urlscan.io logo urlscan.io
SecurityTrails logo

hairbarnyc.com Open in urlscan Pro
35.155.45.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hairbarnyc.com/
Effective URL: https://hairbarnyc.com/
Submission: On October 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 4 countries across 27 domains to perform 134 HTTP transactions. The main IP is 35.155.45.56, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is hairbarnyc.com.
TLS certificate: Issued by R3 on August 12th 2022. Valid for: 3 months.
This is the only time hairbarnyc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62 35.155.45.56 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2600:9000:214... 16509 (AMAZON-02)
1 18.66.97.53 16509 (AMAZON-02)
1 138.128.247.123 36007 (KAMATERA)
1 143.204.101.194 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 18.205.36.100 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 45.79.6.119 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 52.222.236.63 16509 (AMAZON-02)
1 18.66.147.113 16509 (AMAZON-02)
4 108.138.2.197 16509 (AMAZON-02)
1 147.185.239.105 36007 (KAMATERA)
1 104.244.42.72 13414 (TWITTER)
2 18.66.115.169 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 151.101.0.84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.31.254.154 16509 (AMAZON-02)
5 72.14.190.90 63949 (LINODE-AP...)
1 54.214.186.189 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
3 34.107.204.85 396982 (GOOGLE-CL...)
2 162.247.241.14 23467 (NEWRELIC-...)
1 34.117.59.81 396982 (GOOGLE-CL...)
134 37
62    35.155.45.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-45-56.us-west-2.compute.amazonaws.com
hairbarnyc.com
1    2600:9000:223c:3600:18:f6c:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
checkout-sdk.sezzle.com
6    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:480:385::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    2600:9000:214f:2400:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.weglot.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
1    138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)
acsbapp.com
1    143.204.101.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-194.fra50.r.cloudfront.net
d1yw3duy3i4qiv.cloudfront.net
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    18.205.36.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-36-100.compute-1.amazonaws.com
hirefrederick.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    45.79.6.119 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1105-119.members.linode.com
hairbarnyc.ladesk.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net
vars.hotjar.com
4    108.138.2.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-197.fra56.r.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
1    147.185.239.105 (New York, United States)

ASN36007 (KAMATERA, US)
cdn.acsbapp.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net
cdn.segment.com
1    2600:9000:223f:0:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.31.254.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-254-154.eu-west-1.compute.amazonaws.com
in.hotjar.com
5    72.14.190.90 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li105-90.members.linode.com
1-vbus-us-tx.ladesk.com
1    54.214.186.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-186-189.us-west-2.compute.amazonaws.com
api.segment.io
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
data.pendo.io
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
62 hairbarnyc.com
hairbarnyc.com
2 MB
17 ladesk.com
hairbarnyc.ladesk.com
1-vbus-us-tx.ladesk.com — Cisco Umbrella Rank: 113914
285 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
4 KB
5 cloudfront.net
d1yw3duy3i4qiv.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
229 KB
4 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 2416
data.pendo.io — Cisco Umbrella Rank: 2123
149 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
198 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874
script.hotjar.com — Cisco Umbrella Rank: 1166
vars.hotjar.com — Cisco Umbrella Rank: 1268
in.hotjar.com — Cisco Umbrella Rank: 2355
70 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 991
syndication.twitter.com — Cisco Umbrella Rank: 1241
133 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3157
log.pinterest.com — Cisco Umbrella Rank: 4428
19 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 393
1 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2553
28 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 hirefrederick.com
hirefrederick.com — Cisco Umbrella Rank: 214355
14 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 6715
cdn.acsbapp.com — Cisco Umbrella Rank: 7385
140 KB
2 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 22819
28 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
88 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5982
536 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 720
18 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1311
175 B
1 gstatic.com
fonts.gstatic.com
17 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
204 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3460
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 19
548 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
15 KB
1 sezzle.com
checkout-sdk.sezzle.com — Cisco Umbrella Rank: 270560
43 KB
0 favicon.click Failed
favicon.click Failed
134 27
Domain Requested by
62 hairbarnyc.com 1 redirects hairbarnyc.com
12 hairbarnyc.ladesk.com hairbarnyc.com
hairbarnyc.ladesk.com
6 fonts.googleapis.com hairbarnyc.com
hirefrederick.com
5 1-vbus-us-tx.ladesk.com hairbarnyc.ladesk.com
1-vbus-us-tx.ladesk.com
4 d34oxwxegf4jrt.cloudfront.net hirefrederick.com
d34oxwxegf4jrt.cloudfront.net
4 connect.facebook.net hairbarnyc.com
connect.facebook.net
3 data.pendo.io hairbarnyc.com
hirefrederick.com
2 bam.nr-data.net hirefrederick.com
2 cdn.segment.com hirefrederick.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 hirefrederick.com hairbarnyc.com
hirefrederick.com
2 platform.twitter.com hairbarnyc.com
platform.twitter.com
2 cdn.weglot.com hairbarnyc.com
cdn.weglot.com
2 assets.pinterest.com hairbarnyc.com
assets.pinterest.com
2 www.googletagmanager.com hairbarnyc.com
1 ipinfo.io hairbarnyc.com
1 js-agent.newrelic.com hirefrederick.com
1 api.segment.io hirefrederick.com
1 in.hotjar.com script.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 log.pinterest.com hairbarnyc.com
1 cdn.pendo.io hirefrederick.com
1 syndication.twitter.com platform.twitter.com
1 cdn.acsbapp.com acsbapp.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.facebook.com hairbarnyc.com
1 www.google.de hairbarnyc.com
1 www.google.com hairbarnyc.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 d1yw3duy3i4qiv.cloudfront.net hairbarnyc.com
1 acsbapp.com hairbarnyc.com
1 static.hotjar.com hairbarnyc.com
1 checkout-sdk.sezzle.com hairbarnyc.com
0 favicon.click Failed
134 37

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
hairbarnyc.pro
go.booker.com
www.youtube.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
hairbarnyc.com
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
checkout-sdk.sezzle.com
Amazon		 2022-06-22 -
2023-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.weglot.com
Amazon		 2022-03-09 -
2023-04-07		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.acsbapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-28 -
2023-10-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-17 -
2022-10-15		 3 months crt.sh
hirefrederick.com
R3		 2022-09-09 -
2022-12-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.ladesk.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
pendo.io
GTS CA 1D4		 2022-08-31 -
2022-11-29		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
ipinfo.io
GTS CA 1D4		 2022-08-15 -
2022-11-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://hairbarnyc.com/
Frame ID: C452B352EF00F9499FF048A7B158C974
Requests: 99 HTTP requests in this frame

Frame: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Frame ID: 2D8AECC2DA5BCDC3DB329847CF0C6EE7
Requests: 18 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 13D1A6287C380863EEE63361CDE5AA31
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fhairbarnyc.com
Frame ID: F1BEF1E27CAFAD7417F9364DA72595AA
Requests: 2 HTTP requests in this frame

Frame: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Frame ID: 1A42334455D882E27B0BD6F3BE1041A6
Requests: 4 HTTP requests in this frame

Frame: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Frame ID: 9ED6673D95815829C113553BCFDBE86D
Requests: 5 HTTP requests in this frame

Frame: https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
Frame ID: AEBA725675372677DE342F78856E6A18
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Hair Salon in New York and Florida - HairBar NYC

Page URL History Show full URLs

  1. http://hairbarnyc.com/ HTTP 301
    https://hairbarnyc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

99 %
HTTPS

42 %
IPv6

27
Domains

37
Subdomains

37
IPs

4
Countries

3451 kB
Transfer

10352 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hairbarnyc.com/ HTTP 301
    https://hairbarnyc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hairbarnyc.com/
Redirect Chain
  • http://hairbarnyc.com/
  • https://hairbarnyc.com/
335 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
baf2b8f7bd353acb57e89dd6329f8824928080e26927e281771930ed7ae439d3
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
28529
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Oct 2022 18:57:02 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.29 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 07 Oct 2022 18:57:01 GMT
Keep-Alive
timeout=5, max=100
Location
https://hairbarnyc.com/
Server
Apache/2.4.29 (Ubuntu)
jquery-2.1.1.min.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
29505
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 20 Dec 2021 14:02:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"14919-5d39456389269-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
bootstrap.min.js
hairbarnyc.com/catalog/view/javascript/bootstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
9753
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:43:51 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8fd6-59dc1e80d7bc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
jquery.session.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jquery.session.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
922
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Mar 2020 13:23:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"e76-59fdf18e90100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
swiper.jquery.js
hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/ 		208 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/swiper.jquery.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bbb88a0ad5debf8c3f2e9a143c130ef998ee756a5ff51950953b103e1d264f86
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
35462
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:45:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3414f-59dc1ecd22fc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
swiper.min.js
hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/swiper.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
23620
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 06 Sep 2022 07:10:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"178b6-5e7fce384960e-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
jquery.event.move.js
hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/jquery.event.move.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
34115179b64f10cbd600e5035c6b5f892424590fcbae2806572b4fdb931f84b7
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
4665
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 06 Sep 2022 22:41:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3a75-5e809e6b31564-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
jquery.twentytwenty.js
hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/jquery.twentytwenty.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4c19359ee09e71c2da70f46963267cebd584d9104fd6f52e644b94131faab079
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
3056
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 21 Nov 2021 14:11:25 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"23ed-5d14d1570ac19-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
checkout.js
checkout-sdk.sezzle.com/ 		144 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout-sdk.sezzle.com/checkout.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3600:18:f6c:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd23cf2375e878249436f9dc1336b6a141a50f0d8609931151449cfccad46bc8
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
kukmRzgFI9G7ZYn3C8VFKbb8.I0xiC2_
strict-transport-security
max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
content-encoding
gzip
date
Fri, 07 Oct 2022 18:47:12 GMT
x-amz-cf-pop
FRA56-P2
age
653
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 21:23:16 GMT
server
etag
W/"cc246da7d754ce6f46763a0312304b99"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, max-age=0
x-amz-cf-id
1pMZ_4LM--y24az_EACfHwgC1rRPtee0TMmzgB8hu2LRL4l5Fa1LBg==
swiper.min.css
hairbarnyc.com/catalog/view/javascript/jquery/swiper/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/css/swiper.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
2871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:45:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"456d-59dc1ecc2ed80-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
e27ac72c3d7e39b0384dda5441015873.css
hairbarnyc.com/catalog/view/javascript/pavothemer/ 		2 MB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3ee12b59d96390203e8dd31103aac0bb408e569e2dff5d3a60dc156541de2cba
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Aug 2022 13:50:09 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"26a8b0-5e5cf35f13f16-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
theme-custom-stylesheet.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/ 		125 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ddeab20d440fba6770815144dad4ee6a3832e42b4535b2c800d87fc269b21455
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
25975
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 22 Apr 2021 11:55:07 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1f47f-5c08e59bcfcc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
animate.min.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/animate.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
2626
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:43:36 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4242-59dc1e7289a00-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
css
fonts.googleapis.com/ 		4 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400i&display=swap
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
130054ee6b7b0e6def9d2cce971e2b8799ef3a80adc4623c9f72972ee9a2fe63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:57:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:03 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:01:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:03 GMT
jQuery.countdown1.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jQuery.countdown1.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
01a4c62841de76e1e79aa4808c467b7cb2c1d79160e6cb1ca3a6406448b7ca91
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
3038
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:40:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"27a5-59dc1dcd8d4c0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-165298320-1
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
097762e17dbb88a99952c1e62a88133daa90c65ccd10d5d36bb969999dedb006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42345
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:10:42 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Oct 2022 18:57:04 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:385::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=263
accept-ranges
bytes
content-length
203
js
www.googletagmanager.com/gtag/ 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-946241747
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ec353e3e0c9d344f56093a383bfae444d46820a785689d200dd1cf0e5aa9cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46761
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:10:42 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Oct 2022 18:57:04 GMT
5f58403901293bce06b22525e93bfdf3.js
hairbarnyc.com/catalog/view/javascript/pavothemer/ 		730 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/pavothemer/5f58403901293bce06b22525e93bfdf3.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
987c59280847b3530eef6c1bc94beeea487adf7480a780576eddf822dd8c4fe9
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 13 Dec 2021 17:20:54 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b66f6-5d30a4b900777-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
twentytwenty.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/twentytwenty.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3a6683c20e1244386cfbad35727983e3ef30766220b455ab3e94da24740bef09
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
986
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 Jan 2021 07:16:16 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1596-5b84a3727d000-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
twentytwenty-no-compass.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/twentytwenty-no-compass.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3f71bd27a0417d982a74bd4159a9da32a47d2e92dbfbebb205cc6dec27dd12e6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
906
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 Jan 2021 07:16:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"111a-5b84a36cc4280-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
weglot.min.js
cdn.weglot.com/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a904b29c6342ace2d9a8a0f78106e580254479d06db362fab2fd028a9ff6a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
date
Fri, 07 Oct 2022 18:51:09 GMT
last-modified
Thu, 06 Oct 2022 14:18:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
354
etag
W/"123d6764ca2bc902c739e1e8b3ebc3d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
faXj2WAKQkLbUsoooQuRHncXw_hfk9Hw-9glP_xDbVRXI3qFpb50qg==
hotjar-2139383.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
28e6cf5d0bec1578e5bbfe8544b2f4f9905eb1fce42c2ae02e244a1bf8984eae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 07 Oct 2022 18:57:04 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/cf45ec384d80c5f6b51a22c9ff49fe77
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
CIxkL5YONTnaMFqLoxFI16Co9x8IWsx_yGUdGzMBvbmdaC_g4G1sFQ==
app.js
acsbapp.com/apps/app/dist/js/ 		428 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
006ad9acebfd5e568772f008ffda22b8cdbd31a184113a9eeffe3a9e2ab9846f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
br
last-modified
Fri, 07 Oct 2022 11:54:14 GMT
etag
"6af76-63401366-af3ebb833015feec;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
142505
expires
Sat, 08 Oct 2022 18:57:04 GMT
haibarnyc.png
hairbarnyc.com/image/catalog/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/haibarnyc.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
aba1b5b9023efc5fb5c9d5e5db51a68478893dc2b7da6bf88eb9ff873fefb3c2
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:43:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"feb-5c95637e9e880"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4075
X-XSS-Protection
1; mode=block
GC_Color-Collection-200x200.png
hairbarnyc.com/image/cache/catalog/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/GC_Color-Collection-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7528d63cb5065f0c35f595556c6ebbf65e1a6c3dfb2c050dff74b05181211237
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:24 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7fae-5c9566fd2a700"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
32686
X-XSS-Protection
1; mode=block
sdk-v1.js
d1yw3duy3i4qiv.cloudfront.net/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1yw3duy3i4qiv.cloudfront.net/js/sdk-v1.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-194.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
716bfd95f947c1cb2dc2c76bd0ac3e9002e4c4632b5ad973ff8656a06eaa30dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:48:31 GMT
Content-Encoding
gzip
Via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
Last-Modified
Wed, 05 Oct 2016 20:27:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Age
771
ETag
W/"75320659614264cdbb67768735bcee27"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600, no-transform, public
Connection
keep-alive
X-Amz-Cf-Id
VOYhf9sQ_4pD0Cb06wytgrWZx_lD4NTrwO6uDoTRixK4inEi1jlAcg==
css
fonts.googleapis.com/ 		10 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 17:55:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:04 GMT
css
fonts.googleapis.com/ 		2 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
093c8a07828c49147695500f8556d841e3cc58fe03757de3980b24e26476dce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:14:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:04 GMT
css
fonts.googleapis.com/ 		684 B
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=ABeeZee
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bf2859943db8c23d49f38e44084400723325b81efd52c0ef8d2f8a9faf05644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:48:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:04 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Content-Encoding
gzip
Age
742
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=3
Content-Length
29223
x-amzn-internal-status
304
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (frb/6738)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
372825561a5f01dae1e31334179ac97e45fec38626a54d38f43b7f87a580c9dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Oct 2022 18:57:04 GMT
content-md5
krOWkFY4o1t6tj+tOXEZRg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
d1HbcWpx6XrQoFsDM1jTyxFXsLJ2P5roN07SzAHTUyNZePXWf9/VmbYYBy2RnabkKeVgAAG/Geto0o7HRUuIOg==
x-fb-trip-id
917726464
x-fb-content-md5
eb6228200ad10a5c906fd8da5d7e9c72
cross-origin-opener-policy
same-origin-allow-popups
etag
"aa065c6b9d3f9fe352adaf4edd353aa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:58:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Oct 2022 18:57:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8kQnEMwgQkSwG9oRtrJjTwILwedRNjFJjwX+ETW/hl/121YMuufN7e8hpisNdjaOe08IO6aLKKUn8RE8BQxEag==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookieconsent.min.js
hairbarnyc.com/catalog/view/javascript/facebook_business/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/facebook_business/cookieconsent.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
daee2286a0787382ab04909bc40a686c252d806554a9a5cb565cd09d1674cb67
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
6981
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"521f-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
cookieconsent.min.css
hairbarnyc.com/catalog/view/theme/css/facebook_business/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/css/facebook_business/cookieconsent.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
80ba68989d275f8cda9f6e5aa720ac2fd242a32803608011a9ce505e463fd915
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
1340
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"10b7-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
facebook_pixel_3_1_2.js
hairbarnyc.com/catalog/view/javascript/facebook_business/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7e1707adc4e5f5c053055b95d49f4a12f05271a9fb3645049c4296cf6f96a248
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
1388
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"f3f-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
df0392f6336a9a6a7934a3e7a2f4a5176.json
cdn.weglot.com/projects-settings/ 		600 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/projects-settings/df0392f6336a9a6a7934a3e7a2f4a5176.json
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8e3df20c30eda9d967baf6ff346703387a10eca337bda7bf8f37f36ee8e25db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 07 Oct 2022 18:53:31 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Dec 2021 10:18:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
213
etag
"aba23daebc1ddd9725643b8998ae54d5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Error from cloudfront
content-length
600
x-amz-cf-id
qOEa7pEBzlyndjTe9SPqml5hxZu4NvSFU79hIdCLghO3ymiCtAm4vA==
FuturaPT-Book.woff2
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/FuturaPT-Book/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/FuturaPT-Book/FuturaPT-Book.woff2
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8424eb8408ed269ed1acede0db0a6299379e684f1f1d6032dee5042c9a7f54a4
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:45:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"710c-59dc1ef43cc00"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
28940
X-XSS-Protection
1; mode=block
fontawesome-webfont.woff2
hairbarnyc.com/catalog/view/javascript/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:44:01 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"12d68-59dc1e8a61240"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
77160
X-XSS-Protection
1; mode=block
BaskervilleMTStd-Regular.woff2
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/Baskerville/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/Baskerville/BaskervilleMTStd-Regular.woff2
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d506e94d6ec365ea49e9da425ca4d7b09966f98d47dadfe2c4ae5b2c119403f6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:45:56 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"64b4-59dc1ef80d500"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25780
X-XSS-Protection
1; mode=block
en-gb.png
hairbarnyc.com/catalog/language/en-gb/ 		370 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/catalog/language/en-gb/en-gb.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3df9da830a80a6415ea0e3a3dc58573e2e87308ed029a9f32b96fa89afdcbd41
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:39:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"172-59dc1d7c7d580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
370
X-XSS-Protection
1; mode=block
es-es.png
hairbarnyc.com/catalog/language/es-es/ 		469 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/catalog/language/es-es/es-es.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:39:19 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1d5-59dc1d7d717c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
469
X-XSS-Protection
1; mode=block
review
hirefrederick.com/widget/ Frame 2D8A 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.36.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-36-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
2ed0fcd6244f5b835e07c68794b3aea7f4bb21327f512bcb7f01f7e801273d52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Oct 2022 18:57:04 GMT
Etag
W/"da47eefcc65860b8d896af03d94c84e4"
Server
Cowboy
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Request-Id
a2f09aca-2dad-4e43-aba5-cfd8bc929aaf
X-Runtime
0.010762
X-Xss-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-165298320-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Oct 2022 17:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6905
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 07 Oct 2022 19:01:59 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-946241747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:57:04 GMT
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.5677424384042684
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:385::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=174
accept-ranges
bytes
content-length
18679
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8e7a6fd31bc69babc4713063c88519c6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b71bfa2b85ba536a5bb626ae4300adac0c24ed00fd15bf8ebc004241708532bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hairbarnyc.com/
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Oct 2022 18:57:04 GMT
content-md5
HsGZ7hKizGv1kayOXo/eBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86972
x-fb-rlafr
0
x-fb-debug
pJaJy8c3eIQP6VBh0N+9Ey35LnwexxQkp3QWBj+vxICHEEXDqg7sCRcsEgRQ8XF5IGI7ao2UY9+Aat02QjPeWA==
x-fb-content-md5
fb48e7c8bab5dd4e4fb88b9630759941
cross-origin-opener-policy
same-origin-allow-popups
etag
"73e38e2784f6916bb89c251a35065c0c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 07 Oct 2023 15:55:01 GMT
511434462665721
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/511434462665721?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc8cef618503b8020c75140ab068070fe5a4a1fad3a4d88997db35da1865338a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Oct 2022 18:57:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
a3e5NRNsxJzUdke+s4B6/qbdf6he0puLlRY1rdiB/56A4SUBzHVqLnVn3wQGMJNihd7p3xy0MsiAtsu8/3P3Zw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=97969674&t=pageview&_s=1&dl=https%3A%2F%2Fhairbarnyc.com%2F&ul=en-us&de=UTF-8&dt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1676070281&gjid=1163247942&cid=647259386.1665169025&tid=UA-165298320-1&_gid=644768608.1665169025&_r=1&gtm=2oua50&z=57643128
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 18:57:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairbarnyc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946241747/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946241747/?random=1665169024676&cv=9&fst=1665169024676&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&auid=969328521.1665169025&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc44abc21e44b612d2fbafd5da2a3b7121b9a8c91bc099ecc4e66cc1a8442627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 18:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1062
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.js
hairbarnyc.ladesk.com/scripts/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/track.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
d4bcac43603c7560bc9a6b8f76eba9b19b18528a893c6ebc9c6dbc28709e69b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
4
age
0
last-modified
Wed, 05 Oct 2022 08:35:46 GMT
server
nginx
etag
W/"c49f-5ea45768abc80"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
386729780
cache-control
max-age=300, public
accept-ranges
bytes
expires
Sat, 08 Oct 2022 00:57:05 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-165298320-1&cid=647259386.1665169025&jid=1676070281&gjid=1163247942&_gid=644768608.1665169025&_u=YEBAAUAAAAAAACAAI~&z=1293024983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 07 Oct 2022 18:57:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairbarnyc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946241747/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946241747/?random=1665169024676&cv=9&fst=1665165600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&async=1&fmt=3&is_vtc=1&random=808609504&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 18:57:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946241747/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946241747/?random=1665169024676&cv=9&fst=1665165600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&async=1&fmt=3&is_vtc=1&random=808609504&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Oct 2022 18:57:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=511434462665721&ev=PageView&dl=https%3A%2F%2Fhairbarnyc.com%2F&rl=&if=false&ts=1665169024816&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665169024815.1997575767&it=1665169024633&coo=false&rqm=GET
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Oct 2022 18:57:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
modules.f0cd1ed70b545da08b60.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f0cd1ed70b545da08b60.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
8662b9efaf4e7baadfdc51b0a0a133cca8c7670e354d155580a74b2184de2317
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 14:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
16859
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66220
last-modified
Fri, 07 Oct 2022 14:15:55 GMT
etag
"267f2b8b196cf2f3b560a8c460b335c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
siqbFkDQJRvkMpAiuMbPEuuSbeqNo5U_tbTt1vtPUEJMUQt_BTVCEA==
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 13D1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-113.fra60.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
293336
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id
sWn1QGHAmeBcwN93z0gbFp43OyqPZZYW_EFg3t6uI17FcJOMvwEaoQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
css
fonts.googleapis.com/ Frame 2D8A 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 18:12:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Oct 2022 18:57:05 GMT
widgets-2cb303c877c6aa772778dc9f2c7421bf.css
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 2D8A 		161 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-197.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
cefeea6edc2bd77939df6d1d32689376d1ca0131c37a4e412a5bd4ec7c477d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 02:28:59 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Aug 2020 19:05:34 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA56-P6
Age
15524885
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
28956
X-Amz-Cf-Id
XO0qxrXiS0LqDAcZDymwAuKjsdwDh1BlBa19_olpa9pHwgNF94pc2w==
widgets_require-766fc4be5928c7d408d8bed72b159199.js
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 2D8A 		367 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets_require-766fc4be5928c7d408d8bed72b159199.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-197.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
160ce669c12174a31224a38d6a4a094978334adaa5a107402a49188b36718fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 01:52:52 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Apr 2022 10:20:19 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA56-P6
Age
10775052
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
110933
X-Amz-Cf-Id
Qj0-VULu8uU_EOCwEj3m1jHUoUF3x265kT7UlLnz87hLM_KeXHUkZg==
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame F1BE 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fhairbarnyc.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
679947
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Oct 2022 18:57:05 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6738)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Full%20Color%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Color%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8d248d7b20f483d12aab6a2d7b0c4368905a335b0197264399364116a78575e2
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a09b-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
41115
X-XSS-Protection
1; mode=block
Full%20Keratin%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Keratin%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
47cf74023ea67e48cf5ae3105410a345d7a1731a36a4731ffb4c2fe24b5614e9
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"98c9-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
39113
X-XSS-Protection
1; mode=block
Full%20Botox%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Botox%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
30183eaedf8efef2154a65ceafe52c7e306d14af662525353946dd4e21a30c2e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"82be-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
33470
X-XSS-Protection
1; mode=block
Silk%20Touch%20Plus%20Keratin-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Plus%20Keratin-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8d8ae806000576e3adc0019caa9aa321fe0eb8b6a02fdd7c093222789ae38429
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2103-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8451
X-XSS-Protection
1; mode=block
Diamond%20Botox-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Diamond%20Botox-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bfae9defd1fcb1f58b1d13a3cd51799652e4cad815abb3de79b232dc3ea97acc
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"33bc-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
13244
X-XSS-Protection
1; mode=block
Single%20Process%20Color-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Single%20Process%20Color-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fa532b6e5e769269fd76cfc299fb5586889579654cdff65906627dcaf11adfa3
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3d15-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15637
X-XSS-Protection
1; mode=block
Single%20Premium%20Blowout-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Single%20Premium%20Blowout-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d99b7a32f6e554dc724bed1972ca255aec53bcf1aca5d37c0b7f0f16db050e39
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"342a-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
13354
X-XSS-Protection
1; mode=block
Tape%20Ins%20Extensions-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Tape%20Ins%20Extensions-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e83cf1da68603354b64842c3e6be4987d05c3d297f8c87aa11af437542101749
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"277a-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
10106
X-XSS-Protection
1; mode=block
Special%20Bundles-200x200.png
hairbarnyc.com/image/cache/catalog/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Special%20Bundles-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
176f5496d9c88e6efdc9505cc5dfe760d4a1ed84f9cc5db28fc79bdb5eb2f8d0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"982f-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
38959
X-XSS-Protection
1; mode=block
Ultimate_Repair_System-Collection-2-200x200.png
hairbarnyc.com/image/cache/catalog/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Ultimate_Repair_System-Collection-2-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bce7ef9c5c06b89d48dca6a0cc52316497a679b2786d58dff3a2967f1729dec1
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5776-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
22390
X-XSS-Protection
1; mode=block
silk_touch_Products-1-600x430-1-200x200.png
hairbarnyc.com/image/cache/catalog/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/silk_touch_Products-1-600x430-1-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3a7e2ded944ad36714476dda89b3ef4e971aa0f4bdd28760bc1af24235868e4f
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6bfa-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
27642
X-XSS-Protection
1; mode=block
Armorplex_Category-200x200.png
hairbarnyc.com/image/cache/catalog/2021/Products/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Products/Armorplex_Category-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b19bfb0602cf2db5514725e30830903f8df465bad4985a47a21ee13fc0f5b30b
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"847b-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
33915
X-XSS-Protection
1; mode=block
Styling%20and%20Finishing-200x200.png
hairbarnyc.com/image/cache/catalog/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Styling%20and%20Finishing-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fdabb92563f45ba0198dead28feede636b56dfe240bf7f6724304513f1e75c14
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3b4f-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
15183
X-XSS-Protection
1; mode=block
Silk-Touch-Plus-Keratin-16.9oz-2-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Silk-Touch-Plus-Keratin-16.9oz-2-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ac20cff7788fcc8e7b4481bb74af94cc8124f5fa8995241958b146999dba6e0a
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2d69-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
11625
X-XSS-Protection
1; mode=block
Silk_Touch_Keratin_16-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Silk_Touch_Keratin_16-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f635c8da789a719cca46fe518b01afda4c2ab8e4000fe8f933961bab4cdeba91
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2662-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
9826
X-XSS-Protection
1; mode=block
24_Karat_Keratin_32-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/24_Karat_Keratin_32-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0a9e95feff42c3fd452d8c8f91413992db137b173c40d6118d287bc2efdc1d32
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3cb5-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
15541
X-XSS-Protection
1; mode=block
Gel_Keratin-32-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Gel_Keratin-32-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
47ca3bff96c2752055b80f7a64c4af7a2249d90ee5402dd117f59b170e0d385d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3fd6-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
16342
X-XSS-Protection
1; mode=block
Blowout_Express_Keratin-16-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Blowout_Express_Keratin-16-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3f419012003369c70b253a0d6302e8075692c37e4b4b1cf9bae3595b5cada40a
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"244c-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
9292
X-XSS-Protection
1; mode=block
Pay-with-Sezzle.jpg
hairbarnyc.com/image/catalog/2021/Banners/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/2021/Banners/Pay-with-Sezzle.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bc2ca7df42c8bbd60e1af29d2895f9333614ec90f91db97446882cdf95fe6ec5
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:44:51 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"40972-5c9563bc9bac0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
264562
X-XSS-Protection
1; mode=block
24%20Karat%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/24%20Karat%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
384a6e769e58cae6581adfe67be8a75cacc8e51072508a6d69de4e6835d68391
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"423b-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
16955
X-XSS-Protection
1; mode=block
Silk%20Touch%20Plus%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Plus%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4a8c7b5701cec2f9e08c3fe9b65ea98a98eed6ed1ec16187e75ce173c932361d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"450b-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
17675
X-XSS-Protection
1; mode=block
Silk%20Touch%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2aeed5bed03ad488a73cb5981ef93f29ca50f2842d808dd278f6cc4a0884167e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"374d-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
14157
X-XSS-Protection
1; mode=block
Gel%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Gel%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3b490c29c79aedad43f8048c0824084902c1272b640ce21783a15120404ee92d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6500-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
25856
X-XSS-Protection
1; mode=block
Vegan%20Keratin%20Home%20Kit-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/Vegan%20Keratin%20Home%20Kit-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
131d6fd2fb63edf5bbd5f48e392216f63faf8bb4f3b72b68b3efb62a3f01e0c0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"626f-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
25199
X-XSS-Protection
1; mode=block
Premium%20Vegan%20Keratin%20Home%20Kit-min-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Premium%20Vegan%20Keratin%20Home%20Kit-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7ea3a4ded8a7123d33da95063c9cb5e1742daab1bcf5cf53ceb807b42f5da598
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"14840-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
84032
X-XSS-Protection
1; mode=block
Diamond%20Botox%20Home%20Kit-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Diamond%20Botox%20Home%20Kit-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2b61328f5f20fc6d829bc90237d707378f6375afd9330bc552c44a7671e7094e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"f067-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
61543
X-XSS-Protection
1; mode=block
Professional%20Hair%20Color%20Home%20Kit%20(2%20Tubes)-min-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Professional%20Hair%20Color%20Home%20Kit%20(2%20Tubes)-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b4f9eead135b83c8822c5851895141f0e549ad935fba7105c973e59e6b4cc6dc
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"12676-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
75382
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%201-min-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%201-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
211c52be0f8d03fda1e69119423164f14dabe610c081604bf9c2466582dd68d0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9d86-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
40326
X-XSS-Protection
1; mode=block
Silk%20Touch%20System%20Bundle%201-300x300.png
hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/Silk%20Touch%20System%20Bundle%201-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5e44dcae9822a7fe9a613eee73874bf064329a391e73336c02a1ab1da2e32a6d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Mon, 20 Jun 2022 19:18:07 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9544-5e1e5f6cba67e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
38212
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%202-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%202-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c909cf8834415ff0cb4ec417f124c2828ad5deed8a89078bf39098c4b0c020ba
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"c321-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
49953
X-XSS-Protection
1; mode=block
Silk%20Touch%20System%20Bundle%202-300x300.png
hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/Silk%20Touch%20System%20Bundle%202-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0f6bde3e83a3412a3eb6da89038d585712c8c0ff5b4e27791cd661ae3dce5f1d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Mon, 20 Jun 2022 19:18:49 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b70a-5e1e5f9459cab"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
46858
X-XSS-Protection
1; mode=block
config.json
cdn.acsbapp.com/cache/app/hairbarnyc.com/ 		159 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/hairbarnyc.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.185.239.105 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
41168bfd4c748648ff8fbd26dd1ee4fbefbb0de18de7521510d3382a567856c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:09 GMT
last-modified
Fri, 07 Oct 2022 18:56:18 GMT
etag
"9f-63407652-74745592487d5a5d;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
159
expires
Sat, 08 Oct 2022 18:57:10 GMT
settings
syndication.twitter.com/ Frame F1BE 		851 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ce2695264b8022c9286c1e43ab0fa30f700ae1ec
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fhairbarnyc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
120
date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 07 Oct 2022 18:57:05 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f7c1f7a2a83f561d
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
8ed216bd29e5c45d298acd5a2f84c26daac55cf5ce285c116823d0eafa47be01
content-length
355
button.php
hairbarnyc.ladesk.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=54332a99&p=__S__hairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
ce9c63189f63901b9faecb7c59dd864f816c0ec27f054b17fbb0e66fe57b498c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Fri, 07 Oct 2022 18:57:05 GMT
server
nginx
x-srv
7
age
0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-varnish
393151799
via
1.1 varnish (2.lb-app.la.linode-us-tx)
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/ Frame 2D8A 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/analytics.min.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b26c32545b3609e7948f670e156644f8d68d84558dd1181bab600fa711f64cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
GS.7Vcy7Do6pBRQGdyHBlvMR__FjQR0O
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date
Fri, 07 Oct 2022 18:57:07 GMT
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 31 Aug 2022 21:01:33 GMT
server
AmazonS3
etag
W/"2e23f139c3897bf0e18ed2cb38a8186f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
RXHvI-a36RgPbsmFh3saPw6TVAshpopqEiyIOgnHefIiJ947RPSRHw==
pendo.js
cdn.pendo.io/agent/static/183ec609-d20c-40fd-6d6f-af75d69e15ca/ Frame 2D8A 		475 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/183ec609-d20c-40fd-6d6f-af75d69e15ca/pendo.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:0:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e31bc12204ac45956939cb8b49f04f3f8af3d761126e4087eb7ed624918f82f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:54:37 GMT
Content-Encoding
gzip
Via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
Age
156
X-GUploader-UploadID
ADPycdt7lLStjGSjWVsDiZ8d-So5wkKpReGlMt2_CPvCOvSIyFnUP9A0EY8dvUV7ycIa3IqMAgqFlY8dHbkyw_sHpu4t
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
149654
Last-Modified
Thu, 06 Oct 2022 18:15:53 GMT
Server
UploadServer
ETag
"84392d30f1506158eaf1c319f7bec5a0"
Vary
Accept-Encoding
x-goog-generation
1665080153782368
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=3m1qsw==, md5=hDktMPFQYVjq8cMZ977FoA==
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
149654
Accept-Ranges
bytes
X-Amz-Cf-Id
BBvA00qBm04gt2zU0MjsZMPcyXBbs0khpVx6689opsHjwGp6L257Kw==
Expires
Fri, 07 Oct 2022 19:01:59 GMT
/
log.pinterest.com/ 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=stZhRM559RrH&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 07 Oct 2022 18:57:05 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
3
x-pinterest-rid
3898955111016066
content-length
0
x-served-by
cache-hhn4072-HHN
pragma
no-cache
server
envoy
x-timer
S1665169026.776310,VS0,VE94
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2D8A 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hirefrederick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:52:55 GMT
x-content-type-options
nosniff
age
345850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 18:52:55 GMT
published
hirefrederick.com/api/v1/locations/e18af810-45c8-47ad-9737-82c074ad49b9/reviews/ Frame 2D8A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hirefrederick.com/api/v1/locations/e18af810-45c8-47ad-9737-82c074ad49b9/reviews/published?per=5&page=1&titleHexColor=46ACC5&starHexColor=46ACC5
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.36.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-36-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
10ce191fd135865bda1f1894363e141febce92f87ece334907e303a02fe8d2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
XAIDV1FACQQDVlRWAwMOVg==
tracestate
84467@nr=0-1-84467-1834863796-ba1516f82c95eb74----1665169025757
traceparent
00-f5534f83df386ade48914dcf27e42fa1-ba1516f82c95eb74-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijg0NDY3IiwiYXAiOiIxODM0ODYzNzk2IiwiaWQiOiJiYTE1MTZmODJjOTVlYjc0IiwidHIiOiJmNTUzNGY4M2RmMzg2YWRlNDg5MTRkY2YyN2U0MmZhMSIsInRpIjoxNjY1MTY5MDI1NzU3fX0=
Accept
*/*
Referer
https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
X-Requested-With
XMLHttpRequest

Response headers

X-Runtime
0.074957
Date
Fri, 07 Oct 2022 18:57:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 vegur
Server
Cowboy
Etag
W/"ff1c2f321d72150a1c9f2cad5637d8cb"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
d3050595-777f-4909-a501-f94da7525f92
powered_by_mindbody-4aa8e59cc57d23a510194f27d8c08338.png
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 2D8A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/powered_by_mindbody-4aa8e59cc57d23a510194f27d8c08338.png
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-197.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
cc95bab64363493ebc9e7e26926d80dc92c14a6f0d4faa86e0b5a2d959fc9d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 06:15:02 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Aug 2020 18:04:27 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA56-P6
Age
3933723
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
jF8fT9y-BdqjgNgKshxFovQUzn9cYc4mH6m72e9mxtTCD6552euGiA==
fontawesome-webfont-6d890ade6e9cb1a5ef15cd29df077ee5.woff2
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 2D8A 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/fontawesome-webfont-6d890ade6e9cb1a5ef15cd29df077ee5.woff2
Requested by
Host: d34oxwxegf4jrt.cloudfront.net
URL: https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-197.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Origin
https://hirefrederick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 01:42:46 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P6
Age
27450859
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 29 Jan 2018 01:32:00 GMT
Server
Cowboy
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Vary
Accept-Encoding
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
2omjyt-NXVRphBwnr54G9V8A0FZuoG1lI-iinrSqLPYniPGQvHcs1w==
visit-data
in.hotjar.com/api/v2/client/sites/2139383/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2139383/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f0cd1ed70b545da08b60.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.254.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-254-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263

Request headers

Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
generateWidget.php
hairbarnyc.ladesk.com/scripts/ Frame 1A42 		54 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
534c31edb9a5ab10003cc6735092302a8aaddc2ab5dd916f79afa8616b579ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 07 Oct 2022 18:57:05 GMT
expires
Sun, 01 Jan 2023 08:00:00 GMT
last-modified
Tue, 01 Jan 2008 08:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
x-srv
5
x-varnish
386859997
generateWidget.php
hairbarnyc.ladesk.com/scripts/ Frame 9ED6 		28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
18bbb1281b84f9db35a90d5f90249b2506a95747fe665cec7262f67fdc90d98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 07 Oct 2022 18:57:05 GMT
expires
Sun, 01 Jan 2023 08:00:00 GMT
last-modified
Tue, 01 Jan 2008 08:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
x-srv
5
x-varnish
389679696
track_visit.php
hairbarnyc.ladesk.com/scripts/ 		267 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=txbhd7sr5hf7jaaprb6swog6bjr1u&S=ohabcdpdycragoqjp30ryn9d87yjp&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&url=__S__hairbarnyc.com%2F&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
3ae20c0f831facab6713050ce8d1044f3c40a23136ec49ca0f1d839d63e6c848
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
date
Fri, 07 Oct 2022 18:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Fri, 07 Oct 2022 18:57:05 GMT
server
nginx
x-srv
1
age
0
vary
Accept-Encoding
content-type
application/javascript
x-varnish
386666156
via
1.1 varnish (2.lb-app.la.linode-us-tx)
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
chat.css
hairbarnyc.ladesk.com/themes/embedded_chat/ascent/ Frame 1A42 		127 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/themes/embedded_chat/ascent/chat.css?v=5.32.4.23
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
3f855113da49924a40487a683583b96c826b0eb2b7ac29a7414edf0ff5487bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
6
age
1659
content-length
23819
last-modified
Wed, 05 Oct 2022 08:35:54 GMT
server
nginx
etag
"1fcd0-5ea457704ce80"
vary
Accept-Encoding
content-type
text/css
x-varnish
393216903 374574536
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 14 Oct 2022 18:29:26 GMT
bundle-e4eb80eb06d32a141adf.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 1A42 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-e4eb80eb06d32a141adf.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
0a9a8d460e3b6101c915063c1c4b0f072d6e8e08dfa38ad9b7aaa4aa714ed3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
2
age
0
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
etag
W/"e6e-5ea45762f2f00"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
380737335
cache-control
max-age=21600
accept-ranges
bytes
expires
Sat, 08 Oct 2022 00:57:06 GMT
stringutils-1c67882e50e69f7d49a8.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 1A42 		221 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-1c67882e50e69f7d49a8.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
d5a4f231ce316960fb8c6f172d5636d90a6bfee1b98e512d59aa4d73daeaa551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
2
age
0
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
etag
W/"37312-5ea45762f2f00"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
380767989
cache-control
max-age=21600
accept-ranges
bytes
expires
Sat, 08 Oct 2022 00:57:06 GMT
contact.css
hairbarnyc.ladesk.com/themes/contact/ascent/ Frame 9ED6 		121 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/themes/contact/ascent/contact.css?v=5.32.4.23
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
fbc544f4be3093dde5aa96a06a8c93ad891cba9c007cf9e141ea2967c6ba268c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
5
age
1729
content-length
38567
last-modified
Wed, 05 Oct 2022 08:35:54 GMT
server
nginx
etag
"1e46a-5ea457704ce80"
vary
Accept-Encoding
content-type
text/css
x-varnish
380737338 373688737
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 14 Oct 2022 18:28:16 GMT
bundle-e4eb80eb06d32a141adf.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 9ED6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-e4eb80eb06d32a141adf.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
0a9a8d460e3b6101c915063c1c4b0f072d6e8e08dfa38ad9b7aaa4aa714ed3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
2
age
0
content-length
1688
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
etag
W/"e6e-5ea45762f2f00"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
393216905 380737336
cache-control
max-age=21600
accept-ranges
bytes
expires
Sat, 08 Oct 2022 00:57:06 GMT
stringutils-1c67882e50e69f7d49a8.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 9ED6 		221 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-1c67882e50e69f7d49a8.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
d5a4f231ce316960fb8c6f172d5636d90a6bfee1b98e512d59aa4d73daeaa551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
2
age
0
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
etag
W/"37312-5ea45762f2f00"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
387024310 380767990
cache-control
max-age=21600
accept-ranges
bytes
expires
Sat, 08 Oct 2022 00:57:06 GMT
file.php
hairbarnyc.ladesk.com/scripts/ Frame 9ED6 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.ladesk.com/scripts/file.php?view=Y&file=gutc2usl24h13340ioseo5veifz5nunm
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.32.4.23&t=1665080088&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
6b09a83839192e3e4b4c27c4610cd63099e27f6d25079965409b109a17af476b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-srv
4
age
0
vary
Accept-Encoding
content-type
image/png
x-varnish
388760647
cache-control
max-age=36000
content-disposition
filename="Logo 2019.png"
accept-ranges
bytes
content-length
11942
expires
Fri, 07 Oct 22 21:57:06 -0700
bus.html
1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/ Frame AEBA 		315 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 07 Oct 2022 18:57:06 GMT
etag
W/"633d41e0-13b"
last-modified
Wed, 05 Oct 2022 08:35:44 GMT
server
nginx
settings
cdn.segment.com/v1/projects/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/ Frame 2D8A 		702 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/settings
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6ec9ef99e7af060bd8be117b76faeab0de6a02541ef27d4d7aabe7b67688254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
tiBSw15sR0L12gc.WJ4BiOTTO8pQ.VAj
date
Fri, 07 Oct 2022 18:52:08 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1343
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
702
last-modified
Thu, 15 Sep 2022 02:05:56 GMT
server
AmazonS3
etag
"db19dbb9829a3baa6cf27b4bab904a50"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LUxfrv6rJYY5JABofjelvO71DpTlAi2NIyh0KRCtHiUXX5TEzp1HMg==
p
api.segment.io/v1/ Frame 2D8A 		21 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.186.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-186-189.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://hirefrederick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hirefrederick.com
date
Fri, 07 Oct 2022 18:57:06 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
postmessage_bundle.js
1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/ Frame AEBA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/postmessage_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
faa8e9370329c0b337f2c2dbbac451c8a5444d45f742f9acec42465452a87eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
accept-ranges
bytes
etag
"633d41dc-82a"
content-length
2090
content-type
application/javascript
pushstream_bundle.js
1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/ Frame AEBA 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/pushstream_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
accept-ranges
bytes
etag
"633d41dc-50d0"
content-length
20688
content-type
application/javascript
bus_bundle.js
1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/ Frame AEBA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/bus_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
last-modified
Wed, 05 Oct 2022 08:35:40 GMT
server
nginx
accept-ranges
bytes
etag
"633d41dc-8ca"
content-length
2250
content-type
application/javascript
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame 2D8A 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Fri, 07 Oct 2022 18:57:06 GMT
x-amz-request-id
VGC0B6NGF5V55XCK
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
IyIOfDU0wT1MtOdgtmHRH+hfmC8fGK8skPJA1yBww4yS9qomgwEOyX05qtEg/oun0eEPmdECOGM=
x-served-by
cache-hhn4033-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1665169027.524867,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9728
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/ptm.gif/ Frame 2D8A 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/183ec609-d20c-40fd-6d6f-af75d69e15ca?v=2.155.1_prod&ct=1665169026492&jzb=eJzlkj1v2zAQQP9KwcGTbIn6-jAgFG6aoUsawElgNygIijrLhGlRICk7auD_npPdGAWKdutUTuTx9HT3eM-vxA0dkDnZg-PEI5XRRwuGObnHKE3ThKZFEKZxnnrkIK102jBZ4wfs_vbu81f2wOjd9iWy6Y_dJkIAF0L3rTvntL1SHumNwvStc52d-_5WGtgYqMFIsZsJvfePsm7A-QYOEo4flRbcSd0ioASa801Og2mciHwaZ7yeFlmUTfNQBFnM67ioikmH1Xa8gTKZKD7o3pWCG91bUJOKi12D-7YuN-c1cdIpYFt4YUIrbco4XdzcJBPruPktis10RneWzF_fOx-3SEY9F2mLVrfDHn_24elngkcUb5se68FraNnjEkN_9nW6CkM0HjpuoHWLX0M1dyMryHwa-GEQhgg8gLHoCMPhjCbJjDKstB5pF8ADr75c_bvLgazuTf8ULVWzrCp6aFbI2Ri-h_Pl2nY0HBafvq30en07PI6jMDjA5pMoP3nXMVGa138dk-x_HpPRzruTvEhnYXBecZbmEYqRlp2Nk7kzPfyT14ppdvr-BsNRQ6c
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/guide.js/ Frame 2D8A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/183ec609-d20c-40fd-6d6f-af75d69e15ca?jzb=eJx1kEtrwzAQhP9K0cGnOH7Ejp2AKSHtoZe00MdVbKS1LaxIRpbzaMl_z6aUUCjVafVpGO3MF9urQXnrniRbMv7yuHl45m882bTH2TD_7OoZmzAQwo7GXyVm1HrCRqdJ3XrfD8soapXD2qFEp0Q3FXYXHZRs0EcO9woP99oK8MoarmSFSQl1mcRhlosyzAqQ4aKYFWGZirjIQGaL7SLo0fEeGqzyQMPJjr4S4Ow4oA62ILqGZiOr-vsEXnmNvMUjF1ZbV2Xz1XqdB4MH94dSlh16kOCBLW_RryOZO-5PPVKulbHmtKP_7j5-BBOmwTQjrUTPaPj7KyH1b2PnW2VkTZceHBq_-o1ohatXXERJHKVxmpLhHt1ANRFOp0meTxPeOyvZ-XwBYlGNAQ&v=2.155.1_prod&ct=1665169026494
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
6fb19ce6e326f0dffcfe2a0dfcd8aafe64838eeaa450b84b293c839cfd11a720
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
access-control-max-age
600
vary
Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/guide.gif/ Frame 2D8A 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/guide.gif/183ec609-d20c-40fd-6d6f-af75d69e15ca?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1665169026495&v=2.155.1_prod
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
169e250927
bam.nr-data.net/1/ Frame 2D8A 		49 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/169e250927?a=1732544290&v=1216.487a282&to=dFsMRkpZCFlTER0TC1NTB0YXRAFDXwZF&rst=1964&ck=1&ref=https://hirefrederick.com/widget/review&qt=2&ap=10&be=436&fe=1897&dc=1174&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665169024576,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:14,%22c%22:14,%22s%22:114,%22ce%22:219,%22rq%22:219,%22rp%22:334,%22rpe%22:434,%22dl%22:336,%22di%22:1174,%22ds%22:1174,%22de%22:1184,%22dc%22:1896,%22l%22:1896,%22le%22:1897%7D,%22navigation%22:%7B%7D%7D&fp=1193&fcp=1193&jsonp=NREUM.setToken
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:06 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7568dc500e079054-FRA
v2
1-vbus-us-tx.ladesk.com/5_32_4_23/u97179_0b9d/txbhd7sr5hf7jaaprb6swog6bjr1u/event/lp/ Frame AEBA 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_32_4_23/u97179_0b9d/txbhd7sr5hf7jaaprb6swog6bjr1u/event/lp/v2?channels=5be5ce608a_vb_ohabcdpdycragoqjp30ryn9d87yjp&tag=0&time=Fri%2C%2007%20Oct%202022%2014%3A47%3A06%20GMT&eventid=&_=1665169026692
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_32_4_23/static/webpack/js_bundle/pushstream_bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_32_4_23/scripts/lib/bus.html?v=5.32.4.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
last-modified
Fri, 07 Oct 2022 14:47:06 GMT
server
nginx
etag
W/0
content-type
application/octet-stream
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
ipinfo.io/ 		274 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/facebook_business/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
79419e609e46e1f5755d6561061fcf67c802e7f740597ef8f7996fb7a740482e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Oct 2022 18:57:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
via
1.1 google
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
favicon.ico
favicon.click/ 		0
0
169e250927
bam.nr-data.net/events/1/ Frame 2D8A 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/169e250927?a=1732544290&v=1216.487a282&to=dFsMRkpZCFlTER0TC1NTB0YXRAFDXwZF&rst=2685&ck=1&ref=https://hirefrederick.com/widget/review
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://hirefrederick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 07 Oct 2022 18:57:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://hirefrederick.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7568dc546f4e9054-FRA
Content-Length
24
ORYA%20Web.jpg
hairbarnyc.com/image/catalog/2021/Banners/ 		176 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/2021/Banners/ORYA%20Web.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:44:50 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9b34d-5c9563bba7880"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
635725
X-XSS-Protection
1; mode=block
Blowout%20Express%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Blowout%20Express%20Keratin-300x300.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
498351efd313c7294dfcf1198cfe019e9215a35a59af9453e716644d08e4d098
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6101-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
24833
X-XSS-Protection
1; mode=block
Professional%20Hair%20Color%20Basic%20Kit%20-%201%20Tube-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/Professional%20Hair%20Color%20Basic%20Kit%20-%201%20Tube-300x300.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f0be079c801e725cd6b842f842f9047670898fc083b7358a57dcf8f530848238
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6f7d-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
28541
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%203-min-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%203-min-300x300.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f2d908e27c7852b0e9d5877861de61d7f73f2ca9b5e0c41464553a83fb9b3ed1
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 07 Oct 2022 18:57:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9e75-5c95676429a00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
40565
X-XSS-Protection
1; mode=block
en.build.json
cdn.acsbapp.com/cache/app/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
favicon.click
URL
https://favicon.click/favicon.ico
Domain
cdn.acsbapp.com
URL
https://cdn.acsbapp.com/cache/app/en.build.json

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hj object| _hjSettings function| $ function| jQuery object| twttr function| gtag object| dataLayer function| fbq function| _fbq number| isFacebookPixelInHeaderAdded number| isFacebookPixelAdded function| facebook_loadScript string| pixel_script_filename number| isFacebookCustomerChatInHeaderAdded number| isFacebookCustomerChatAdded function| getURLVar function| pav_calculateYoutubeHeight function| updateMiniBasket object| cart object| voucher object| wishlist function| openPopupCompare object| compare function| Swiper object| Weglot object| FRED object| button_n number| prod_id object| button_wish number| PIN_19272 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB object| __twttrll object| __twttr object| PIN_1665169024636 string| value object| key object| PinUtils object| gaplugins object| gaGlobal object| gaData object| __buffer function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| openPopUp object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| GoogleAnalyticsObjects function| WDjI boolean| ll function| QZDMI object| cookieconsent object| _facebookAdsExtension function| Checkout object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| left string| right string| cartname string| center function| _toConsumableArray function| _0x26c6 function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _0x3674 object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker function| init_button_54332a99 object| widgets number| widgetsLength string| l1ll string| gt

21 Cookies

Domain/Path Name / Value
hairbarnyc.com/ Name: OCSESSID
Value: ed449a960913b99521177468b5
.hairbarnyc.com/ Name: language
Value: en-gb
.hairbarnyc.com/ Name: currency
Value: USD
.hairbarnyc.com/ Name: _gcl_au
Value: 1.1.969328521.1665169025
.hairbarnyc.com/ Name: _ga
Value: GA1.2.647259386.1665169025
.hairbarnyc.com/ Name: _gid
Value: GA1.2.644768608.1665169025
.hairbarnyc.com/ Name: _gat_gtag_UA_165298320_1
Value: 1
hairbarnyc.com/ Name: __session:0.7431008389439635:
Value: https:
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hairbarnyc.com/ Name: _fbp
Value: fb.1.1665169024815.1997575767
hairbarnyc.com/ Name: LaVisitorNew
Value: Y
.hairbarnyc.com/ Name: LaVisitorId_aGFpcmJhcm55Yy5sYWRlc2suY29tLw
Value: txbhd7sr5hf7jaaprb6swog6bjr1u
hairbarnyc.com/ Name: LaSID
Value: ohabcdpdycragoqjp30ryn9d87yjp
.hairbarnyc.com/ Name: _hjSessionUser_2139383
Value: eyJpZCI6ImUyNTI3NzlmLTZhNmItNTZmZi1hNWVmLTg2ZWRlMzRjZTg2YSIsImNyZWF0ZWQiOjE2NjUxNjkwMjU3MzMsImV4aXN0aW5nIjpmYWxzZX0=
.hairbarnyc.com/ Name: _hjFirstSeen
Value: 1
hairbarnyc.com/ Name: _hjIncludedInSessionSample
Value: 0
.hairbarnyc.com/ Name: _hjSession_2139383
Value: eyJpZCI6ImQ0MDcxNGZmLTY3MzMtNDMzNS05NzIwLTI3N2VmZGFmYWUwMiIsImNyZWF0ZWQiOjE2NjUxNjkwMjU3NzAsImluU2FtcGxlIjpmYWxzZX0=
hairbarnyc.com/ Name: _hjIncludedInPageviewSample
Value: 1
.hairbarnyc.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
hirefrederick.com/ Name: _app_session
Value: ei9wR2lmTHdOVjlyc2pDUUlZLytPcFQ2UFlreHJZM3lwVXZIOStOaDRBeGZnYWpVc0R2WFEyODlDYWJOOVhDUk8vbmJkcTVtcm5ndEsyYU93a0NIMDQwWU1DVHJHQ1BNNjFPWXhlVmxCVThPdzh0NFdYUUpiLzVCcTBtZTBhM1ktLWJUL1UzT2NGNmJsWTdtSEsyK1d5MGc9PQ%3D%3D--dc921be7249322b83af69906a4b5708a7a6f4416
.nr-data.net/ Name: JSESSIONID
Value: c9bd8300173c579f

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.weglot.com/projects-settings/df0392f6336a9a6a7934a3e7a2f4a5176.json
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-vbus-us-tx.ladesk.com
acsbapp.com
api.segment.io
assets.pinterest.com
bam.nr-data.net
cdn.acsbapp.com
cdn.pendo.io
cdn.segment.com
cdn.weglot.com
checkout-sdk.sezzle.com
connect.facebook.net
d1yw3duy3i4qiv.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
data.pendo.io
favicon.click
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hairbarnyc.com
hairbarnyc.ladesk.com
hirefrederick.com
in.hotjar.com
ipinfo.io
js-agent.newrelic.com
log.pinterest.com
platform.twitter.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
cdn.acsbapp.com
favicon.click
104.244.42.72
108.138.2.197
138.128.247.123
142.250.186.130
143.204.101.194
147.185.239.105
151.101.0.84
151.101.194.137
162.247.241.14
18.205.36.100
18.66.115.169
18.66.147.113
18.66.97.53
2001:4860:4802:34::178
2600:9000:214f:2400:1:28b3:b280:93a1
2600:9000:223c:3600:18:f6c:8f00:93a1
2600:9000:223f:0:1f:aa31:7740:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a02:26f0:480:385::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.107.204.85
34.117.59.81
35.155.45.56
45.79.6.119
52.222.236.63
52.31.254.154
54.214.186.189
72.14.190.90
006ad9acebfd5e568772f008ffda22b8cdbd31a184113a9eeffe3a9e2ab9846f
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
01a4c62841de76e1e79aa4808c467b7cb2c1d79160e6cb1ca3a6406448b7ca91
093c8a07828c49147695500f8556d841e3cc58fe03757de3980b24e26476dce3
097762e17dbb88a99952c1e62a88133daa90c65ccd10d5d36bb969999dedb006
0a9a8d460e3b6101c915063c1c4b0f072d6e8e08dfa38ad9b7aaa4aa714ed3ff
0a9e95feff42c3fd452d8c8f91413992db137b173c40d6118d287bc2efdc1d32
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f6bde3e83a3412a3eb6da89038d585712c8c0ff5b4e27791cd661ae3dce5f1d
10ce191fd135865bda1f1894363e141febce92f87ece334907e303a02fe8d2c3
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
130054ee6b7b0e6def9d2cce971e2b8799ef3a80adc4623c9f72972ee9a2fe63
131d6fd2fb63edf5bbd5f48e392216f63faf8bb4f3b72b68b3efb62a3f01e0c0
160ce669c12174a31224a38d6a4a094978334adaa5a107402a49188b36718fe9
176f5496d9c88e6efdc9505cc5dfe760d4a1ed84f9cc5db28fc79bdb5eb2f8d0
18bbb1281b84f9db35a90d5f90249b2506a95747fe665cec7262f67fdc90d98f
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
211c52be0f8d03fda1e69119423164f14dabe610c081604bf9c2466582dd68d0
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
28e6cf5d0bec1578e5bbfe8544b2f4f9905eb1fce42c2ae02e244a1bf8984eae
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aeed5bed03ad488a73cb5981ef93f29ca50f2842d808dd278f6cc4a0884167e
2b61328f5f20fc6d829bc90237d707378f6375afd9330bc552c44a7671e7094e
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
2ed0fcd6244f5b835e07c68794b3aea7f4bb21327f512bcb7f01f7e801273d52
30183eaedf8efef2154a65ceafe52c7e306d14af662525353946dd4e21a30c2e
34115179b64f10cbd600e5035c6b5f892424590fcbae2806572b4fdb931f84b7
372825561a5f01dae1e31334179ac97e45fec38626a54d38f43b7f87a580c9dc
384a6e769e58cae6581adfe67be8a75cacc8e51072508a6d69de4e6835d68391
3a6683c20e1244386cfbad35727983e3ef30766220b455ab3e94da24740bef09
3a7e2ded944ad36714476dda89b3ef4e971aa0f4bdd28760bc1af24235868e4f
3a904b29c6342ace2d9a8a0f78106e580254479d06db362fab2fd028a9ff6a36
3ae20c0f831facab6713050ce8d1044f3c40a23136ec49ca0f1d839d63e6c848
3b490c29c79aedad43f8048c0824084902c1272b640ce21783a15120404ee92d
3df9da830a80a6415ea0e3a3dc58573e2e87308ed029a9f32b96fa89afdcbd41
3ec353e3e0c9d344f56093a383bfae444d46820a785689d200dd1cf0e5aa9cae
3ee12b59d96390203e8dd31103aac0bb408e569e2dff5d3a60dc156541de2cba
3f419012003369c70b253a0d6302e8075692c37e4b4b1cf9bae3595b5cada40a
3f71bd27a0417d982a74bd4159a9da32a47d2e92dbfbebb205cc6dec27dd12e6
3f855113da49924a40487a683583b96c826b0eb2b7ac29a7414edf0ff5487bf9
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
41168bfd4c748648ff8fbd26dd1ee4fbefbb0de18de7521510d3382a567856c6
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
47ca3bff96c2752055b80f7a64c4af7a2249d90ee5402dd117f59b170e0d385d
47cf74023ea67e48cf5ae3105410a345d7a1731a36a4731ffb4c2fe24b5614e9
498351efd313c7294dfcf1198cfe019e9215a35a59af9453e716644d08e4d098
4a8c7b5701cec2f9e08c3fe9b65ea98a98eed6ed1ec16187e75ce173c932361d
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263
4c19359ee09e71c2da70f46963267cebd584d9104fd6f52e644b94131faab079
534c31edb9a5ab10003cc6735092302a8aaddc2ab5dd916f79afa8616b579ae6
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5bf2859943db8c23d49f38e44084400723325b81efd52c0ef8d2f8a9faf05644
5e44dcae9822a7fe9a613eee73874bf064329a391e73336c02a1ab1da2e32a6d
6b09a83839192e3e4b4c27c4610cd63099e27f6d25079965409b109a17af476b
6b26c32545b3609e7948f670e156644f8d68d84558dd1181bab600fa711f64cc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
6fb19ce6e326f0dffcfe2a0dfcd8aafe64838eeaa450b84b293c839cfd11a720
716bfd95f947c1cb2dc2c76bd0ac3e9002e4c4632b5ad973ff8656a06eaa30dd
7528d63cb5065f0c35f595556c6ebbf65e1a6c3dfb2c050dff74b05181211237
79419e609e46e1f5755d6561061fcf67c802e7f740597ef8f7996fb7a740482e
7e1707adc4e5f5c053055b95d49f4a12f05271a9fb3645049c4296cf6f96a248
7ea3a4ded8a7123d33da95063c9cb5e1742daab1bcf5cf53ceb807b42f5da598
80ba68989d275f8cda9f6e5aa720ac2fd242a32803608011a9ce505e463fd915
8424eb8408ed269ed1acede0db0a6299379e684f1f1d6032dee5042c9a7f54a4
8662b9efaf4e7baadfdc51b0a0a133cca8c7670e354d155580a74b2184de2317
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d248d7b20f483d12aab6a2d7b0c4368905a335b0197264399364116a78575e2
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d8ae806000576e3adc0019caa9aa321fe0eb8b6a02fdd7c093222789ae38429
987c59280847b3530eef6c1bc94beeea487adf7480a780576eddf822dd8c4fe9
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
aba1b5b9023efc5fb5c9d5e5db51a68478893dc2b7da6bf88eb9ff873fefb3c2
ac20cff7788fcc8e7b4481bb74af94cc8124f5fa8995241958b146999dba6e0a
b19bfb0602cf2db5514725e30830903f8df465bad4985a47a21ee13fc0f5b30b
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f9eead135b83c8822c5851895141f0e549ad935fba7105c973e59e6b4cc6dc
b6ec9ef99e7af060bd8be117b76faeab0de6a02541ef27d4d7aabe7b67688254
b71bfa2b85ba536a5bb626ae4300adac0c24ed00fd15bf8ebc004241708532bf
b8e3df20c30eda9d967baf6ff346703387a10eca337bda7bf8f37f36ee8e25db
baf2b8f7bd353acb57e89dd6329f8824928080e26927e281771930ed7ae439d3
bbb88a0ad5debf8c3f2e9a143c130ef998ee756a5ff51950953b103e1d264f86
bc2ca7df42c8bbd60e1af29d2895f9333614ec90f91db97446882cdf95fe6ec5
bce7ef9c5c06b89d48dca6a0cc52316497a679b2786d58dff3a2967f1729dec1
bd23cf2375e878249436f9dc1336b6a141a50f0d8609931151449cfccad46bc8
bfae9defd1fcb1f58b1d13a3cd51799652e4cad815abb3de79b232dc3ea97acc
c909cf8834415ff0cb4ec417f124c2828ad5deed8a89078bf39098c4b0c020ba
cc95bab64363493ebc9e7e26926d80dc92c14a6f0d4faa86e0b5a2d959fc9d05
ce9c63189f63901b9faecb7c59dd864f816c0ec27f054b17fbb0e66fe57b498c
cefeea6edc2bd77939df6d1d32689376d1ca0131c37a4e412a5bd4ec7c477d20
d4bcac43603c7560bc9a6b8f76eba9b19b18528a893c6ebc9c6dbc28709e69b6
d506e94d6ec365ea49e9da425ca4d7b09966f98d47dadfe2c4ae5b2c119403f6
d5a4f231ce316960fb8c6f172d5636d90a6bfee1b98e512d59aa4d73daeaa551
d99b7a32f6e554dc724bed1972ca255aec53bcf1aca5d37c0b7f0f16db050e39
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
daee2286a0787382ab04909bc40a686c252d806554a9a5cb565cd09d1674cb67
dc44abc21e44b612d2fbafd5da2a3b7121b9a8c91bc099ecc4e66cc1a8442627
dc8cef618503b8020c75140ab068070fe5a4a1fad3a4d88997db35da1865338a
ddeab20d440fba6770815144dad4ee6a3832e42b4535b2c800d87fc269b21455
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e31bc12204ac45956939cb8b49f04f3f8af3d761126e4087eb7ed624918f82f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83cf1da68603354b64842c3e6be4987d05c3d297f8c87aa11af437542101749
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0be079c801e725cd6b842f842f9047670898fc083b7358a57dcf8f530848238
f2d908e27c7852b0e9d5877861de61d7f73f2ca9b5e0c41464553a83fb9b3ed1
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f635c8da789a719cca46fe518b01afda4c2ab8e4000fe8f933961bab4cdeba91
fa532b6e5e769269fd76cfc299fb5586889579654cdff65906627dcaf11adfa3
faa8e9370329c0b337f2c2dbbac451c8a5444d45f742f9acec42465452a87eb3
fbc544f4be3093dde5aa96a06a8c93ad891cba9c007cf9e141ea2967c6ba268c
fdabb92563f45ba0198dead28feede636b56dfe240bf7f6724304513f1e75c14