/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5721936
content-length
50632
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW75JH1HPG00JGNA68BN269-fra
server
cloudflare
etag
"c5c8-QqWDQYHfWKuNxiDj3Cd9RHPHWV4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
885ec56d3d0d690a-FRA

Redirect headers

date
Sat, 18 May 2024 20:59:28 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HY6QE1H61T2BYT94YW9QFWTP-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
630
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/ionicons@4.2.2/dist/fonts/ionicons.woff2
cf-ray
885ec56cdc5d690a-FRA
th
ts2.mm.bing.net/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=consiglio-pastorale-parrocchiale-diritto-canonico.webp
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f812faf1dba52020e8589f2d5d934f20263fd18005f31b7c1eddeb766bb48bf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B7D7DD1694534639A49C159B96FA36C5 Ref B: FRA31EDGE0822 Ref C: 2024-05-18T20:59:28Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
26172
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
1136
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
885ec56e9d174d67-FRA
content-length
4547
th
ts2.mm.bing.net/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=punto-nascite-san-vito-al-tagliamento.webp
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03282aafc2b77ac1853a3ae29dd6d7a3def5994f024d8da8b6e19807086fde3b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF0ADBF8AF284DA6982A4B9FC9339D47 Ref B: FRA31EDGE0822 Ref C: 2024-05-18T20:59:28Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
41974
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4532101&@f16&@g1&@h1&@i1&@j1716065968459&@k0&@l1&@mWindows%20Hairscare%20Net&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:136063141&@b3:1716065968&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwindows.hairscare.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
34b999a31e6e03ab2cfef0495c311cc2c5fb27ec78509254c1106ae2298f0a1e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 20:59:28 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
th
ts2.mm.bing.net/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=cerchi-lega-15-4-fori.webp
Requested by
Host: windows.hairscare.net
URL: https://windows.hairscare.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
678b8a415b83b0740b2413f1929d257343223a66685d393b8ccae3f5b099d83d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://windows.hairscare.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:59:28 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E2E099EACD248A6BCC259B7BE621A8D Ref B: FRA31EDGE0822 Ref C: 2024-05-18T20:59:28Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
41355

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
parrocchiadecima.altervista.org
URL
https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
Domain
www.used.forsale
URL
https://www.used.forsale/
Domain
www.etgroup.info
URL
https://www.etgroup.info/blog/wp-content/uploads/2019/11/DSC_3740-scaled.jpg

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| searchResults object| searchInput number| contextDive boolean| timerUserInput function| search function| getJSON function| htmlToElement function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

8 Cookies

Domain/Path Name / Value
www.androidworld.it/ Name: AWSALBCORS
Value: hIjwXLCGMZVWoABg9Q/Mky5ymGhxrFQvXAKN87Rii845qKXgx5NxyIsbBL4YttNDnCmO63foFLM6vVHBWs9ef7+5KvtGD0De0aHlJjmmkt90Ep9qH+YHw+G8rEHd
windows.hairscare.net/ Name: HstCfa4532101
Value: 1716065968459
windows.hairscare.net/ Name: HstCla4532101
Value: 1716065968459
windows.hairscare.net/ Name: HstCmu4532101
Value: 1716065968459
windows.hairscare.net/ Name: HstPn4532101
Value: 1
windows.hairscare.net/ Name: HstPt4532101
Value: 1
windows.hairscare.net/ Name: HstCnv4532101
Value: 1
windows.hairscare.net/ Name: HstCns4532101
Value: 1

11 Console Messages

Source Level URL
Text
security warning URL: https://windows.hairscare.net/
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.sardiniapost.it/wp-content/uploads/2014/08/Bithia@Genova_20020328.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.laroma24.it/wp-content/uploads/2020/12/12158549_small.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/(Line 263)
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.sardiniapost.it/wp-content/uploads/2014/08/Bithia@Genova_20020328.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/(Line 263)
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/(Line 263)
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.laroma24.it/wp-content/uploads/2020/12/12158549_small.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://parrocchiadecima.altervista.org/wp-content/uploads/2021/06/cpp_al_lavoro.jpg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://i.ytimg.com/vi/SXhzJjQW8Wg/maxres2.jpg?sqp=-oaymwEoCIAKENAF8quKqQMcGADwAQH4Ac4FgAKACooCDAgAEAEYfyBJKCAwDw==&rs=AOn4CLDfUq0vAVO9xrZP8IwLo5obs-_jEQ
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://windows.hairscare.net/
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.sardiniapost.it/wp-content/uploads/2014/08/Bithia@Genova_20020328.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windows.hairscare.net/
Message:
Mixed Content: The page at 'https://windows.hairscare.net/' was loaded over HTTPS, but requested an insecure element 'http://www.laroma24.it/wp-content/uploads/2020/12/12158549_small.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://windows.hairscare.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.orvis.com
dimensionsguide.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
parrocchiadecima.altervista.org
s10.histats.com
s4.histats.com
ts2.mm.bing.net
unpkg.com
windows.hairscare.net
www.androidworld.it
www.etgroup.info
www.laroma24.it
www.sardiniapost.it
www.smartworld.it
www.spoletoposteservizi.it
www.used.forsale
parrocchiadecima.altervista.org
www.etgroup.info
www.used.forsale
128.199.32.138
146.59.252.164
149.56.240.127
172.67.183.211
217.64.202.154
2606:4700:10::6814:1347
2606:4700::6811:f6cb
2620:1ec:c11::200
2a00:1450:4001:80e::2016
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a02:26f0:3500:18::1724:a299
2a02:26f0:ab00:393::3198
3.5.30.102
03282aafc2b77ac1853a3ae29dd6d7a3def5994f024d8da8b6e19807086fde3b
14858733907403dd9e1a911f0c96d81bf8bb309506067e679181722e13f5be4b
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
2d0f769b4d17647911814d87ff2f39c3ef9a16e91cc4d49567424e68f77b3d9b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34b999a31e6e03ab2cfef0495c311cc2c5fb27ec78509254c1106ae2298f0a1e
3cb3c76b2830156f326f20bf2f5aab0d4435839f04c048be297d0a5bcc65e830
588927d57a3de77e54b0ba64553dfdeba57aa97b2f2a2c6028b9c3ef1153f768
5c7c6658e53afe951b6622a94873c9cfcf5525ac87d13e2671577f3fba5705b4
637fd68c9daef90c9900c1763ec1891732248ccbce534fd758e95d08ee4baf12
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558
678b8a415b83b0740b2413f1929d257343223a66685d393b8ccae3f5b099d83d
980d192df685febf408cf82c7285bfc856a2b360f2104ce6b26d083b5f845fcc
9b9ca8c5a1e5e1386c1d3b4c2ce4955b68c8089c91f7e86abdfe1a7be79d81b4
9cdd9efda2ec1cabb7f098b9258012469696a49edd8e68fc18f11b641c6b7d9a
9f812faf1dba52020e8589f2d5d934f20263fd18005f31b7c1eddeb766bb48bf
b7ea500fc6668d10380aae5c76f293d7c610bbe908c04c7e237f13cb06931e1e
be4fe623337be7490a9a3a06d3889d3596b84f6a6ba127e6b4d2e03572d74376
cecae7dd505e1f7373cc96a908e1704ee351769840a1a1bcfd9a5bb0f51118d8
d359880fa99ef4c99b45828b69ea479bbe8a98acad2dab05fa033fdcf161101c
dc013ae2a5e345ba261e0ac1a86895e207d030d0e907633e4dd445db8fd5f15a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615