offers.greatclips.com Open in urlscan Pro
23.253.121.125  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5FLYx77 Show response offers.greatclips.com/t/	14 KB 6 KB	693ms 167ms	Document text/html	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash a0f96f74631ab8c5180df1f83dcf02c95b0a7df508ce2002170aa38d3f282f9a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-methods GET,POST,PUT,DELETE content-encoding gzip content-type text/html; charset=utf-8 date Sat, 15 Apr 2023 19:37:59 GMT server nginx/1.20.1 x-rack-cache miss x-request-id d7044a6cebe11420b5a0ed9f7c5548c8 x-runtime 0.031118 x-ua-compatible IE=Edge,chrome=1
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/	26 KB 6 KB	35ms 17ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:37:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 617, 617 age 6947744 cdn-cachedat 2021-04-13 02:48:33 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 3e4766ad0ddfa4bdecb1b0dc22b73ef7 timing-allow-origin * cdn-requestcountrycode US cf-ray 7b86a575beda30c3-FRA cdn-requestpullsuccess True
GET H2	200	select2.css offers.greatclips.com/	17 KB 3 KB	129ms 128ms	Stylesheet text/css	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/select2.css Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash be00172b9adfd3ffdb9a5c26e70df798e4e99270e8f1aa3de83a2dc45f1d8682 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT content-encoding gzip last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag W/"6412b052-4260" access-control-allow-methods GET,POST,PUT,DELETE content-type text/css
GET H2	200	application-eb7e146706838c0ac6e18d899636117f.css offers.greatclips.com/assets/	51 KB 12 KB	131ms 131ms	Stylesheet text/css	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/assets/application-eb7e146706838c0ac6e18d899636117f.css Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 978feb0c87fc25fdceb576fc7ff1124a09cee094ad3307ec76f0080a0b56d9d5 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT content-encoding gzip last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag W/"6412b052-cdc0" access-control-allow-methods GET,POST,PUT,DELETE content-type text/css
GET H2	200	application-059523678196f3d4486252e1ce26d013.js Show response offers.greatclips.com/assets/	175 KB 66 KB	258ms 258ms	Script application/javascript	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/assets/application-059523678196f3d4486252e1ce26d013.js Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 391de8bc52e15b92a474d327f517ab661fcbf2cc8511d8be050ebcdc131f65e6 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT content-encoding gzip last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag W/"6412b052-2bd08" access-control-allow-methods GET,POST,PUT,DELETE content-type application/javascript
GET H2	200	select2.min.js Show response offers.greatclips.com/javascripts/	69 KB 23 KB	258ms 257ms	Script application/javascript	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/javascripts/select2.min.js Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT content-encoding gzip last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag W/"6412b052-114eb" access-control-allow-methods GET,POST,PUT,DELETE content-type application/javascript
GET H2	200	spinner.gif offers.greatclips.com/	3 KB 3 KB	128ms 128ms	Image image/gif	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://offers.greatclips.com/spinner.gif Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash d8effbc1dd7a89680b2db3e05d43eee57a09f37b97699a1013fe16c6712f2eaf Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag "6412b052-a30" access-control-allow-methods GET,POST,PUT,DELETE content-type image/gif accept-ranges bytes content-length 2608
GET H2	200	icon-check-green.png offers.greatclips.com/	1 KB 1 KB	128ms 127ms	Image image/png	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://offers.greatclips.com/icon-check-green.png Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 3e939da53e3de8f1548c2a723ee79b5e51422c90c8c347130457fb5ea928348f Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag "6412b052-4ba" access-control-allow-methods GET,POST,PUT,DELETE content-type image/png accept-ranges bytes content-length 1210
GET H2	200	red-close-button-32789560dd0ed03151c7750f9d26e2ce.png offers.greatclips.com/assets/	994 B 1 KB	128ms 128ms	Image image/png	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://offers.greatclips.com/assets/red-close-button-32789560dd0ed03151c7750f9d26e2ce.png Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash cc0ba5dbd5e807ee78369751ff8c57d514b1daa791d050339be695595cd07859 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/t/5FLYx77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 19:38:00 GMT last-modified Thu, 16 Mar 2023 05:59:46 GMT server nginx/1.20.1 etag "6412b052-3e2" access-control-allow-methods GET,POST,PUT,DELETE content-type image/png accept-ranges bytes content-length 994
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	32ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 15 Apr 2023 19:38:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27909 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug iePxzRqDKE6tjncfuLWI9npWOn/eiBwcChXaTdyKi1UECiqYVxyV2rVSJnEV5OR6YB7+2VX6o5tsUwIE4OsnsQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	403	teal-pin.png www.greatclips.com/images/	0 0	202ms 20ms	Image text/html	2606:4700::6812:8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.greatclips.com/images/teal-pin.png Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	135ms 37ms	Script text/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 15 Apr 2023 18:11:05 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5215 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Sat, 15 Apr 2023 20:11:05 GMT
POST H2	200	redemption_status Show response offers.greatclips.com/5FLYx77/	39 B 145 B	339ms 339ms	XHR application/json	23.253.121.125 RMH-14
General Check archive.org Show headers Download Go to Full URL https://offers.greatclips.com/5FLYx77/redemption_status Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/assets/application-059523678196f3d4486252e1ce26d013.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.253.121.125 , United States, ASN33070 (RMH-14, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e22a6e2d67d8b323c6be7d70aee55aa49bc74d4ce5ac9632d6e832c665aaed22 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://offers.greatclips.com/t/5FLYx77 X-Requested-With XMLHttpRequest X-CSRF-Token q+SMqJf6wyoAlqpMCpj561khOhskC7X4TOLUBe8n3hg= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers x-ua-compatible IE=Edge,chrome=1 x-runtime 0.194368 date Sat, 15 Apr 2023 19:38:00 GMT server nginx/1.20.1 access-control-allow-methods GET,POST,PUT,DELETE content-type application/json; charset=utf-8 x-rack-cache invalidate, pass x-request-id 7bf071c8137e8477a73daa6a926451ee
GET H/1.1	200 OK	43994-002-1200x600-US-Jose-999.jpg 5cfac31ce2fbf02462a3-5c2a4595f00d000c62f38115ac0c4e4e.ssl.cf1.rackcdn.com/uploads_production/promotion_images/file/5992/	322 KB 323 KB	390ms 322ms	Image image/jpeg	23.35.236.143 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://5cfac31ce2fbf02462a3-5c2a4595f00d000c62f38115ac0c4e4e.ssl.cf1.rackcdn.com/uploads_production/promotion_images/file/5992/43994-002-1200x600-US-Jose-999.jpg Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-143.deploy.static.akamaitechnologies.com Software / Resource Hash cce41f65ec93aba6c616af6512b63c5784302b0464191b4269533346a20a16ea Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sat, 15 Apr 2023 19:38:00 GMT Last-Modified Tue, 28 Feb 2023 17:27:23 GMT ETag 08876041c232de9bee4f2f74e6d9f978 Content-Type image/jpeg X-Timestamp 1677605242.10348 Cache-Control public, max-age=259200 Connection keep-alive Accept-Ranges bytes Content-Length 330031 X-Trans-Id txf917bded9bdb4a0aa6e46-0064352fcddfw1 Expires Tue, 18 Apr 2023 19:38:00 GMT
GET H2	200	677197462700249 Show response connect.facebook.net/signals/config/	377 KB 108 KB	10ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/677197462700249?v=2.9.101&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fd6a8456e7c4856fbe32311aa7d58f4fd91663f6c3c72df3f3f0761c846edfbe Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 15 Apr 2023 19:38:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110296 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug tNpig5lfGPmv7NJZhX/+epU9j20V4ZbpBOIUVaUFzs2uLKc9mu0LmyqDOxrtwmes8ODB33Vj5fcYXcZeiELagw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	32ms 9ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=677197462700249&ev=PageView&dl=https%3A%2F%2Foffers.greatclips.com%2Ft%2F5FLYx77&rl=&if=false&ts=1681587480430&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681587480429.765259323&it=1681587480395&coo=false&rqm=GET Requested by Host: offers.greatclips.com URL: https://offers.greatclips.com/t/5FLYx77 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 15 Apr 2023 19:38:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	7ms 7ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=677197462700249&ev=Microdata&dl=https%3A%2F%2Foffers.greatclips.com%2Ft%2F5FLYx77&rl=&if=false&ts=1681587480933&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeem%20Now%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Atlanta%20-%206%2F4%2F2023%20-%20%249.99%20-%20BRW%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2F5cfac31ce2fbf02462a3-5c2a4595f00d000c62f38115ac0c4e4e.ssl.cf1.rackcdn.com%2Fuploads_production%2Fpromotion_images%2Ffile%2F5992%2F43994-002-1200x600-US-Jose-999.jpg%22%2C%22og%3Adescription%22%3A%22Get%20a%20great%20haircut%20for%20%249.99%20at%20participating%20Atlanta%20area%20Great%20Clips%20salons.%20To%20redeem%20the%20offer%20now%2C%20click%20%E2%80%9CRedeem%20Now%E2%80%9D%20and%20present%20this%20offer%20on%20your%20phone%20at%20the%20time%20of%20payment.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681587480429.765259323&it=1681587480395&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://offers.greatclips.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 15 Apr 2023 19:38:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| fbq function| _fbq object| I18n function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| MBP function| SFL number| bodycheck object| _gaq function| HideLoading object| jQuery110208180248070080678 object| _gat

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			offers.greatclips.com/t	1970-01-20 20:42:27	Name: cid Value: 1681587480360-5500
			offers.greatclips.com/	1969-12-31 23:59:59	Name: _sparkfly_landing_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTEwMjhlODAwMmNkZDc0ZDAzN2JlNWUxNzAyM2I1N2IyBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXErU01xSmY2d3lvQWxxcE1DcGo1NjFraE9oc2tDN1g0VE9MVUJlOG4zaGc9BjsARg%3D%3D--40b21cd2518f25e2380510bd55472c55a98ee472
			.greatclips.com/	1970-01-20 13:16:03	Name: _fbp Value: fb.1.1681587480429.765259323

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.greatclips.com/images/teal-pin.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cfac31ce2fbf02462a3-5c2a4595f00d000c62f38115ac0c4e4e.ssl.cf1.rackcdn.com
connect.facebook.net
maxcdn.bootstrapcdn.com
offers.greatclips.com
ssl.google-analytics.com
www.facebook.com
www.greatclips.com
23.253.121.125
23.35.236.143
2606:4700::6812:8
2606:4700::6812:bcf
2a00:1450:4001:811::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
391de8bc52e15b92a474d327f517ab661fcbf2cc8511d8be050ebcdc131f65e6
3e939da53e3de8f1548c2a723ee79b5e51422c90c8c347130457fb5ea928348f
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
978feb0c87fc25fdceb576fc7ff1124a09cee094ad3307ec76f0080a0b56d9d5
a0f96f74631ab8c5180df1f83dcf02c95b0a7df508ce2002170aa38d3f282f9a
be00172b9adfd3ffdb9a5c26e70df798e4e99270e8f1aa3de83a2dc45f1d8682
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729
cc0ba5dbd5e807ee78369751ff8c57d514b1daa791d050339be695595cd07859
cce41f65ec93aba6c616af6512b63c5784302b0464191b4269533346a20a16ea
d8effbc1dd7a89680b2db3e05d43eee57a09f37b97699a1013fe16c6712f2eaf
e22a6e2d67d8b323c6be7d70aee55aa49bc74d4ce5ac9632d6e832c665aaed22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd6a8456e7c4856fbe32311aa7d58f4fd91663f6c3c72df3f3f0761c846edfbe