urlscan.io logo urlscan.io
SecurityTrails logo

hairtell.com Open in urlscan Pro
100.21.210.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hairtell.com/
Effective URL: https://hairtell.com/
Submission: On March 06 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 8 countries across 28 domains to perform 183 HTTP transactions. The main IP is 100.21.210.162, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is hairtell.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 8th 2023. Valid for: 8 months.
This is the only time hairtell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 100.21.210.162 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
13 35.241.5.54 15169 (GOOGLE)
13 192.0.77.37 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 192.0.77.2 2635 (AUTOMATTIC)
8 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
3 192.0.76.3 2635 (AUTOMATTIC)
3 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 192.0.77.32 2635 (AUTOMATTIC)
15 2a00:1450:400... 15169 (GOOGLE)
1 23.62.220.203 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.23 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 185.29.132.246 30419 (MEDIAMATH...)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::b 44788 (ASN-CRITE...)
4 138.201.63.116 24940 (HETZNER-AS)
1 92.123.37.164 16625 (AKAMAI-AS)
4 78.46.111.106 24940 (HETZNER-AS)
12 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
2 2a02:2638::21 44788 (ASN-CRITE...)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2a0b:4d07:2::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.16.151 24940 (HETZNER-AS)
1 18.130.199.108 16509 (AMAZON-02)
1 2 142.250.186.70 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
20 2a02:2638:3::f 44788 (ASN-CRITE...)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 13.224.189.4 16509 (AMAZON-02)
1 13.225.78.30 16509 (AMAZON-02)
2 35.177.2.226 16509 (AMAZON-02)
183 44
2    100.21.210.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-210-162.us-west-2.compute.amazonaws.com
hairtell.com
2    2a00:1450:400d:805::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    35.241.5.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.5.241.35.bc.googleusercontent.com
www.hairfacts.com
13    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
5    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
8    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
8    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
cse.google.com
4    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
widgets.wp.com
s0.wp.com
15    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com
api.pinterest.com
1    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
16    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    138.201.63.116 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal9000.redintelligence.net
1    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal900027.redintelligence.net
12    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    2a0b:4d07:2::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
1    18.130.199.108 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-199-108.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
20    2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    13.224.189.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-4.fra2.r.cloudfront.net
analytics.webgains.io
1    13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net
cdn.track.production.webgains.team
2    35.177.2.226 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-2-226.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
csm.eu.criteo.net — Cisco Umbrella Rank: 8487
pix.eu.criteo.net — Cisco Umbrella Rank: 7936
225 KB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
349 KB
22 wp.com
c0.wp.com — Cisco Umbrella Rank: 6872
i0.wp.com — Cisco Umbrella Rank: 3089
stats.wp.com — Cisco Umbrella Rank: 2729
widgets.wp.com — Cisco Umbrella Rank: 10745
pixel.wp.com — Cisco Umbrella Rank: 2533
s0.wp.com — Cisco Umbrella Rank: 6806
154 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 221779
106 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
193 KB
13 hairfacts.com
www.hairfacts.com
33 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 2640
adservice.google.com — Cisco Umbrella Rank: 73
117 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 35870
hal900027.redintelligence.net — Cisco Umbrella Rank: 277339
258 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
194 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4714
pixel.mathtag.com — Cisco Umbrella Rank: 991
3 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18601
api.webgains.io — Cisco Umbrella Rank: 51787
31 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 49470
medialead.de — Cisco Umbrella Rank: 49025
1 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8414
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9640
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15753
55 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
www.google.de — Cisco Umbrella Rank: 6149
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 105848
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
85 KB
2 hairtell.com
hairtell.com
76 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 46652
3 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 114828
312 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 40433
2 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 158522
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 132014
931 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 48696
606 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
601 B
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 8345
4 KB
1 pinterest.com
api.pinterest.com — Cisco Umbrella Rank: 2853
382 B
183 28
Domain Requested by
20 pix.eu.criteo.net hairtell.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
hairtell.com
13 c0.wp.com hairtell.com
13 www.hairfacts.com hairtell.com
12 static.criteo.net ads.eu.criteo.com
static.criteo.net
hairtell.com
12 pagead2.googlesyndication.com hairtell.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
8 www.google.com 3 redirects hairtell.com
www.google.com
tpc.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
6 www.gstatic.com googleads.g.doubleclick.net
5 fonts.googleapis.com hairtell.com
googleads.g.doubleclick.net
hal900027.redintelligence.net
4 hal900027.redintelligence.net hal9000.redintelligence.net
hal900027.redintelligence.net
4 hal9000.redintelligence.net hairtell.com
hal900027.redintelligence.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 adservice.google.com pagead2.googlesyndication.com
5994599.fls.doubleclick.net
3 s0.wp.com widgets.wp.com
public-api.wordpress.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects hairtell.com
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 adservice.google.de pagead2.googlesyndication.com
2 pixel.wp.com hairtell.com
2 i0.wp.com hairtell.com
2 www.googletagmanager.com hairtell.com
adv.office-partner.de
2 hairtell.com 1 redirects
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 rtb.fr.eu.criteo.com hairtell.com
1 ad-server.eu googleads.g.doubleclick.net
1 medialead.de 1 redirects
1 track.webgains.com hairtell.com
1 futalis.de hal900027.redintelligence.net
1 adv.office-partner.de hal900027.redintelligence.net
1 pb.media01.eu hal900027.redintelligence.net
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 pixel.mathtag.com tags.mathtag.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 www.google.de hairtell.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 public-api.wordpress.com s0.wp.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.pinterest.com c0.wp.com
1 widgets.wp.com hairtell.com
1 cse.google.com hairtell.com
1 stats.wp.com hairtell.com
183 48

This site contains links to these domains. Also see Links.

Domain
www.hairfacts.com
wordpress.org
Subject Issuer Validity Valid
genderlife.com
Amazon RSA 2048 M01		 2023-02-08 -
2023-10-16		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.hairfacts.com
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.wordpress.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
redintelligence.net
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-18 -
2023-05-20		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.futalis.de
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh

This page contains 24 frames:

Primary Page: https://hairtell.com/
Frame ID: 57958615C85807F9C765F548A230C1A0
Requests: 65 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202310
Frame ID: F07CBA97657FD24FD44D05D469939C30
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: C8D452D594AA1CB6638164F97CA192C4
Requests: 1 HTTP requests in this frame

Frame: https://public-api.wordpress.com/wp-admin/rest-proxy/
Frame ID: 3F868E65BF67FDFC2CFFE3B3C4E811C0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&adk=1812271804&adf=3025194257&lmt=1678090164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fhairtell.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880081&bpp=31&bdt=664&idt=274&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3904638590641&frm=20&pv=2&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=430
Frame ID: F9346FF4B1E740AF3ACEB35BF4BC7479
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=280&slotname=8387732158&adk=3129465579&adf=1250079422&pi=t.ma~as.8387732158&w=390&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=390x280&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880112&bpp=2&bdt=694&idt=405&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4l9GeZFJiD&p=https%3A//hairtell.com&dtd=410
Frame ID: 8C7CF8C77946E0A2D433B28E3348BC3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Frame ID: AB15B0FD4DF03B2CACCA7A1C84DFCE56
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=3812447792&adf=1283095177&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880115&bpp=1&bdt=697&idt=493&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280%2C300x600&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iiZisp9Jse&p=https%3A//hairtell.com&dtd=495
Frame ID: 9AA1421277BF95BCFC62AA345AF35232
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3778C3E774950341D976D226D6E74774
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 382E7FD27642BF4F5E8339F5C50873A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: EFA7BFE8B4D8F5EF19DF60144CB6F93E
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Frame ID: 04F21AAB99877329D02C8DB7E5A2AACD
Requests: 36 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C0825ED19CCA600AE6DE75BF549D3C2E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 45F67E1386673A47D4F97BC884C6A13A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E59B1A6D88160B650DEAFD7094BEB8D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 5606AE68616BEF57F89C7FAA8A898D3F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 4276FC68FDB2838B231CCB5D7C2D752E
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28039800037533100951401012255027&actionid=981741&produktid=&dt_url=
Frame ID: 70FF5012D9450A2BDD237B7AEF130BFA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8875C6A59BED060B5B6D68DB210C5C96
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
Frame ID: 92D3949BCCB254BA4F4DC2C7B37F2136
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688
Frame ID: 190DA5653D1BC951F4B91A9602715CC4
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Frame ID: 270745C2544AEC5D5A6C4DFA075CE873
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF291B7C8CCDD33E26728990181146AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8F2D29DD6EFD79A946283617EA1B17C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hair removal forum – HairFacts | Hair Removal Information

Page URL History Show full URLs

  1. http://hairtell.com/ HTTP 301
    https://hairtell.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

183
Requests

99 %
HTTPS

49 %
IPv6

28
Domains

48
Subdomains

44
IPs

8
Countries

1942 kB
Transfer

4958 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hairtell.com/ HTTP 301
    https://hairtell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://www.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4 HTTP 301
  • https://cse.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
Request Chain 112
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 113
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 127
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28039800037533100951401012255027&actionid=981741&produktid=&dt_url=
Request Chain 129
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=28039800037533100951401012255027&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
Request Chain 131
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688
Request Chain 133
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027 HTTP 302
  • https://ad-server.eu/wm/pb/native.png

183 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hairtell.com/
Redirect Chain
  • http://hairtell.com/
  • https://hairtell.com/
606 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairtell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.210.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-210-162.us-west-2.compute.amazonaws.com
Software
Apache/2.4 /
Resource Hash
7d5faa79fbd53cfe0e227e9dc2770f0c48928122486cef2f0b6ef69e05af2b83

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=3,must-revalidate,public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 08:21:19 GMT
last-modified
Mon, 06 Mar 2023 08:09:24 GMT
server
Apache/2.4
vary
Accept-Encoding,Cookie
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Mon, 06 Mar 2023 08:21:18 GMT
Location
https://hairtell.com:443/
Server
awselb/2.0
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129101855-4
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ea349882975d8cc9ab6fd18691cde16a4ce238c0c44465ef93658be31ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44776
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Mar 2023 08:21:19 GMT
wgs.css
www.hairfacts.com/wp-content/plugins/wp-google-search/ 		2 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/wp-google-search/wgs.css?ver=6.0.3
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
76d8a940e9301888c636ac84f1e83eb0d709c092c3b517b0d38a0e3c84058536

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 03 Aug 2022 12:18:21 GMT
server
Apache/2.4
age
1298201
etag
"8e0-5e5553a9cabda-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
725
wgs2.css
www.hairfacts.com/wp-content/plugins/wp-google-search/ 		3 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/wp-google-search/wgs2.css?ver=6.0.3
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 03 Aug 2022 12:18:21 GMT
server
Apache/2.4
age
1298201
etag
"a60-5e5553a9ca7f2-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
830
wgs3.css
www.hairfacts.com/wp-content/plugins/wp-google-search/ 		227 B
247 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/wp-google-search/wgs3.css?ver=6.0.3
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
efd41038db0a012cd5c32794edfc62662f24918ad97fdde92b4c4dc59d48edc8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 03 Aug 2022 12:18:21 GMT
server
Apache/2.4
age
1298201
etag
"e3-5e5553a9ca7f2-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
twentysixteen.css
c0.wp.com/p/jetpack/11.8.4/modules/theme-tools/compat/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/modules/theme-tools/compat/twentysixteen.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0e7d7d9771e6f6592aecf4a909caa1264485d4036752fca8fc28d156a5d40fc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 15 Feb 2023 21:41:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
style.min.css
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3a8b278f0749630662296c1170bbc0393d18a39db92d1c3c80a9c75050191da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 07:35:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 08:21:19 GMT
genericons.css
c0.wp.com/p/jetpack/11.8.4/_inc/genericons/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/_inc/genericons/genericons/genericons.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 13 Jan 2016 23:09:07 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
style.css
www.hairfacts.com/wp-content/themes/twentysixteen/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/themes/twentysixteen/style.css?ver=20201208
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
885d6976adcc792d443fc742436fdb1c59f97741f9d4e56e33b2ad9637f5328d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Jun 2022 22:51:44 GMT
server
Apache/2.4
age
1298201
etag
"114a6-5e0cf50ee746b-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13456
blocks.css
www.hairfacts.com/wp-content/themes/twentysixteen/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20220524
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
3de3c993102c064630f4db50ac4fadc4397dee11f1f2184c6b17706aae9cc59d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Jun 2022 22:51:44 GMT
server
Apache/2.4
age
1298201
etag
"214e-5e0cf50ee552b-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1892
social-logos.min.css
c0.wp.com/p/jetpack/11.8.4/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/_inc/social-logos/social-logos.min.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 15 Feb 2023 21:41:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
jetpack.css
c0.wp.com/p/jetpack/11.8.4/css/ 		87 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/css/jetpack.css
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
088674fc15eef135403ab29abc6c7fc277dc83932073c9e418199bbba5ee3f77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 15 Feb 2023 21:41:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
frontend-gtag.min.js
www.hairfacts.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 07:44:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 13 Jan 2023 00:19:54 GMT
server
Apache/2.4
age
1298201
etag
"2e3b-5f21a31585440-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3244
jquery.min.js
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
jquery-migrate.min.js
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44dfef0614b86ebfbc5f796617c1a763a02e6ebf43e409d1ace21e3954854fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48365
x-xss-protection
0
server
cafe
etag
18288739351301198358
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:19 GMT
wp-emoji-release.min.js
www.hairfacts.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Jun 2022 22:52:02 GMT
server
Apache/2.4
etag
"48b9-5e0cf51fe71fa-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
hairfacts-logo-banner-01.jpg
i0.wp.com/www.hairfacts.com/wp-content/uploads/sites/5/2017/08/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.hairfacts.com/wp-content/uploads/sites/5/2017/08/hairfacts-logo-banner-01.jpg?w=1200&ssl=1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
db748586325f04fcc59e4277193894d777c68701cfe4a5c5c3759e284dc5f01c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Mon, 06 Mar 2023 08:21:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Jul 2021 11:59:11 GMT
server
nginx
etag
"60cdd333def78cfe"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.hairfacts.com/wp-content/uploads/sites/5/2017/08/hairfacts-logo-banner-01.jpg>; rel="canonical"
content-length
16628
expires
Thu, 06 Jul 2023 23:59:11 GMT
orange-small.png
www.hairfacts.com/wp-content/plugins/jetpack/images/rss/ 		652 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hairfacts.com/wp-content/plugins/jetpack/images/rss/orange-small.png
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
1450a1533a0cf3b0c5a889245ce6fb75ba12be8f87360df08cbc34b087af1cc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 16:20:23 GMT
via
1.1 google
last-modified
Thu, 16 Feb 2023 00:17:51 GMT
server
Apache/2.4
age
57656
etag
"28c-5f4c6209740bc"
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
652
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:48:40 GMT
x-content-type-options
nosniff
age
239559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 13:48:40 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 23:03:51 GMT
x-content-type-options
nosniff
age
292648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 23:03:51 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 22:41:31 GMT
x-content-type-options
nosniff
age
293988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 22:41:31 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 23:20:13 GMT
x-content-type-options
nosniff
age
291666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 23:20:13 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 18:20:33 GMT
x-content-type-options
nosniff
age
482446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Feb 2024 18:20:33 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:48:43 GMT
x-content-type-options
nosniff
age
297156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 21:48:43 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin
https://hairtell.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129101855-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 07:19:39 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3700
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Mar 2023 09:19:39 GMT
google_cse_v2.js
www.hairfacts.com/wp-content/plugins/wp-google-search/assets/js/ 		468 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:06:06 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 03 Aug 2022 12:18:21 GMT
server
Apache/2.4
age
72913
etag
"1d4-5e5553a9c9c3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
form-styles.js
c0.wp.com/p/jetpack/11.8.4/modules/contact-form/js/ 		3 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/modules/contact-form/js/form-styles.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dbdce2a427cc45f01c27c5b968fb54a771a11b8ec9687104530d0c8077b1ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 15 Feb 2023 21:41:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
photon.min.js
c0.wp.com/p/jetpack/11.8.4/_inc/build/photon/ 		685 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/_inc/build/photon/photon.min.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
skip-link-focus-fix.js
www.hairfacts.com/wp-content/themes/twentysixteen/js/ 		1 KB
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 14:06:50 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Jun 2022 22:51:44 GMT
server
Apache/2.4
age
1016069
etag
"423-5e0cf50ee68b3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
588
functions.js
www.hairfacts.com/wp-content/themes/twentysixteen/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 14:06:50 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Jun 2022 22:51:44 GMT
server
Apache/2.4
age
1016069
etag
"1ca1-5e0cf50ee60e3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2084
intersection-observer.js
www.hairfacts.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:53:50 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 16 Feb 2023 00:17:51 GMT
server
Apache/2.4
age
466049
etag
"2317-5f4c6209836d1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
lazy-images.js
www.hairfacts.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hairfacts.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.5.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.5.241.35.bc.googleusercontent.com
Software
Apache/2.4 /
Resource Hash
9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:53:50 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 16 Feb 2023 00:17:51 GMT
server
Apache/2.4
age
466049
etag
"939-5f4c6209836d1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1024
queuehandler.min.js
c0.wp.com/p/jetpack/11.8.4/_inc/build/likes/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/_inc/build/likes/queuehandler.min.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2ae712a1582b13ba975ead7892bbcd1b505ead4c36e35986dd0b7559273ca160
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 15 Feb 2023 21:41:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
sharing.min.js
c0.wp.com/p/jetpack/11.8.4/_inc/build/sharedaddy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.8.4/_inc/build/sharedaddy/sharing.min.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 06 Mar 2023 08:21:19 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 31 May 2022 10:02:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 05 Mar 2024 08:21:19 GMT
e-202310.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202310.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr
date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 26 Feb 2024 20:46:27 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
  • https://cse.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
07c7f38355055e3070bb991521d203db96cf12605adbec90f27e0f5f5eb226e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Mon, 06 Mar 2023 08:21:20 GMT

Redirect headers

date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
expires
Mon, 06 Mar 2023 08:51:20 GMT
master.html
widgets.wp.com/likes/ Frame F07C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.wp.com/likes/master.html?ver=202310
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6234259dd38642028d38cf710a10b34030743d112c503c6207fa485ae376ae86

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 06 Mar 2023 08:21:20 GMT
etag
W/"63ecaca6-ae1"
last-modified
Wed, 15 Feb 2023 09:57:58 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-ac
4.lhr _dca MISS
x-nc
HIT lhr 1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a5dd7390631a4aa2588a8c9c0a9dae1f9cd0884f1c9490fec733c3382cb891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121309
x-xss-protection
0
server
cafe
etag
4171887596979988244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame C8D4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
63132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 14:49:08 GMT
etag
2378337311435320485
expires
Sun, 19 Mar 2023 14:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=133338148&post=16427&tz=0&srv=www.hairfacts.com&j=1%3A11.8.4&host=hairtell.com&ref=&fcp=1709&rand=0.8899474460692094
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 08:21:20 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
count.json
api.pinterest.com/v1/urls/ 		89 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fwww.hairfacts.com%2Fforum%2F
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/11.8.4/_inc/build/sharedaddy/sharing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcc46f8d9a1534d2d27e138e66dfac5bec061b660b29de6df2a0f814907719d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.5c17655f.1678090880.a2ef2d2c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
89
x-pinterest-rid
1290665688424152
expires
Mon, 06 Mar 2023 08:36:20 GMT
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.5659765033979749
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 08:21:20 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 Mar 2023 09:11:24 GMT
hairtell-logo-sq.jpg
i0.wp.com/www.hairfacts.com/wp-content/uploads/sites/5/2018/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.hairfacts.com/wp-content/uploads/sites/5/2018/11/hairtell-logo-sq.jpg?w=662&ssl=1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ad38148385e5d54abbb1a567b441c30ee591adff531d3232ed9ca1a4f31b6049
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 15:25:02 GMT
server
nginx
etag
"c26a3d183e18763e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.hairfacts.com/wp-content/uploads/sites/5/2018/11/hairtell-logo-sq.jpg>; rel="canonical"
content-length
14434
expires
Sat, 03 Jun 2023 03:25:02 GMT
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame F07C 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
x-ac
4.lhr _dca BYPASS
server
nginx
etag
W/"619d635a-1c9d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 23 Nov 2023 21:55:44 GMT
/
s0.wp.com/_static/ Frame F07C 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20230213
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a38aca823bb17c7335f249bb6194adbc333694c11ffa76563b4cba3a033cd99c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
x-ac
4.lhr _dca MISS
last-modified
Wed, 15 Feb 2023 09:58:05 GMT
server
nginx
etag
W/"63ecacad-1430c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Feb 2024 09:58:15 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2091845724&t=pageview&_s=1&dl=https%3A%2F%2Fhairtell.com%2F&ul=en-us&de=UTF-8&dt=Hair%20removal%20forum%20%E2%80%93%20HairFacts%20%7C%20Hair%20Removal%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACUIhBAAAACAAI~&jid=1744329894&gjid=1464392600&cid=374344829.1678090880&tid=UA-129101855-4&_gid=1145478811.1678090880&_r=1&gtm=457e3310&did=dNDMyYj&gdid=dNDMyYj&z=173119344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hairtell.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairtell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-129101855-4&cid=374344829.1678090880&jid=1744329894&gjid=1464392600&_gid=1145478811.1678090880&_u=aGBACUIgBAAAACAAI~&z=2049086100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hairtell.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairtell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
public-api.wordpress.com/wp-admin/rest-proxy/ Frame 3F86 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/wp-admin/rest-proxy/
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20230213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d7db2beaf0bed1398411ac2509f5fb4ca0564af181a066c77bec4b835b93bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://widgets.wp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 08:21:20 GMT
p3p
CP="CAO PSA OUR"
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.lhr _dca BYPASS
cookie.js
partner.googleadservices.com/gampad/ 		391 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=hairtell.com&callback=_gfp_s_&client=ca-pub-6400961971435143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6219097ae2b20f61c2255f8a32a29dde31b91239c35244004a9b0f8881058d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hairtell.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hairtell.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F934 		353 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&adk=1812271804&adf=3025194257&lmt=1678090164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fhairtell.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880081&bpp=31&bdt=664&idt=274&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3904638590641&frm=20&pv=2&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e22af6be4f842d0947afe643a7b35509366f62d722077ed4c0989032e80f732a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75885
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
expires
Mon, 06 Mar 2023 08:21:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8C7C 		436 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=280&slotname=8387732158&adk=3129465579&adf=1250079422&pi=t.ma~as.8387732158&w=390&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=390x280&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880112&bpp=2&bdt=694&idt=405&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4l9GeZFJiD&p=https%3A//hairtell.com&dtd=410
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f785f5e2187ed275d79452d5e42524cf0739c4813afdbdec2d487e48984da0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:20 GMT
expires
Mon, 06 Mar 2023 08:21:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-129101855-4&cid=374344829.1678090880&jid=1744329894&_u=aGBACUIgBAAAACAAI~&z=455551852
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-129101855-4&cid=374344829.1678090880&jid=1744329894&_u=aGBACUIgBAAAACAAI~&z=455551852
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AB15 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a321840bb49348959a5f5824505e7d4794f8eb81d5ebde36b239af63dd8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10776
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
expires
Mon, 06 Mar 2023 08:21:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame 3F86 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public-api.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Mon, 06 Mar 2023 08:21:20 GMT
content-encoding
br
x-ac
4.lhr _dca BYPASS
server
nginx
etag
W/"619d635a-1c9d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 23 Nov 2023 21:55:44 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9AA1 		436 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=3812447792&adf=1283095177&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880115&bpp=1&bdt=697&idt=493&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280%2C300x600&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=2185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iiZisp9Jse&p=https%3A//hairtell.com&dtd=495
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
537c52eaeabf99bd8247f0aaf9086e542b8f50339fc465faf2965dd70bcb5811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:20 GMT
expires
Mon, 06 Mar 2023 08:21:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cse_element__en.js
www.google.com/cse/static/element/c23214b953e32f29/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__en.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2be8af2e340e1b5c9b3df08aadc66054c96591e99ec95f3859e2fac7270102b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103982
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 20:46:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 27 Feb 2024 20:07:15 GMT
default+en.css
www.google.com/cse/static/element/c23214b953e32f29/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/c23214b953e32f29/default+en.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9086
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 20:46:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 27 Feb 2024 20:07:15 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000933109308840549574:r9olchnu-s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 06 Mar 2023 08:47:15 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0866c6d42891b0798d70c7a3348750b880d4bdf49850f8e4de6e9e1ce56ad860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52085
x-xss-protection
0
server
cafe
etag
394471254718304616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:21 GMT
js
tags.mathtag.com/notify/ Frame AB15 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJJM09XUXhOR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3ODU3OTEwNTIyNzU3MjgxNTgvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SVhNUnVoQlhlUVhqNzZCMTdLYnVBcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNzg1NzkxMDUyMjc1NzI4MTU4L2Ftcy8wLzE1OS8zOC85OTkvMzIyLzJhMDE6NGEwOjJjOjovMC4wMDAvMTY3ODA5MDg4MC8xNjc4MTAzNDgwLzQvcHViLTY0MDA5NjE5NzE0MzUxNDMv/IfSE-saazhBj5yeIUTpl0AyZdJo&nodeid=4025&group=cdg&auctionid=1785791052275728158&pbs_auctionid=1785791052275728158&shardkey=1785791052275728158&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.87&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%26client%3Dca-pub-6400961971435143%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
d72f1551db855ff53dfa0d4fc319302526af62564845e3dd1b36a67f9aeaa6bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:21 GMT
x-mm-nodeid
4025
Content-Encoding
gzip
x-mm-bid-request-time
1678090880
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Mon, 06 Mar 2023 08:21:20 GMT
Server
MMBD/3.381.0
x-mm-latency
35 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x33, cdg-bidder-x171
x-mm-lag
1
Expires
Mon, 06 Mar 2023 08:21:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AB15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 08:04:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame AB15 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB15 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKjEpgKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtAFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZsBqL3MBUD1sJOLxoYQGaSAB2IW0iGT65qBbuc2zdAAqwzKxWPvKABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY0MDA5NjE5NzE0MzUxNDMYAA&sigh=16pWsEO0qu0&uach_m=[UACH]&cid=CAQSGwDUE5ymiRQhpZsEfkdc5vvCQfS8EkEHvnVVcBgB&tpd=AGWhJmuM0APsceoYLBd7noe8Lhn-fYyoK1FO7tfSJMYlCHf4ZhbEVdp39xClbCpOPFx1PQy1S6xoF7bFiOnXPSCMhWemnXc1ITVFD-IdUR-aoqeb2bq3SB6iF2DYfxxb_Nbikpoj5peevWfi7DHiRZLSUjQDAvqbleEax8TpvSA4PYswyonXcRZ_5gXiT_SovhPkP47KBvXD3GGtWzmCRIkhsI5JQq8p5EM5OQUs6q9lLvF6ow_ASvdNyeH66fhM1DqejJfYhQXGNwDeR9mhuNn-HYKWFhffP3S8v78cER83UoQ-09K4XrtUVuTeAoS6Usbl_C0VSdX5cE5LoiyauhuT3vlO_Fbg5NX-siDq_4E94CjLjPz_ufkoKVkXhm5EXpLttavbOsZMZywYKBYlXCF9lFiGC38u0vOhpxaiuikSKkYKLo_n95fZgKpTictjigaIJqVwt2beYZjy9T7x7t73Kne9m9rbRZ19kNRZdQh06EiSE-IQ_-fCrJMBfyrYoDqwcZWtegHSVTJBi-QEt5oDvtkk5-YbbJybnHfFZEKVKM2IeYLq0QYvLDLcoySKZ1oNPftHVzCRnnex-bOdX2Wp4660kR4F51p8yNhNy13n3DRtcb2C4o41i68fiFzpiTri5DW4bUMIR1zpLKvVRZJHRkL4zb9iFRgBy8OcmdQbvr5OWTx9xde1M9KvZHOXfOOR6gNT1W4ylRGGIroYIvmfUALtmF-x5x4IMPY1F2r6Qgd_mFt-ZkTtiKRoX39exKerOgfsmH3EipIZelhbNVc8-APJL2ZSAby68P8kE3v4PLZ8EoG2AsSkZnyQxOVlQurkbbuqBlXN04QOQ_KZoyw7GOt7S-QEPatiwshZz89cqERfXlevy-F4amI5Ht5kMG6qt05Uc1AnL4PLwPELSqjVkHNRYb-6Xh2zP_c5DCdPxb81z8DvHmwi0ACCjh3EUGMtFI6T97X2tfFO_hzvGaaw8slWryC4mEzip_kRbHhCagYIYunVVZsVcSQMUKDyDs1q_w9GEhX9-QM3xe31Q_lzFHm1NJTapxEwnPoAEW2_EY3P7sXYkXvXXqLi_uEXDFVp2zbGuLSzeITmqcawEXlO4pYZ0sQpk2lhcq-UcE1gArflFuds
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Mar 2023 08:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 08:21:21 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hairtell.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hairtell.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 3778 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
45602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 19:41:19 GMT
etag
2378337311435320485
expires
Sun, 19 Mar 2023 19:41:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 382E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
45602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 19:41:19 GMT
etag
2378337311435320485
expires
Sun, 19 Mar 2023 19:41:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame EFA7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
45602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 19:41:19 GMT
etag
2378337311435320485
expires
Sun, 19 Mar 2023 19:41:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 3778 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 07:24:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 08:21:21 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3778 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 23:36:19 GMT
x-content-type-options
nosniff
age
31502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Mar 2024 23:36:19 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3778 		604 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:32:11 GMT
x-content-type-options
nosniff
age
2950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Mar 2024 07:32:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame 3778 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:53:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
48473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8547
x-xss-protection
0
server
cafe
etag
17360858034827311943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:53:28 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 04F2 		179 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25fbd7a5ee8afa70c556e6b04a09760a03177e6e01e73ac6b17928163e96f081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cVBzds5Q6ALgAiTMAEa9OQQ4cI7P1qPUSPy5qgHsP8IIPyTcilk4RI-hwG_Ke_QlzyHfWsfbi2AMxbKn87ewiF4Rb7qCY6blBrLA55HPbeH1BGxOvoe4Y4mAk6HS7Zsek8ZYJbDUUhMGqCnXKmRAzEi3ZVunMQ3GDljfFmI4MCccr6TI6_n12XjhM7zlFqGalhxzbJd3DqtzjcYpVlhO2PrUfHnEgZDiR6kETPgOEZcEDfrN9r_uk4gCY_OYV6Afps-gXg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107715148
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 382E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 08:04:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 382E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 382E 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:21 GMT
89d7ca8249da9b1fce758df22cf4efd3.js
www.gstatic.com/mysidia/ Frame EFA7 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4405
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:28:18 GMT
110cb13377d3e221c3000d4be3507a7e.js
www.gstatic.com/mysidia/ Frame EFA7 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/110cb13377d3e221c3000d4be3507a7e.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f95f13fa840812128e542e56ffe02bfe6b65d43a1e439b94d7fbc9189ba5051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 09:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 09:43:08 GMT
css
fonts.googleapis.com/ Frame EFA7 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 07:50:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 08:21:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EFA7 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame EFA7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EFA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 08:04:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EFA7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFA7 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:21 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame EFA7 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:24:18 GMT
yrsa821xsiee
hal9000.redintelligence.net/zone/ Frame AB15 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=1785791052275728158&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
55217ee0bc6490169d84cb981296d4c62f8c9922d775f33fac9c79c58ae6e942

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:21 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3301
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame AB15 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1785791052275728158&node_id=4025&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJJM09XUXhOR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3ODU3OTEwNTIyNzU3MjgxNTgvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SVhNUnVoQlhlUVhqNzZCMTdLYnVBcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNzg1NzkxMDUyMjc1NzI4MTU4L2Ftcy8wLzE1OS8zOC85OTkvMzIyLzJhMDE6NGEwOjJjOjovMC4wMDAvMTY3ODA5MDg4MC8xNjc4MTAzNDgwLzQvcHViLTY0MDA5NjE5NzE0MzUxNDMv/IfSE-saazhBj5yeIUTpl0AyZdJo&nodeid=4025&group=cdg&auctionid=1785791052275728158&pbs_auctionid=1785791052275728158&shardkey=1785791052275728158&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.87&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:21 GMT
Server
MMBD/3.381.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x31, cdg-bidder-x171
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 06 Mar 2023 08:21:20 GMT
img
pixel.mathtag.com/event/ Frame AB15 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1785791052275728158&v3=651871&v4=4562306&v5=6622327&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJJM09XUXhOR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3ODU3OTEwNTIyNzU3MjgxNTgvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SVhNUnVoQlhlUVhqNzZCMTdLYnVBcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNzg1NzkxMDUyMjc1NzI4MTU4L2Ftcy8wLzE1OS8zOC85OTkvMzIyLzJhMDE6NGEwOjJjOjovMC4wMDAvMTY3ODA5MDg4MC8xNjc4MTAzNDgwLzQvcHViLTY0MDA5NjE5NzE0MzUxNDMv/IfSE-saazhBj5yeIUTpl0AyZdJo&nodeid=4025&group=cdg&auctionid=1785791052275728158&pbs_auctionid=1785791052275728158&shardkey=1785791052275728158&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.87&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x5 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:21 GMT
Server
MT3 569 46451a0 master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 06 Mar 2023 08:21:20 GMT
img
tags.mathtag.com/event/ Frame AB15 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1785791052275728158&st=4562306&time=1678090881&nodeid=4025
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJJM09XUXhOR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3ODU3OTEwNTIyNzU3MjgxNTgvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SVhNUnVoQlhlUVhqNzZCMTdLYnVBcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNzg1NzkxMDUyMjc1NzI4MTU4L2Ftcy8wLzE1OS8zOC85OTkvMzIyLzJhMDE6NGEwOjJjOjovMC4wMDAvMTY3ODA5MDg4MC8xNjc4MTAzNDgwLzQvcHViLTY0MDA5NjE5NzE0MzUxNDMv/IfSE-saazhBj5yeIUTpl0AyZdJo&nodeid=4025&group=cdg&auctionid=1785791052275728158&pbs_auctionid=1785791052275728158&shardkey=1785791052275728158&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.87&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:21 GMT
Server
MMBD/3.381.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x72, cdg-bidder-x171
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 06 Mar 2023 08:21:20 GMT
css
fonts.googleapis.com/ Frame C082 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 07:47:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 08:21:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C082 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame C082 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C082 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 08:04:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame C082 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 18:29:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C082 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:21:21 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame C082 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:24:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EFA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChTrOgKIFZJfJIrKKwuIP2N2Z0AOJrIGGb5me8vChEYP78_0IEAEgl-n0GWCVAqABsOH4hCnIAQGoAwHIA8MEqgTOAU_QU5lFQRCF1xdGNzYjIIcFlXIgeIjZIRm3tq8txYr8mgkamyHhP_mumW-pZzvLGPKBRBUY9V0a1P0WLH-e1I5lh8aCQAuerOXmY36t4PLgkSHles3GTDlue3msk9GZxJM_MXl2CRevQ8lGfrhQ_cqEItH2QMmAgegDL2eZkvb_xS-ehaazmequaaXTHJ4efUmTDLeuHBAoSd-tOyF-J345zlu5QIWMxOZd5ROuTi_NhW7GZD2e-AE18CzABW07woBCUUgDygt4aswf32YTwATm3Kv_rASSBQQIBBgBkgUECAUYBKAGZoAHsJnJ5AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDkZdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTY0MDA5NjE5NzE0MzUxNDMYAA&sigh=gigU2LC-5Jk&uach_m=[UACH]&cid=CAQSGwDUE5ymg9vVosdy3Ut1bW8Bp509jEsKwSFOIRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Mar 2023 08:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 45F6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 07:46:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EFA7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b84a3093bd9197f52d16c7e3c37122b6a962220a46518ee2713e5ff4e3eada3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6E59 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 07:46:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900027.redintelligence.net/ Frame AB15 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=8b4e79fbc4&subid=&uid=0513c4b30edaafef&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6400961971435143%26output%3Dhtml%26h%3D600%26slotname%3D8387732158%26adk%3D2492063329%26adf%3D1702197241%26pi%3Dt.ma~as.8387732158%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678090164%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fhairtell.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678090880114%26bpp%3D1%26bdt%3D697%26idt%3D483%26shv%3Dr20230301%26mjsv%3Dm202302160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C390x280%26nras%3D1%26correlator%3D3904638590641%26frm%3D20%26pv%3D1%26ga_vid%3D374344829.1678090880%26ga_sid%3D1678090881%26ga_hid%3D2091845724%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1103%26ady%3D892%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759876%252C44759927%252C44759842%252C42531514%252C31072731%252C31071663%252C31071976%26oid%3D2%26pvsid%3D4315652597881520%26tmod%3D532577646%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DxpqtYsp2wD%26p%3Dhttps%253A%2F%2Fhairtell.com%26dtd%3D485&ancestorOrigins=null&random=9911326025768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=1785791052275728158&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
c47c955a7f7fd14bfdb78de6d132be252655b44afa52fc12b8f04b9a27e9e394

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 08:21:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28039800037533100951401012255027
Connection
close
Content-Length
1305
Expires
Mon, 06 Mar 2023 08:21:22 +0100
si
googleads.g.doubleclick.net/pagead/drt/ Frame 45F6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
expires
Mon, 06 Mar 2023 08:21:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6E59
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:22 GMT
expires
Mon, 06 Mar 2023 08:21:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:21 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 04F2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 04F2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 04F2 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 29 Feb 2024 08:21:22 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 04F2 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 29 Feb 2024 08:21:22 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 04F2 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=46t3NNiEbwhWi945Bflq1R0pMJyVddB-Q6gtcjj4uq2zwPnAhAo2gtnBYSkDzUcxK8hgVEI1YYPB-a9g_ShQYo2NvTDpj4I8jKHBJ4xW_vwPXc3ynbYebCPmUtdpkPK5QN1H7vYLpnmxiY4iuPrf3SfxNI-v-bLnmJ9XXSUNyicn96-YwRnjKmuWtXkW4Qrhpm-UEkHcc7Xya02H4zoNTWx2vIvDlfShJaTMs3iCeQRXztD0FFhV8gfSA9NzoTXH-AMmbCNVD6gweLg7P--MPGxRIhghv2uPdPjXqcC9aqy_01wAZEwqvgrvrAoJWh8Mjdl6HtGg7EWQei3Lnolcsp3jSmzW6fiteqpMPzQikzMuaBd1YJ_bNZ1QktKHbHqZhS3O-LAeUmuotEVwu-Tu9YG00tSbqY_PjfWeTZ5R5RxY1wt4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2811610
expires
Mon, 26 Jul 1997 05:00:00 GMT
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 04F2 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 04F2 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 5606 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 11:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 11:14:42 GMT
animejs.js
static.criteo.net/animejs/ Frame 04F2 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
all
csm.eu.criteo.net/ Frame 04F2 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cVBzds5Q6ALgAiTMAEa9OQQ4cI7P1qPUSPy5qgHsP8IIPyTcilk4RI-hwG_Ke_QlzyHfWsfbi2AMxbKn87ewiF4Rb7qCY6blBrLA55HPbeH1BGxOvoe4Y4mAk6HS7Zsek8ZYJbDUUhMGqCnXKmRAzEi3ZVunMQ3GDljfFmI4MCccr6TI6_n12XjhM7zlFqGalhxzbJd3DqtzjcYpVlhO2PrUfHnEgZDiR6kETPgOEZcEDfrN9r_uk4gCY_OYV6Afps-gXg&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 08:21:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 04F2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 04F2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 4276 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 11:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 11:14:42 GMT
view.aspx
pb.media01.eu/ Frame 70FF
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28039800037533100951401012255027&actionid=981741&produktid=&dt_url=
0
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28039800037533100951401012255027&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=8b4e79fbc4&subid=&uid=0513c4b30edaafef&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6400961971435143%26output%3Dhtml%26h%3D600%26slotname%3D8387732158%26adk%3D2492063329%26adf%3D1702197241%26pi%3Dt.ma~as.8387732158%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678090164%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fhairtell.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678090880114%26bpp%3D1%26bdt%3D697%26idt%3D483%26shv%3Dr20230301%26mjsv%3Dm202302160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C390x280%26nras%3D1%26correlator%3D3904638590641%26frm%3D20%26pv%3D1%26ga_vid%3D374344829.1678090880%26ga_sid%3D1678090881%26ga_hid%3D2091845724%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1103%26ady%3D892%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759876%252C44759927%252C44759842%252C42531514%252C31072731%252C31071663%252C31071976%26oid%3D2%26pvsid%3D4315652597881520%26tmod%3D532577646%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DxpqtYsp2wD%26p%3Dhttps%253A%2F%2Fhairtell.com%26dtd%3D485&ancestorOrigins=null&random=9911326025768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 08:21:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 06 Mar 2023 09:21:23 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Mon, 06 Mar 2023 08:21:22 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28039800037533100951401012255027&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
52C7822A:CDB6_91EFC182:01BB_6405A282_94591AD:2FD2E
/
adv.office-partner.de/ Frame 8875 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=8b4e79fbc4&subid=&uid=0513c4b30edaafef&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6400961971435143%26output%3Dhtml%26h%3D600%26slotname%3D8387732158%26adk%3D2492063329%26adf%3D1702197241%26pi%3Dt.ma~as.8387732158%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678090164%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fhairtell.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678090880114%26bpp%3D1%26bdt%3D697%26idt%3D483%26shv%3Dr20230301%26mjsv%3Dm202302160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C390x280%26nras%3D1%26correlator%3D3904638590641%26frm%3D20%26pv%3D1%26ga_vid%3D374344829.1678090880%26ga_sid%3D1678090881%26ga_hid%3D2091845724%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1103%26ady%3D892%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759876%252C44759927%252C44759842%252C42531514%252C31072731%252C31071663%252C31071976%26oid%3D2%26pvsid%3D4315652597881520%26tmod%3D532577646%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DxpqtYsp2wD%26p%3Dhttps%253A%2F%2Fhairtell.com%26dtd%3D485&ancestorOrigins=null&random=9911326025768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 06 Mar 2023 08:21:22 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 13 Mar 2023 08:21:22 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
uklo
htlp
futalis.de/ Frame 92D3
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=28039800037533100951401012255027&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=8b4e79fbc4&subid=&uid=0513c4b30edaafef&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6400961971435143%26output%3Dhtml%26h%3D600%26slotname%3D8387732158%26adk%3D2492063329%26adf%3D1702197241%26pi%3Dt.ma~as.8387732158%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678090164%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fhairtell.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678090880114%26bpp%3D1%26bdt%3D697%26idt%3D483%26shv%3Dr20230301%26mjsv%3Dm202302160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C390x280%26nras%3D1%26correlator%3D3904638590641%26frm%3D20%26pv%3D1%26ga_vid%3D374344829.1678090880%26ga_sid%3D1678090881%26ga_hid%3D2091845724%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1103%26ady%3D892%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759876%252C44759927%252C44759842%252C42531514%252C31072731%252C31071663%252C31071976%26oid%3D2%26pvsid%3D4315652597881520%26tmod%3D532577646%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DxpqtYsp2wD%26p%3Dhttps%253A%2F%2Fhairtell.com%26dtd%3D485&ancestorOrigins=null&random=9911326025768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 08:21:22 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame AB15 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28039800037533100951401012255027&nw=1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.199.108 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-108.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
758b2e69c7f2089c54742d380c1ff5af99aee8547cddcff7cff90ba494f7de0c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
last-modified
Mon, 06 Mar 2023 08:21:22 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 06 Mar 2023 08:22:22 GMT
activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688
5994599.fls.doubleclick.net/ Frame 190D
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688?
391 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688?
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
6fc61210fe2dcbfa7e47008d6e9fc9fd75502a09070d5cbe0f1dac6c870367eb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:22 GMT
expires
Mon, 06 Mar 2023 08:21:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900027.redintelligence.net/ Frame 2707 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=8b4e79fbc4&subid=&uid=0513c4b30edaafef&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJXBdRbis_iArCmRcvCE1Vw%26exch_seat%3D20035004448%26mt_aid%3D1785791052275728158%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_cid%3Decfe6405-a281-4c01-a4e2-60eeef1fa7c8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwBV4gKIFZPOAKNrHtwejzYTAAs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCagDAaoEtwFP0Fm8WEJPFxLPTA65yyxMJWPDXtn-2ue6sxedmNc_6nZ_6D7V5a0DDaJG5aWwtfDKeTuOnEfCIe_RVs3vUqhigf6rZ6ND03-OVV1sd-HmxqFhOyYT2EMzOi2pKLfu12YdousQW63ES8zjuNoA9Z3Tp8wN0mlOEgsgcbcMO939EsftPTcPaiuOVe5PdhvZ8hiqTmzoq1yEnPTDuUE1uB1iK9EoNyZYFdau3JZ8HiaoYjXqOX_8apmABrPp9fjfzMC4uQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0pQQQ0aW_0dWd9_m36Q3VUEN9-2A%2526client%253Dca-pub-6400961971435143%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6400961971435143%26output%3Dhtml%26h%3D600%26slotname%3D8387732158%26adk%3D2492063329%26adf%3D1702197241%26pi%3Dt.ma~as.8387732158%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678090164%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fhairtell.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678090880114%26bpp%3D1%26bdt%3D697%26idt%3D483%26shv%3Dr20230301%26mjsv%3Dm202302160101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C390x280%26nras%3D1%26correlator%3D3904638590641%26frm%3D20%26pv%3D1%26ga_vid%3D374344829.1678090880%26ga_sid%3D1678090881%26ga_hid%3D2091845724%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1103%26ady%3D892%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759876%252C44759927%252C44759842%252C42531514%252C31072731%252C31071663%252C31071976%26oid%3D2%26pvsid%3D4315652597881520%26tmod%3D532577646%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DxpqtYsp2wD%26p%3Dhttps%253A%2F%2Fhairtell.com%26dtd%3D485&ancestorOrigins=null&random=9911326025768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
834522581cc646677f366963166a92b4e5e981e72c03f38d9fb3acf785baca19

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2020
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Mar 2023 08:21:22 GMT
Expires
Mon, 06 Mar 2023 08:21:22 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame AB15
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28039800037533100951401012255027
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:24:00 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Mon, 06 Mar 2023 08:21:22 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
52C7822A:CDB6_91EFC182:01BB_6405A282_94591C3:2FD2E
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
truncated
/ Frame AB15 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
370c55c398d08868caff97df80e89c9290164884f434a3715e3c0ada694a713c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 382E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca30d7e5dfeb50cd98a4c4d4c64865c63813b765d467e4c293c3c6a7a816ca17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 04F2 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 04F2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-3230"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 08:21:22 GMT
6820d5377b6140b8a9bb128c8b12ba84_cpn_120x600_1.jpg
static.criteo.net/design/dt/915/230119/ Frame 04F2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/915/230119/6820d5377b6140b8a9bb128c8b12ba84_cpn_120x600_1.jpg
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2e3e5e6e449f42cdb66352e54ae771f7ca785f5c0352f420c699c492bde8fa5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 19 Jan 2023 16:48:29 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63c9745d-5840"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
22592
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=110&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=236&s=uFkmlgNunK-SAiE3LpyS1pxq
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e28cc2a73d72c3c6edc7b0b679c0af1c5223380dde09f9282f52d7da5ccb0aac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27710431
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11724
expires
Sun, 21 Jan 2024 01:41:54 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17213818BG_14_F.JPG&v=3&w=400&s=N2fN8fmYF7UEYjBXUCoERxGP&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ee5fdcfaca157ecdb820375d0c5c29f415772e1cb9422f7383bf0d9e2a895685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4520
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15236687WP_14_F.JPG&v=3&w=400&s=cGtDkmvoqsYIXoDSTR9B0OkR&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
504ece38145094714995aa1a4111762600cb3bf74effb27596eae2c2d6c91c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13112
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17065126VL_14_F.JPG&v=3&w=400&s=EUZ7vRBUUDXD4yjznwDx7buv&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
193b688d3a695ecd68aea18137cc5cb60f63262afcefdb17e581e1887756665a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6846
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12988665JM_14_F.JPG&v=3&w=400&s=AZiFNlGbbdI3HsX0ZVI_J6Ei&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9a1e7ebe8c7ff87a27891ed2251c2d5c6a5cd4ea40eae24298414f9a0cb73b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13356
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F45%2F45472988QI_14_F.JPG&v=3&w=400&s=vyM1aJJ2WF8JuwreJrA8ZhJ1&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ae21a793dbd7b6bd59c97e8ea240928dfd807a24bee3b8fe18a58ac5af1359b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6982
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16154529PP_14_F.JPG&v=3&w=400&s=4KOzwvKrZwW_f6PxrhH9agUX&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ab283c86a8e2058cbca43ade506d74d474de46d2e4d8a6de3353be94e3bcfd19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6572
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17513720VC_14_F.JPG&v=3&w=400&s=hEI3uYgT8poN2tqHJDTBvk54&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0f8130ac548f707d44397e482f74cb91a818980ea54e262d9ef6e19299f1f637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3232
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F11%2F11855268HB_14_F.JPG&v=3&w=400&s=U6Q8kOkHkX5_PrbS7AVIs-Uh&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6283eca6fa55c191553dbe85dd1812a5efddac295f83fd10df4442a44152f37f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7788
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17000324QX_14_F.JPG&v=3&w=400&s=unGIzV6Ur6W_dfW_R7St3ld2&b=400
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a4fa6f7b01c857b71a6fd772696b6275cb6185bf44568d168e81b7aa8ab9740b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6772
expires
Thu, 29 Feb 2024 08:21:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 382E 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI_e7gKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBK4BT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvLs2vCcMVR4WNqNoneDTCgwMtQQn9Bs1t78zE9CCwWAH2qDyAlcJgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY0MDA5NjE5NzE0MzUxNDMYAA&sigh=aVet7EHC8u8&uach_m=[UACH]&cid=CAQSGwDUE5ymg9vVosdy3Ut1bW8Bp509jEsKwSFOIRgB&vis=1
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Mar 2023 08:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 382E 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksWCFJi6MHjYBJ2DYgICAAAABo3yr6wWfMpzl1lGEICiBWQekIyS-qIgHfHOAAASAAAKDkFRVURCUVlCQlFFQkJR&wp=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
258220
content-length
0
css
fonts.googleapis.com/ Frame 2707 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 07:31:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 08:21:22 GMT
/
hal9000.redintelligence.net/scale/ Frame 2707 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a6ec3007982277467dbd919dc3c3fac1922eb04b889ed9adba883e807da568bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2707 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
97df261f1368fe6415233c73ba596b51c7fedd55d0410cef7848718450d64f1c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2707 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e78df896f329352bb1f27dca0c8c91f8815962ba6ce3ece73b3a0d819def4cd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 8875 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17cb8fd52f6f9da28b618825ec197ac1a4679f6976dabb9a14d9b307d366aff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41443
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Mar 2023 08:21:22 GMT
pvClk.min.js
analytics.webgains.io/ Frame AB15 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28039800037533100951401012255027&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:37:38 GMT
content-encoding
gzip
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
27825
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
p2yb7biDFYZmkiutr6k4bRo927u1WDAMBrIL54_a_xi_h-TGeR34PA==
1x1.png
cdn.track.production.webgains.team/7121/ Frame AB15 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1678091182&Signature=hgR5gMl7qmBHfzSlJFiG5zQTadKB58LNJFL9KDBYtRGnuX1PCawF2HbydS16kxlxOzncFTYDrwXDcZj7dZv1aC0EIcCEbtIFE3-Y4w8vbc2O0g2KGgxM~eOPABHrSV2FG14UHT~q~0mcQW68HO0-X6lJbofwXhqtMNxVrGzXcxwpB4QxJNMZuplk0J0JgiSeJFIjtOkndy-dzfGYURln0FvXCh-eFHaUJMbMtTiQFp0Y-dPLeFaZsI6YrrrFT93uTfGw2h~FdDxdQS~tIXsURaofeSca~Z18wYwaVVEmSitbVfEnoHGLIF0J-6pDezV7q~9rC5zwh3avzpYNpq675g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6400961971435143&output=html&h=600&slotname=8387732158&adk=2492063329&adf=1702197241&pi=t.ma~as.8387732158&w=300&fwrn=4&fwrnh=100&lmt=1678090164&rafmt=1&format=300x600&url=https%3A%2F%2Fhairtell.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678090880114&bpp=1&bdt=697&idt=483&shv=r20230301&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C390x280&nras=1&correlator=3904638590641&frm=20&pv=1&ga_vid=374344829.1678090880&ga_sid=1678090881&ga_hid=2091845724&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759876%2C44759927%2C44759842%2C42531514%2C31072731%2C31071663%2C31071976&oid=2&pvsid=4315652597881520&tmod=532577646&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xpqtYsp2wD&p=https%3A//hairtell.com&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 06 Mar 2023 02:38:17 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
20810
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
_FiOyKA4LGVNy676sAqB61fJNxBJIlubu3HZu86nEnw0sDcdFVdFxw==
viewability
hal900027.redintelligence.net/ Frame 2707 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=28039800037533100951401012255027&a=cfa448c6&vb=m
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:22 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2707 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:41:23 GMT
x-content-type-options
nosniff
age
319199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 15:41:23 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2707 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options
nosniff
age
373946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 00:28:56 GMT
dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688
adservice.google.com/ddm/fls/z/ Frame 190D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf2xNfvxv0CFa7JOwIdafEIcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3598055045719.688?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts.js
cdn.retailads.net/ Frame 92D3 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2365049336
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
img
pix.eu.criteo.net/img/ Frame 04F2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=110&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=236&s=uFkmlgNunK-SAiE3LpyS1pxq
Requested by
Host: hairtell.com
URL: https://hairtell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e28cc2a73d72c3c6edc7b0b679c0af1c5223380dde09f9282f52d7da5ccb0aac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27710431
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11724
expires
Sun, 21 Jan 2024 01:41:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dfd63774054211dfc9cb45be2585d6fdfc9e97435710dcf37dfed5d130c36d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11218
x-xss-protection
0
img
pix.eu.criteo.net/img/ Frame 04F2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12988665JM_14_F.JPG&v=3&w=400&s=AZiFNlGbbdI3HsX0ZVI_J6Ei&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9a1e7ebe8c7ff87a27891ed2251c2d5c6a5cd4ea40eae24298414f9a0cb73b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13356
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15236687WP_14_F.JPG&v=3&w=400&s=cGtDkmvoqsYIXoDSTR9B0OkR&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
504ece38145094714995aa1a4111762600cb3bf74effb27596eae2c2d6c91c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13112
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17213818BG_14_F.JPG&v=3&w=400&s=N2fN8fmYF7UEYjBXUCoERxGP&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ee5fdcfaca157ecdb820375d0c5c29f415772e1cb9422f7383bf0d9e2a895685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4520
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17065126VL_14_F.JPG&v=3&w=400&s=EUZ7vRBUUDXD4yjznwDx7buv&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
193b688d3a695ecd68aea18137cc5cb60f63262afcefdb17e581e1887756665a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6846
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F45%2F45472988QI_14_F.JPG&v=3&w=400&s=vyM1aJJ2WF8JuwreJrA8ZhJ1&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ae21a793dbd7b6bd59c97e8ea240928dfd807a24bee3b8fe18a58ac5af1359b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6982
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16154529PP_14_F.JPG&v=3&w=400&s=4KOzwvKrZwW_f6PxrhH9agUX&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ab283c86a8e2058cbca43ade506d74d474de46d2e4d8a6de3353be94e3bcfd19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6572
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F11%2F11855268HB_14_F.JPG&v=3&w=400&s=U6Q8kOkHkX5_PrbS7AVIs-Uh&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6283eca6fa55c191553dbe85dd1812a5efddac295f83fd10df4442a44152f37f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7788
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17513720VC_14_F.JPG&v=3&w=400&s=hEI3uYgT8poN2tqHJDTBvk54&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0f8130ac548f707d44397e482f74cb91a818980ea54e262d9ef6e19299f1f637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3232
expires
Thu, 29 Feb 2024 08:21:22 GMT
img
pix.eu.criteo.net/img/ Frame 04F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17000324QX_14_F.JPG&v=3&w=400&s=unGIzV6Ur6W_dfW_R7St3ld2&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a4fa6f7b01c857b71a6fd772696b6275cb6185bf44568d168e81b7aa8ab9740b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6772
expires
Thu, 29 Feb 2024 08:21:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EFA7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoeRmKtEscNhssOKi7TcrCG-scA1C4DY_mmi2cG3VuIkz1pFAJgtK3GT1ws1vSE89YFxKuVItbVKCimL80OkZ_3T_0wFdEZ3p4PVTr1vLITleZK_6cxzqoqwocUPCVjg1Bg-PqyQ&sai=AMfl-YT5n_5j5wXxjbaxC72nkga_ozOCFtM2pHNmRvDLTyOszocuxP4d3HGuZoXd8vbpmQ5WR3NTzM3oieLc&sig=Cg0ArKJSzLU2qLIsj8UBEAE&cid=CAQSGwDUE5ymg9vVosdy3Ut1bW8Bp509jEsKwSFOIRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=324,1000,1000,1000,1000&tos=324,676,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678090881420&rpt=617&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6400961971435143&plah=hairtell.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 08:21:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AB15 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhfh9lIJvUTaQh8q9pNsGRlOPFVpRQnAuqnHIBZFlQMvFHsduOidWl_rk19YTBj9CdXtze3G-SqT7w3uYS6CUlW7Yg&sig=Cg0ArKJSzPmOMI871YFDEAE&id=lidar2&mcvt=1059&p=0,0,600,300&mtos=0,0,1059,1059,1059&tos=0,0,1059,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0.51&if=1&vu=1&app=0&itpl=20&adk=2492063329&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678090880600&rpt=1571&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
4856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 07:00:27 GMT
expires
Tue, 05 Mar 2024 07:00:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C8F2 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ae26f8d18afa9c9290a1eea8fb1c9bd7d589b6b43c97291eb62a08dd806238e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wXPNHcqZ0NezhI5PLMLITw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairtell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-wXPNHcqZ0NezhI5PLMLITw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:21:23 GMT
expires
Mon, 06 Mar 2023 08:21:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.eu.criteo.net/ Frame 04F2 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cVBzds5Q6ALgAiTMAEa9OQQ4cI7P1qPUSPy5qgHsP8IIPyTcilk4RI-hwG_Ke_QlzyHfWsfbi2AMxbKn87ewiF4Rb7qCY6blBrLA55HPbeH1BGxOvoe4Y4mAk6HS7Zsek8ZYJbDUUhMGqCnXKmRAzEi3ZVunMQ3GDljfFmI4MCccr6TI6_n12XjhM7zlFqGalhxzbJd3DqtzjcYpVlhO2PrUfHnEgZDiR6kETPgOEZcEDfrN9r_uk4gCY_OYV6Afps-gXg&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAWigAAIpJYGUIUyAAZu2I1HMzTF9C5hu_L8UQ&u=%7CYxYqaoB1IUvWbqIjQVjBh%2FmRqg6sDRFfE7WPQQxB6kc%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUam5bVyvnI7h6O53obj4ONRs5gBsxDtz6Xjc71PYMD8NyFSTvd1C8WCVPAJvZNOo_c53EpBQOMuSCChxaXt6QkPJ_rPfhhtCrRaBVqHdf0xk8SH2-paOanWEf4Hj-4e7TOyeDrLErl9HdyRs296Y0xxaaPPjZkeN9A3KfSqNBZqCw49aw2bxnYyss_ZEE7yUovVw87a6VC5Zgsvo1CD3AIW6L-cxi1kxKviIJBWWqeNSwgVK6uLJTrFWcNL_LDkyWbNGYquZyNKv4cwuALMHyR5mopzLeLcGboUFjBhluyn5hlp08nux0mdMVbeNpaZrchBgQLn3f46QA_Jz4Z14MdFs_V8GGgRXRPK2jW2y-LJ25ZWyZPzEI7Ofpl7N3ztpGcryf99uLpHBBwo9TMaSRrx8Ynljra5HL8vuW-4DKPbet-9l7R0rNoZqSbrU5K-oBZoKFUtb-9VmjXgZ8r1bG90eGjbG-60x-JSt4Rml3fKCXihwnxXiCghIqy26zspNl_XGJBIPLJkGeUO_hm-a-ZgL3L2-vMvIQk6ICGIdY7COMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDjEagKIFZJbJIrKKwuIP2N2Z0APJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjQwMDk2MTk3MTQzNTE0M8gBCakCda6mCKjXsT6oAwGqBLEBT9CRgqGoJ411EfDESDJmQmGExj-SKarDDwNtF3tf_qhUCuZ8J10D_0p6cUbM-qtO_1jw9sqxNOYj-m7Bic1BMiZPORm-PhQItZg--74DB5MhSBORFKq42UJdOoHnH8lYaJdc6TaKDbVcxOz6yy6BN5WJ5PLJJ-uGUbCydorBqNSPYxb8ah1QvPk0nbWL2oIFiT98PjDurPQFoQ6R_jUtNQv7LnZwfn4rwiVYhkS2XOpGgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03DiNQ3YiyPD7kqckAVStudmxgvQ%26client%3Dca-pub-6400961971435143%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 08:21:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 382E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssavkj0Gal5DmWwEFWft6zxmWi_ebOv2noMGmjbIIkft7boNdzDmrGS1YQrhRRZa7tweUg7L-OzT7ePUoVxNLvZje4&sig=Cg0ArKJSzLlDymdMCxRQEAE&id=lidar2&mcvt=1058&p=0,0,600,120&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678090881418&rpt=577&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 08:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame AB15 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.2.226 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-2-226.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 08:21:23 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.2.226 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-2-226.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 06 Mar 2023 08:21:23 GMT
server
nginx
viewability
hal900027.redintelligence.net/ Frame 2707 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=28039800037533100951401012255027&a=cfa448c6&vb=v
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=28039800037533100951401012255027&a=d1b25b61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 08:21:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame C8F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=4315652597881520&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame CF29 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 11:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 11:14:42 GMT
generate_204
tpc.googlesyndication.com/ Frame CF29 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w5yHow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:21:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=4315652597881520&bg=!-vml-a3NAAbv3-2Ez987ADkAdvg8Wi2HV-sT1ZVaQ5pFWAbFhaWmFWjBaUgLeLnqRmjWb0alX_aIXu8_AtNrttwACzuRtMK1EQcCAAAASlIAAAADaAEHmQKZn2cLkef22osJ3Gktfn2dc-xKmtI619OBf7EqCqYnyiec1zXiabRHxEaO8_x4QhLQN8WkZuLyCxRcQfvfDTpkUNQQSiLMl6anZSScD0DElVNdKi82HL-xjA8zFYMJP-68Ti7JL9Dw_-OpJs7IZpcWw96AQ9Rdzjs0vNU3fF3m5114Tm6edFhqQ6NBmrWwYAT6tIlMeRgh2QF0838P3_DB2fkxYAGgzZzeKxvH4jXP0IGli1qz_O9yKG2LFzNH83WGY32fPKeEK9Kg03-NSdCox0TJbluIreNvLeK2qgHqBfsYIr7MLncog3IiEtgYtg3tGJw3KQ9mZtOORvg8qlKlrqpRJWklWoZfl0QIP6GkG-CMHLSaBFQuG7pHXTlnUrIv6mC-jIULVrvGINbT_UZGjrKZ98CMeIxEQANEuzvn7jmj74MrxeEMT8eLP6PIb08bDooszKyPYqYegPIHbOYCgbME_VJ9xBfG23ojcxBXDysHJo2ejBCOgB1hFTaNfgid4RolCOS8NCmViElKyxz9iAJkphSbCU5PYVSxzZHSj7MHRKiZesqzuAEIks-MLLWh7c7UF5bGCBkC_f117RJnMemJ1k-q-nkU6rKeoz5ZGKyiwG1j0oqOAbYTEyxjcG1cnhJJvpSolqO3vCPTlfkK2eLa1fbRnvH9293veqYVHo0pYqkgH1_yVeRoOJyruwe5Az2KMhudLwVrkXrkIsJXnU-H-7e9yCUtjp9-LDxALXe6jXq0jWnABlkVvrfz0GGCXLTJK2PQ7_EvX3Msyz31dWadjEANH0hsTInwJMU6OJ2g5i1xB2TBCSnPmBPS8L6T2IeNMC963IbfkimMZ8DjPq_iTn0gJMQzfFd9Mo5EdMLWZ9iA9Kshco8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hairtell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| ExactMetrics object| ExactMetricsObject object| exactmetrics_frontend undefined| $ function| jQuery object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| WPCOM_sharing_counts object| scriptParams function| generateStyleVariables object| screenReaderText object| jetpackLazyImagesL10n object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter function| st_go function| linktracker_init object| wpcom string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.hairtell.com/ Name: _ga
Value: GA1.2.374344829.1678090880
.hairtell.com/ Name: _gid
Value: GA1.2.1145478811.1678090880
.hairtell.com/ Name: _gat_gtag_UA_129101855_4
Value: 1
.hairtell.com/ Name: __gads
Value: ID=1c6fede4a5a88a03-2282a37eb3de001f:T=1678090880:RT=1678090880:S=ALNI_MZ_fodA-cHjahOuF5BtSYFOMev-vA
.hairtell.com/ Name: __gpi
Value: UID=00000bc0f72d8657:T=1678090880:RT=1678090880:S=ALNI_Mby5_wDDg1CDoDw7RFbcf9pKws-gg
.doubleclick.net/ Name: IDE
Value: AHWqTUlQR2CftdvOujJ9iOG3D4K7EN6TeJoRBoZh9ZhaaOBprWaurN4PtnsEnK8Vdfs
.mathtag.com/ Name: uuid
Value: ecfe6405-a281-4c01-a4e2-60eeef1fa7c8
.doubleclick.net/ Name: DSID
Value: NO_DATA
.retailads.net/ Name: ppb2172
Value: 2365049336
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1678090882497,"clickCookie":false}}
.futalis.de/ Name: raSIDb
Value: 2365049336
pb.media01.eu/ Name: DTU
Value: 957FD23512DE53AAA62CEEA59A7B160F

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.pinterest.com
api.webgains.io
c0.wp.com
cat.fr.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cse.google.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hairtell.com
hal9000.redintelligence.net
hal900027.redintelligence.net
i0.wp.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel.mathtag.com
pixel.wp.com
public-api.wordpress.com
pv.medialead.de
rtb.fr.eu.criteo.com
s0.wp.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
widgets.wp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hairfacts.com
100.21.210.162
13.224.189.4
13.225.78.30
138.201.63.116
142.250.186.70
145.239.193.130
178.250.0.160
18.130.199.108
185.29.132.246
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
192.0.78.23
2001:4860:4802:38::178
23.62.220.203
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c0d::9a
2a00:1450:400d:803::2002
2a00:1450:400d:803::2004
2a00:1450:400d:803::200e
2a00:1450:400d:805::2008
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::f
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a0b:4d07:2::1
35.177.2.226
35.241.5.54
49.12.16.151
54.76.176.197
78.46.111.106
88.198.250.30
92.123.37.164
94.23.99.218
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
07c7f38355055e3070bb991521d203db96cf12605adbec90f27e0f5f5eb226e9
0866c6d42891b0798d70c7a3348750b880d4bdf49850f8e4de6e9e1ce56ad860
088674fc15eef135403ab29abc6c7fc277dc83932073c9e418199bbba5ee3f77
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0dfd63774054211dfc9cb45be2585d6fdfc9e97435710dcf37dfed5d130c36d7
0e7d7d9771e6f6592aecf4a909caa1264485d4036752fca8fc28d156a5d40fc1
0ea349882975d8cc9ab6fd18691cde16a4ce238c0c44465ef93658be31ed92ba
0f8130ac548f707d44397e482f74cb91a818980ea54e262d9ef6e19299f1f637
1450a1533a0cf3b0c5a889245ce6fb75ba12be8f87360df08cbc34b087af1cc2
17cb8fd52f6f9da28b618825ec197ac1a4679f6976dabb9a14d9b307d366aff0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193b688d3a695ecd68aea18137cc5cb60f63262afcefdb17e581e1887756665a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
25fbd7a5ee8afa70c556e6b04a09760a03177e6e01e73ac6b17928163e96f081
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
2ae712a1582b13ba975ead7892bbcd1b505ead4c36e35986dd0b7559273ca160
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2be8af2e340e1b5c9b3df08aadc66054c96591e99ec95f3859e2fac7270102b5
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e3e5e6e449f42cdb66352e54ae771f7ca785f5c0352f420c699c492bde8fa5b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
370c55c398d08868caff97df80e89c9290164884f434a3715e3c0ada694a713c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3de3c993102c064630f4db50ac4fadc4397dee11f1f2184c6b17706aae9cc59d
44dfef0614b86ebfbc5f796617c1a763a02e6ebf43e409d1ace21e3954854fee
45a5dd7390631a4aa2588a8c9c0a9dae1f9cd0884f1c9490fec733c3382cb891
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
504ece38145094714995aa1a4111762600cb3bf74effb27596eae2c2d6c91c6e
537c52eaeabf99bd8247f0aaf9086e542b8f50339fc465faf2965dd70bcb5811
55217ee0bc6490169d84cb981296d4c62f8c9922d775f33fac9c79c58ae6e942
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6219097ae2b20f61c2255f8a32a29dde31b91239c35244004a9b0f8881058d46
6234259dd38642028d38cf710a10b34030743d112c503c6207fa485ae376ae86
6283eca6fa55c191553dbe85dd1812a5efddac295f83fd10df4442a44152f37f
69a321840bb49348959a5f5824505e7d4794f8eb81d5ebde36b239af63dd8df0
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
6fc61210fe2dcbfa7e47008d6e9fc9fd75502a09070d5cbe0f1dac6c870367eb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
758b2e69c7f2089c54742d380c1ff5af99aee8547cddcff7cff90ba494f7de0c
76d8a940e9301888c636ac84f1e83eb0d709c092c3b517b0d38a0e3c84058536
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
7d5faa79fbd53cfe0e227e9dc2770f0c48928122486cef2f0b6ef69e05af2b83
7f95f13fa840812128e542e56ffe02bfe6b65d43a1e439b94d7fbc9189ba5051
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d7db2beaf0bed1398411ac2509f5fb4ca0564af181a066c77bec4b835b93bb
834522581cc646677f366963166a92b4e5e981e72c03f38d9fb3acf785baca19
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885d6976adcc792d443fc742436fdb1c59f97741f9d4e56e33b2ad9637f5328d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
97df261f1368fe6415233c73ba596b51c7fedd55d0410cef7848718450d64f1c
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9a1e7ebe8c7ff87a27891ed2251c2d5c6a5cd4ea40eae24298414f9a0cb73b1c
9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38aca823bb17c7335f249bb6194adbc333694c11ffa76563b4cba3a033cd99c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fa6f7b01c857b71a6fd772696b6275cb6185bf44568d168e81b7aa8ab9740b
a6ec3007982277467dbd919dc3c3fac1922eb04b889ed9adba883e807da568bb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab283c86a8e2058cbca43ade506d74d474de46d2e4d8a6de3353be94e3bcfd19
ad38148385e5d54abbb1a567b441c30ee591adff531d3232ed9ca1a4f31b6049
ae21a793dbd7b6bd59c97e8ea240928dfd807a24bee3b8fe18a58ac5af1359b8
ae26f8d18afa9c9290a1eea8fb1c9bd7d589b6b43c97291eb62a08dd806238e0
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b84a3093bd9197f52d16c7e3c37122b6a962220a46518ee2713e5ff4e3eada3a
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c47c955a7f7fd14bfdb78de6d132be252655b44afa52fc12b8f04b9a27e9e394
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca30d7e5dfeb50cd98a4c4d4c64865c63813b765d467e4c293c3c6a7a816ca17
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
d72f1551db855ff53dfa0d4fc319302526af62564845e3dd1b36a67f9aeaa6bf
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db748586325f04fcc59e4277193894d777c68701cfe4a5c5c3759e284dc5f01c
dbdce2a427cc45f01c27c5b968fb54a771a11b8ec9687104530d0c8077b1ebb5
dcc46f8d9a1534d2d27e138e66dfac5bec061b660b29de6df2a0f814907719d4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e22af6be4f842d0947afe643a7b35509366f62d722077ed4c0989032e80f732a
e28cc2a73d72c3c6edc7b0b679c0af1c5223380dde09f9282f52d7da5ccb0aac
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e78df896f329352bb1f27dca0c8c91f8815962ba6ce3ece73b3a0d819def4cd7
ee5fdcfaca157ecdb820375d0c5c29f415772e1cb9422f7383bf0d9e2a895685
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd41038db0a012cd5c32794edfc62662f24918ad97fdde92b4c4dc59d48edc8
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3a8b278f0749630662296c1170bbc0393d18a39db92d1c3c80a9c75050191da
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f785f5e2187ed275d79452d5e42524cf0739c4813afdbdec2d487e48984da0dc
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb