hairstylesweekly.com Open in urlscan Pro
104.21.13.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hairstylesweekly.com/
Effective URL:
https://hairstylesweekly.com/
Submission: On April 01 via manual (April 1st 2021, 7:17:05 pm UTC) from US

Summary HTTP 90 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 90 HTTP transactions. The main IP is 104.21.13.216, located in United States and belongs to CLOUDFLARENET, US. The main domain is hairstylesweekly.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.

This is the only time hairstylesweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	104.21.13.216 104.21.13.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:710... 2a02:26f0:7100:1a4::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.67.38.97 172.67.38.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:212... 2600:9000:2127:8c00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:2182:c400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	52.29.155.194 52.29.155.194	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
90	19

24 104.21.13.216 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hairstylesweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1a4::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)

statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2127:8c00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:c400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.155.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	334 KB
24	hairstylesweekly.com 1 redirects hairstylesweekly.com	218 KB
8	doubleclick.net googleads.g.doubleclick.net	70 KB
7	sharethis.com ws.sharethis.com l.sharethis.com	66 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	googletagservices.com www.googletagservices.com	100 KB
3	pinterest.com assets.pinterest.com log.pinterest.com	19 KB
2	google.de adservice.google.de	2 KB
2	facebook.net connect.facebook.net	60 KB
2	statcounter.com statcounter.com c.statcounter.com	13 KB
1	googleapis.com fonts.googleapis.com	675 B
1	googleadservices.com partner.googleadservices.com	647 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
90	15

	Domain	Requested by
24	hairstylesweekly.com	1 redirects hairstylesweekly.com ajax.cloudflare.com
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net hairstylesweekly.com
11	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hairstylesweekly.com
5	ws.sharethis.com	ajax.cloudflare.com ws.sharethis.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	l.sharethis.com	ws.sharethis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	hairstylesweekly.com connect.facebook.net
2	assets.pinterest.com	ajax.cloudflare.com assets.pinterest.com
1	log.pinterest.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	c.statcounter.com	statcounter.com
1	statcounter.com	ajax.cloudflare.com
1	ajax.cloudflare.com	hairstylesweekly.com
90	21

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-23` - `2021-07-23`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://hairstylesweekly.com/
Frame ID: 19FC1EC848F133ABE1CD1C33739C84D7
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Frame ID: E1224249992C0F7050EFF8A4F29324FC
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 532ABDCA2C17047BDC1B3DC0575CB6BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&adk=1812271804&adf=3025194257&lmt=1617304609&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhairstylesweekly.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617304609404&bpp=11&bdt=154&idt=92&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6414311335539&frm=20&pv=2&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
Frame ID: 895B7EF3827F82AA92CBB547F8246B02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=280&adk=3316573064&adf=2104864472&w=336&lmt=1617304609&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=ffffff&color_link=cb1b7c&color_text=cccccc&color_url=cccccc&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&wgl=1&dt=1617304609416&bpp=5&bdt=166&idt=105&shv=r20210329&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gCdOBCr77K&p=https%3A//hairstylesweekly.com&dtd=109
Frame ID: 25A5E4627BAFD6A2448EEAA3E987BD04
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AE6A78DC98D00EDFE2E1D32C102D612D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10
Frame ID: 74A488E9A24AC06860C374CF1DC4DECC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: E22E5C35BF680698B94DDC24E25B8D9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html
Frame ID: 2D9AEA7DFF97C29F1F28F7D460DB58EB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CrjaDIRxmYKDnKZiMmLAPxpqG2A2OkoqOYoKC6a-4CZSFuNqyHBABIJ3amBNglQKgAfKylugDyAEJqAMByANIqgTAAU_QfkLO0YlhgrFnLuqJr5u6yGbhOqL8GNYOIfoVisGcOznebYfpHARmhNVQVxuE3Zg_KhT-m4KzfKeevzzwfdHGMCMsNc57AQF7Rrrh9LYxiuLJJgRhVw3Jh_iKsZBKj8f3TouBlhZwx5JgwfS7XFOVVbux-b_BypVtLaLBzf1sg0Jhvzqo2ea7xXtGTsab0WUq6XNMMW_5cz5BjFb77DZHiEnSd_uh_Ogr-U4jL1nRz25hohQK-miZSAjgWEc4SsAEurmd_3GSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH9szpF6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCE2gXSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItMjg4ODIyMjkyMDg3MDMyOA&sigh=KFH3JggRE8A&template_id=419&tpd=AGWhJmt4uqX-VyZSr0SejoRRJRqflaTI-6p2jfDXhwdCpifUgQ
Frame ID: E0DCFD7683CA7BD25AF4755984F7AA8F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6D5AFF0DF88B152F3E522617568C870B
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 901EFB19C3221590A8CA3AAA5034B7D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hairstylesweekly.com/ HTTP 301
https://hairstylesweekly.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

90
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

949 kB
Transfer

2433 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hairstylesweekly.com/ HTTP 301
https://hairstylesweekly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hairstylesweekly.com/
Redirect Chain

http://hairstylesweekly.com/
https://hairstylesweekly.com/

63 KB
10 KB

560ms
521ms

Document
text/html

104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.16
Resource Hash: 1f77816a0968164c2e1f76cabf131b4a85cc953a633d6078cc28729a0ecd3eef

Request headers

:method: GET
:authority: hairstylesweekly.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de520b638056ad8243f3a3d2332d0c2d21617304608; expires=Sat, 01-May-21 19:16:48 GMT; path=/; domain=.hairstylesweekly.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/7.4.16
cf-cache-status: DYNAMIC
cf-request-id: 093076f7e10000c8532e03e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dg9N3RZrDmN2jmk9CA08XPlbU7UljN%2B%2FMoQ3FphwVVuSrygUClHXmdxf6GGB3ktL8SI3ib1e0%2BrbNcOImg3IvXoE9Y3ik3r7kf1RTMG9nYHCJqVfKg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6394276c9d63c853-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 01 Apr 2021 19:16:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Apr 2021 20:16:48 GMT
Location: https://hairstylesweekly.com/
cf-request-id: 093076f79700004bf4499f4000000001
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ML%2BfxBxQaYkQ4pg0aXekeFyVO8J4ylH44OprcLUbinyKIC08T8%2FZhEYW7MigYaI6KiH00Ir0SvMmYlY3u8RDdKBU3uozOagoZttEW5q5tDPu%2BG34uQ%3D%3D"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6394276c2f334bf4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f9r5q.css
hairstylesweekly.com/wp-content/cache/wpfc-minified/lozv9tj0/ 7 KB
2 KB 28ms
28ms Stylesheet
text/css 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/lozv9tj0/f9r5q.css
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25892bb37ba904642ad5c16db5a584718bffddda523a26dfc9ddb842eaa5e4a

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41049
cf-polished: origSize=7663
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093076f9ee0000c85310804000000001
last-modified: Sat, 27 Mar 2021 00:52:52 GMT
server: cloudflare
etag: W/"605e81e4-1def"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dANETjNFvmKkb7oR3qe7axx%2BeJqc04HLH7X2tXqGrlwplT8Vr%2FMazAcq0SFFB%2FeyCCPDKgGtWdTaQOf6TdtvjWD0sMPbYwVlnkNuK5jd%2BpXN5k0QyQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6394276feb96c853-AMS
expires: Thu, 01 Apr 2021 15:02:34 GMT

GET
H2 200 f9r5q.css
hairstylesweekly.com/wp-content/cache/wpfc-minified/2nj3uo0c/ 217 KB
55 KB 53ms
53ms Stylesheet
text/css 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/2nj3uo0c/f9r5q.css
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb7a17945aaeb59e8806ca59a9234c0af488f74dc59b9eda8cdb144b57940eb

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 38764
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093076f9f80000c85301866000000001
last-modified: Sat, 27 Mar 2021 00:52:52 GMT
server: cloudflare
etag: W/"605e81e4-34b90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u7nbuSTvXtACipN5cUhZviXguGtgewONybKveymwFuqMMIDemWFAS%2FK%2B1Wt3Smxx%2FqfJBom6%2FiI4v2Yjt5tf9XJNdfpcOBIFRpKV707HpTUGotuUcg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6394276feb9ac853-AMS
expires: Thu, 01 Apr 2021 15:11:24 GMT

GET
H2 200 logo.png
hairstylesweekly.com/ 3 KB
3 KB 25ms
25ms Image
image/png 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/logo.png
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbc28a7272e76b4c939a5242799052460cc8d63b8f5152bde5eab67d8982c2a

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2092904
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3138
cf-request-id: 093076f9f80000c8532e06b000000001
last-modified: Sat, 04 May 2013 03:10:32 GMT
server: cloudflare
etag: "51847c28-c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=etWRLTkxuqqWZM5IYelsanOLtUH9iBdx%2BU4SmpPveQz4piNmAkTOmr1vgAAz9a2LP1AizeHDJoszrC%2FI4ZhdV2buCs92R%2FEDrjBFGwdY8fTzglW6Nw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6394276ffbb2c853-AMS
expires: Mon, 29 Mar 2021 20:44:27 GMT

GET
H2 200 logo.png
hairstylesweekly.com/images/2019/01/ 3 KB
3 KB 30ms
29ms Image
image/png 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2019/01/logo.png
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbc28a7272e76b4c939a5242799052460cc8d63b8f5152bde5eab67d8982c2a

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1771502
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3138
cf-request-id: 093076f9fa0000c853ffa2f000000001
last-modified: Thu, 10 Jan 2019 15:13:08 GMT
server: cloudflare
etag: "5c376104-c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9MSUZwYU6mMkuV7QTtwkZnXs2DOhJXX6LU09tpXAfz3lFJy0E7%2FnwgX%2B%2FsdcI7Ky4kUbam0fhsLaRyNtR34%2Bb1yT646OGlMVdMI%2FcqiIN5lBZ2AEUg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6394276ffbb8c853-AMS
expires: Mon, 29 Mar 2021 20:44:27 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 26ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 093076fa02000005bb09000000000001
last-modified: Mon, 29 Mar 2021 13:37:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6061d828-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hiRlxe%2FRn9JeL04A%2BoFRZVRWn8nOvp5WUDb1fbqAre8F%2B847cwj7dYU6NzbPN7oc1MRMSHWOaxczdiPkPSJgDayz8EOV7lLOmocf70OMtLCEbmo0yiY%2FIQgUgBOmJhoG"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 639427700b3f05bb-FRA
expires: Sat, 03 Apr 2021 19:16:49 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 24ms
7ms Script
application/javascript 2a02:26f0:7100:1a4::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1a4::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=276
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 counter.js Show response
statcounter.com/counter/ 38 KB
13 KB 76ms
37ms Script
application/x-javascript 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 10:15:35 GMT
server: cloudflare
age: 30641
etag: W/"6006b147-98f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 639427707a8b4c92-AMS
cf-request-id: 093076fa4800004c928387d000000001
expires: Thu, 01 Apr 2021 22:46:08 GMT

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 48ms
14ms Script
application/javascript 2600:9000:2127:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 07:09:04 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 130065
etag: W/"60256fd0-eabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, nofollow
content-length: 16639
x-amz-cf-id: Vm4xiAguds_B-uCO-DypxaP2-lBgpqsdamAI0nHZYgaHPpD9guE_GQ==
expires: Sat, 03 Apr 2021 07:09:04 GMT

GET
H2 200 wp-embed.min.js Show response
hairstylesweekly.com/wp-includes/js/ 1 KB
1 KB 31ms
31ms Script
application/javascript 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41042
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093076fa1a0000c8533603b000000001
last-modified: Thu, 04 Feb 2021 08:42:08 GMT
server: cloudflare
etag: W/"601bb360-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=14xuvfb85zn%2BS8FzIGEl4F0kY0XOaqFskRDIcDoRbu1IB8PhWwPz5TuvuJQPX7dQAPxepE7DLN%2FnnZB6FOhscX9kEO5WGm4doqwwK8L%2BOFWrtzcX%2Fw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 639427702c00c853-AMS
expires: Thu, 01 Apr 2021 13:26:42 GMT

GET
H2 200 sassy-social-share-public.js Show response
hairstylesweekly.com/wp-content/plugins/sassy-social-share/public/js/ 38 KB
10 KB 32ms
31ms Script
application/javascript 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.20
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5c5913da40109f7ea4de029bf57f7f16c51d728767b7b54f814372517be1ab

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41043
cf-polished: origSize=44150
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093076fa1c0000c853f636d000000001
last-modified: Sat, 20 Mar 2021 10:10:26 GMT
server: cloudflare
etag: W/"6055ca12-ac76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ihWlWpo7Mhz2CnUjQJ6ClXYFJMc1UzJhtFh1%2FD2qZy%2F4pDmmN0wIx9xtC%2B5xYERVnQuGHVrHjR5Y%2Bp4j2GcBlxnfo90K4FWoXAsxu%2BqhN1%2B3S45KTw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 639427702c01c853-AMS
expires: Thu, 01 Apr 2021 13:03:15 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
32 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0b2803f31e158e9fd92ab8941040e499acbb73aeedeab3ae6bde3f9a01f23ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32192
x-xss-protection: 0
server: cafe
etag: 7158704744546252440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:16:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87f8949474cd91befeb181b57d5a23ed43de14241d24de3f671b36eedb7c4d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47705
x-xss-protection: 0
server: cafe
etag: 5069928187734612852
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:16:49 GMT

GET
H2 200 f9r5q.js Show response
hairstylesweekly.com/wp-content/cache/wpfc-minified/eh13br5e/ 98 KB
33 KB 42ms
42ms Script
application/javascript 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/eh13br5e/f9r5q.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bd7d383d6611c0126226d703f858c271b65b7af67f553590f2f48f5ba000b7

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 38764
cf-polished: origSize=100908
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093076fa1d0000c85322254000000001
last-modified: Sat, 27 Mar 2021 00:52:52 GMT
server: cloudflare
etag: W/"605e81e4-18a2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=djk0dc%2Bxb54zRegIdtmSqGci8eF04YwS2OSkSMPMgbT8KV%2B8zq8Bp638%2BI4oo8dvZ4FVfGvz9NODOS%2Byd7mIHuQ40ndY5523LOCsnnMnQ5SBJAbT1w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 639427702c06c853-AMS
expires: Thu, 01 Apr 2021 15:11:24 GMT

GET
H2 200 arrow.png
hairstylesweekly.com/wp-content/themes/mobiletheme/images/ 366 B
700 B 31ms
31ms Image
image/png 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/wp-content/themes/mobiletheme/images/arrow.png
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/lozv9tj0/f9r5q.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49e3b129cbf8b5ba3a602c07c02983c67253304794120c52b649e95548ea6d4

Request headers

Referer: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/lozv9tj0/f9r5q.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2092904
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 366
cf-request-id: 093076fa1d0000c85363b10000000001
last-modified: Wed, 08 Jul 2015 08:26:51 GMT
server: cloudflare
etag: "559cdecb-16e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TXq2AWLI7yhx%2BoCvL4yy7gpnFTyW5gs2TVbMHD7TJNdHa91jgT7QXRcCbzeSZIt2JDdtFaFs8JBA2y9Uc2XmV7E5tv0k%2BcNJBhqLqc9AQEPip1m2Iw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 639427702c07c853-AMS
expires: Mon, 29 Mar 2021 20:44:27 GMT

GET
H2 200 short-ombre-bob-cut-with-soft-waves-150x150.jpg
hairstylesweekly.com/images/2015/09/ 8 KB
9 KB 26ms
22ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2015/09/short-ombre-bob-cut-with-soft-waves-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896b18f4e53c9f6074a3236377d8c6177b98c6b981b1003d04842516e6eca464

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1174998
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8551
cf-request-id: 093076fa650000c853558d6000000001
last-modified: Wed, 16 Sep 2015 14:08:14 GMT
server: cloudflare
etag: "55f977ce-2167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Gb21X%2FJpMfb4XOzK1VdKCvbBSwVMf2jqeWB0auflGSuO1zwhgg1lOIvA54HhFG4nb8xjjU6Cq7ayJrQFVHNeLgCk3g6iD7w15%2BzWON%2F6VWDjAdPOw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770accdc853-AMS
expires: Mon, 29 Mar 2021 20:55:51 GMT

GET
H2 200 Redhead-chic-layered-short-pixie-cut-for-winter-150x150.jpg
hairstylesweekly.com/images/2015/09/ 8 KB
8 KB 35ms
31ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2015/09/Redhead-chic-layered-short-pixie-cut-for-winter-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1807fe5ca558b7dfe6df77304cb75b8a92ebcf8910c93797067b0fa81436fcfb

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1716889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8268
cf-request-id: 093076fa650000c8533b02b000000001
last-modified: Wed, 23 Sep 2015 13:12:38 GMT
server: cloudflare
etag: "5602a546-204c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a%2BF9DfwG4Eo74%2BAP5PKG6xHIlIKNe4KeRy99ws4X0p4R5HzrO2gbJEc2zMqb%2BSnZ2DmfvGs36FWOnNd44QROGczKMRh9VIhZ6OeNE1ucNyloQMDkeQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770accfc853-AMS
expires: Mon, 29 Mar 2021 20:55:51 GMT

GET
H2 200 Asymmetrical-Long-Pixie-150x150.jpg
hairstylesweekly.com/images/2015/10/ 6 KB
6 KB 36ms
31ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2015/10/Asymmetrical-Long-Pixie-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c259b7dbabe0a4700cf5d410c8ac99868b8c90b03eb0a161f647b7baf80ffc

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1174998
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5911
cf-request-id: 093076fa690000c8533b02c000000001
last-modified: Wed, 14 Oct 2015 09:59:03 GMT
server: cloudflare
etag: "561e2767-1717"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nli%2BeNht4TxFEFG0Nf5TYgUSXUZh1U0nw%2BRL1ePpxEdKaVPZrUI%2F6DH%2FzAt%2BTJOUvx3oCAnTaFw%2FZSwkZ6EvMTjqvIRaaruZ1VGTymqYkb4fqlxI4A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd0c853-AMS
expires: Mon, 29 Mar 2021 20:55:51 GMT

GET
H2 200 unnamed-file-19-150x150.jpg
hairstylesweekly.com/images/2017/04/ 4 KB
5 KB 26ms
21ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2017/04/unnamed-file-19-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b9349fc8e50c0daf1bd8f17ae8f260215afe019a4a160fbba58b52ef9e73c23

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1220478
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4603
cf-request-id: 093076fa650000c853f6ba8000000001
last-modified: Fri, 21 Apr 2017 16:26:41 GMT
server: cloudflare
etag: "58fa32c1-11fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Abb%2BaNCLmg1aeoCKxM3l%2Bn1ngp8M62exmevtvt4X%2FPK71LTaG50i69inh6GMaCdlyN6qE%2B95T6MJANqChTRZtzAOnOwJ9F0UDKrB7JQhv%2BS5J8qjuw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd1c853-AMS
expires: Mon, 29 Mar 2021 20:55:51 GMT

GET
H2 200 unnamed-file-150x150.jpg
hairstylesweekly.com/images/2021/03/ 6 KB
6 KB 32ms
27ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2021/03/unnamed-file-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5dbee81dd8ab7626ec0012ede70799c52556eaa757dc432ff73c364273a857

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 451877
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6005
cf-request-id: 093076fa660000c85359146000000001
last-modified: Sat, 27 Mar 2021 00:45:50 GMT
server: cloudflare
etag: "605e803e-1775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8LhI1lI2PF%2BCn%2FxYRLASFaBDdaAssHsWqVGvMyYsIXQE7ICkWFrCETKTxKDFrSQ%2FeU%2FvyWPWvl1Rft5UO58EwiJx4dqAXtI5mIOPSNIZ5G3r40t19Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd2c853-AMS
expires: Mon, 26 Apr 2021 00:46:06 GMT

GET
H2 200 unnamed-file-79-150x150.jpg
hairstylesweekly.com/images/2017/04/ 8 KB
8 KB 41ms
35ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2017/04/unnamed-file-79-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd95da8da8781d531933f0a747216b7128afb91be37cead14e046ada960b3c2b

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8015
cf-request-id: 093076fa670000c8531f206000000001
last-modified: Fri, 21 Apr 2017 16:26:59 GMT
server: cloudflare
etag: "58fa32d3-1f4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x%2BVrDFphVYGo39hQce8XNqMcw%2Fcf8TxASfNHkkd6s32mBxA3FehF4jKhBaSxhdHhXjghuyuGXcrU8KydmxxNk%2BWDBQATBDkK%2B2MdYKKiSfBk%2FiT5FQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd4c853-AMS
expires: Tue, 20 Apr 2021 08:44:43 GMT

GET
H2 200 blunt-bobs-to-rock-this-summer-1-2-150x150.jpg
hairstylesweekly.com/images/2016/11/ 5 KB
5 KB 27ms
21ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2016/11/blunt-bobs-to-rock-this-summer-1-2-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cb6aa5e496d171d93e34d96b12c1666135b0183195848cdc1be557887bda0a

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4791
cf-request-id: 093076fa670000c8533c89c000000001
last-modified: Fri, 04 Nov 2016 15:48:44 GMT
server: cloudflare
etag: "581caddc-12b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lNK8A5ArU7XupISOsjfg69DxGF6MvC1rekZL5fnCtz5%2BtPzOIME%2B9FFLfasmLUlw7MHkWGTOX3ItiPtE6wpnCUCFVCUpH7W1anRqYAx7T%2FTWmwz6RQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd6c853-AMS
expires: Sun, 04 Apr 2021 01:33:41 GMT

GET
H2 200 Layered-Blonde-Short-Hairstyle-Easy-Haircuts-for-Girl--150x150.jpg
hairstylesweekly.com/images/2016/05/ 8 KB
8 KB 33ms
28ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2016/05/Layered-Blonde-Short-Hairstyle-Easy-Haircuts-for-Girl--150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4543f3765dbb49d8795e70d49e8caa2f668a1b83bf4946441854bf5ceac729

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8335
cf-request-id: 093076fa680000c85335b9f000000001
last-modified: Mon, 30 May 2016 18:13:51 GMT
server: cloudflare
etag: "574c82df-208f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yoy1MrD97nMuOv1StTJ7ZRuy4QeU6X9yZzH%2Bjl4Jc78m2z%2BvZcE8scWtPkrJCVkR9fb67d57uasw0xBlD6vt5dwxJDmGmiJkFhR7M7QEY3x93zel%2BQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acd8c853-AMS
expires: Fri, 16 Apr 2021 12:34:37 GMT

GET
H2 200 Black-Twists--150x150.jpg
hairstylesweekly.com/images/2016/07/ 8 KB
8 KB 53ms
48ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2016/07/Black-Twists--150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179e3156b161771e66795584801ffdc2520754dcc60d886b6b3a38f0d57b5e9d

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8043
cf-request-id: 093076fa680000c85300bee000000001
last-modified: Tue, 19 Jul 2016 20:06:08 GMT
server: cloudflare
etag: "578e8830-1f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HLrnoOuzcz8yytDe5tIgjvwwgEDenFxUxEzIvXbWe63zDn5g3kBv7OXIPsIlpgejo%2Bdi6Olj0y%2FMroRejKIQTuJlA1V29poHwYMOdhcgcWgnYoX8eQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acdac853-AMS
expires: Wed, 21 Apr 2021 07:20:16 GMT

GET
H2 200 10-hottest-prom-hairstyles-for-short-hair-150x150.jpg
hairstylesweekly.com/images/2019/07/ 7 KB
7 KB 38ms
33ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2019/07/10-hottest-prom-hairstyles-for-short-hair-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3728ba9bea84fe62cbe66c09265383ee2c93a118e97fedc8f23277d4c5d63d6

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7139
cf-request-id: 093076fa680000c8530c1cc000000001
last-modified: Sat, 13 Jul 2019 04:27:19 GMT
server: cloudflare
etag: "5d295da7-1be3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S8m6kJ9TMRk5HmRITTvwgb2qg9BAU7VXiekP3Drc6HR43V2%2BQQdPENMt2C%2FkzdUvHI8jbvQsl1fWYzsKPxDNPmn5p%2F0s7Xl1LiNObUo1fBWlANDi2w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770acdbc853-AMS
expires: Wed, 07 Apr 2021 16:51:40 GMT

GET
H2 200 3-reasons-why-you-have-oily-hair%E2%80%94and-how-to-fix-it-150x150.jpg
hairstylesweekly.com/images/2021/03/ 5 KB
5 KB 37ms
32ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2021/03/3-reasons-why-you-have-oily-hair%E2%80%94and-how-to-fix-it-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0df6304d8d617df286e704bb62ddacc59dee11ea1b017c263887491df3987a

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 545088
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5135
cf-request-id: 093076fa710000c8530587d000000001
last-modified: Fri, 12 Mar 2021 13:36:46 GMT
server: cloudflare
etag: "604b6e6e-140f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tIBbRPvzPPoyP7rKjzAu4p5P6YV0vAaVBhrWkj1BCcYaQ8wxF3uLLemqCooIJOa58PpZa0sGYSmF0nM3hdh4SqVR0BQlxA1zRFl077nRupC%2BxI3W%2Bg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770bcfac853-AMS
expires: Sat, 24 Apr 2021 00:15:14 GMT

GET
H2 200 20-balayage-haircuts-for-your-short-hair-1-14-150x150.jpg
hairstylesweekly.com/images/2016/09/ 8 KB
9 KB 40ms
36ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2016/09/20-balayage-haircuts-for-your-short-hair-1-14-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709e056505510521334eb92bfffd82f874c3cebff345cd86b4ed3b612096df30

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1117176
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8667
cf-request-id: 093076fa720000c8533c89d000000001
last-modified: Tue, 20 Sep 2016 10:42:48 GMT
server: cloudflare
etag: "57e112a8-21db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AcdnA2lTterpoARFd1smxiiQkY9meop8xTGwSCyiU%2BY1Ccz3RgkKJnrOWihUQrL0Qk6HRNvpNQkQUw6ORuSSczo9YyGc7moXtIT%2BwIGFVt%2FX7qKloA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770bcfdc853-AMS
expires: Sat, 17 Apr 2021 18:27:08 GMT

GET
H2 200 short-curly-cuts-for-a-trendy-new-look-603f5e56a67de-150x150.jpg
hairstylesweekly.com/images/2021/03/ 5 KB
6 KB 236ms
232ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2021/03/short-curly-cuts-for-a-trendy-new-look-603f5e56a67de-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8aac88654017c013327b810ca47231eb7c9fc392f3996c00c25c4193b1ab937

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5503
cf-request-id: 093076fa760000c853ffa39000000001
last-modified: Wed, 03 Mar 2021 10:00:54 GMT
server: cloudflare
etag: "603f5e56-157f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=04xOFtaY3RzDSk8oeFpDnh%2BeqdoRtRcFv2VCPxUALjLWymHLj49aUpR%2FrJL2bmZQCP2qfMuRM8ZoXmoFnXdEBmHXjl%2BFY1DpHlf9A1SIikHDWC28%2Bg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770bcffc853-AMS
expires: Fri, 30 Apr 2021 19:59:32 GMT

GET
H2 200 best-bridal-updo-hairstyles-for-modern-brides-60364afb9ef88-150x150.jpg
hairstylesweekly.com/images/2021/02/ 6 KB
7 KB 38ms
34ms Image
image/jpeg 104.21.13.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairstylesweekly.com/images/2021/02/best-bridal-updo-hairstyles-for-modern-brides-60364afb9ef88-150x150.jpg
Requested by: Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff1e3afcbea9b72b40d04e3238a395bc69564fda2fe33ac0f3c89e0fe308ad9

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 451877
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6165
cf-request-id: 093076fa720000c85359148000000001
last-modified: Wed, 24 Feb 2021 12:47:55 GMT
server: cloudflare
etag: "60364afb-1815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y0uON1U%2FKVsaCnyF961XlbohKKqDDk5OnkL8G%2B7cMA0BGrt6QMFj0zabkSyR1RixrX1SzcfSqCAbIcVktbwQEWFKLucI%2FP4moAxpZ5BUdjm510thHg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 63942770bd00c853-AMS
expires: Sat, 24 Apr 2021 00:15:14 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/ 227 KB
85 KB 62ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2888222920870328&plah=hairstylesweekly.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86637
x-xss-protection: 0
server: cafe
etag: 7600525576280132900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 19:16:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/ Frame E122 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210329/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 22:40:42 GMT
expires: Wed, 14 Apr 2021 22:40:42 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 74167
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 15ms
14ms Script
application/javascript 2600:9000:2127:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 09:22:33 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 208457
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: QET5Cquyeo0x7Czgp-A9btqhhGrYTFA8K24G_WyHwV8NUPyUfhNeHA==
expires: Fri, 02 Apr 2021 09:22:32 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 162 B
477 B 170ms
169ms XHR
application/json 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?u1=EFDBDB0B2C8B4FD2975942EC6B4074A3&sc_project=6200337&java=1&security=22563444&sc_snum=1&sess=830817&p=0&rcat=d&rdom=d&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//hairstylesweekly.com/&t=Hairstyles%20Weekly%20-%20Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020&invisible=1&sc_rum_e_s=809&sc_rum_e_e=813&sc_rum_f_s=0&sc_rum_f_e=744&get_config=true
Requested by: Host: statcounter.com
URL: https://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29be77b3ae2329ce0df1193166533ae96ff9ee1b763b0523afe388b04e1bb8ed

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 639427711c324c92-AMS
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://hairstylesweekly.com
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 093076faac00004c92632e4000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60bec8e5fecb3db90bf2ccc22243edb35ed9d18d85633393fb1fb5662d7b8909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EU0tXnEpWVdBdflzJyaD6g==
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Apr 2021 19:17:18 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: HTK/5jz5VfYrLVonY34peh3zjDhhig4aqsdCAA0HI2jYZea/1ty1ijCrIwOACjB3qBMXxQWqh4xJBILFEKLYwA==
x-fb-trip-id: 686109401
x-fb-content-md5: 123c96742fa1be6f020c54ef4b799a17
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 19:16:49 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4529caa8342381394ae99df95cc3c35e"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 532A 2 KB
1 KB 44ms
11ms Document
text/html 2600:9000:2182:c400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Thu, 01 Apr 2021 18:18:36 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: uICrboXCuMbciUGUlet0pEV2Rmc2Qo_1BpeUmGlEpgvqgCP6nZZKCw==
age: 3493

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 192 KB
58 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c2841626a96b11be3ed45d46af9e4c83&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93ff2fe263da8526aab9f30c621cc24312f5d01516c5859d79a36822d4a0076b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://hairstylesweekly.com
Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /muj7suEtYkW3cEHHWc2/A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58848
x-fb-rlafr: 0
x-fb-debug: OsRjeJp1sE/Jg4HHb5adbZiZ6nXUAboqQjpIxX3532Hn8IHT5JnowCqDqgelVr2b97H4l2Jb15+RbUS7F5goPQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 6439c6f489475618b95a182bd65f9335
x-frame-options: DENY
date: Thu, 01 Apr 2021 19:16:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ffaa6bc007d67c95fc9ec4081b019e03"
timing-allow-origin: *
expires: Fri, 01 Apr 2022 18:13:49 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 68 KB
19 KB 91ms
91ms Script
application/javascript 2a02:26f0:7100:1a4::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6117143102922549
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1a4::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 259b69877734215ce89bea840f148b8bb9f3849055e27aa237259e9bd64877e2

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "adafe7984bf758787649624f180eca64"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=272
accept-ranges: bytes
content-length: 18802
access-control-expose-headers: X-CDN

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 13ms
13ms Stylesheet
text/css 2600:9000:2127:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:27:15 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 73331
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: Z4HKpCXHtN-WMEEK7MsFdAkRMv_qw7iVXUPbedy4feAFjrEAQVoP1Q==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
647 B 105ms
54ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hairstylesweekly.com&callback=_gfp_s_&client=ca-pub-2888222920870328

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2888222920870328&plah=hairstylesweekly.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

13d4faf0906688938751ee2a054ab1e7b94c118f15a9e84b6dc22c5f961d510d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 39ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hairstylesweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 39ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hairstylesweekly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 895B 10 KB
1 KB 122ms
121ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&adk=1812271804&adf=3025194257&lmt=1617304609&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhairstylesweekly.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617304609404&bpp=11&bdt=154&idt=92&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6414311335539&frm=20&pv=2&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76c377e271f7bcaa8b08d7abc6f93c67908724cec322eef82c95fb6ebe2b3b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2888222920870328&output=html&adk=1812271804&adf=3025194257&lmt=1617304609&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhairstylesweekly.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617304609404&bpp=11&bdt=154&idt=92&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6414311335539&frm=20&pv=2&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 19:16:49 GMT
server: cafe
content-length: 900
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 19:31:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 19:16:49 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
31ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210329&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2fcad1138c049b5b77841060216a53f6a9e83929188bbdff3bb6b69011526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6581
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 58ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:16:49 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25A5 73 KB
25 KB 575ms
573ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=280&adk=3316573064&adf=2104864472&w=336&lmt=1617304609&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=ffffff&color_link=cb1b7c&color_text=cccccc&color_url=cccccc&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&wgl=1&dt=1617304609416&bpp=5&bdt=166&idt=105&shv=r20210329&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gCdOBCr77K&p=https%3A//hairstylesweekly.com&dtd=109

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1e4f380c1e02ed4bfbf04fc1808ef3f807f89c8dbc19e8b409f68bb29297d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2888222920870328&output=html&h=280&adk=3316573064&adf=2104864472&w=336&lmt=1617304609&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=ffffff&color_link=cb1b7c&color_text=cccccc&color_url=cccccc&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&wgl=1&dt=1617304609416&bpp=5&bdt=166&idt=105&shv=r20210329&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gCdOBCr77K&p=https%3A//hairstylesweekly.com&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 19:16:50 GMT
server: cafe
content-length: 25295
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 19:31:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 19:16:50 GMT
cache-control: private

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
342 B 89ms
22ms XHR
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1617304609437.45758&hostname=hairstylesweekly.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&shareHash=sthash.RXyBHxrN&bsamesite=true&consent_cookie_duration=93&consent_duration=93&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fhairstylesweekly.com%2F%23sthash.RXyBHxrN&title=Hairstyles%20Weekly%20-%20Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020&sop=false&description=Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 19:16:49 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://hairstylesweekly.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:16:49 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AE6A 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 17:30:08 GMT
expires: Fri, 01 Apr 2022 17:30:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6401
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 22ms
21ms Image
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1617304609437.45758&hostname=hairstylesweekly.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&shareHash=sthash.RXyBHxrN&bsamesite=true&consent_cookie_duration=93&consent_duration=93&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fhairstylesweekly.com%2F%23sthash.RXyBHxrN&title=Hairstyles%20Weekly%20-%20Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020&sop=false&description=Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Get%20Hairstyle%20Inspirations%20Here.%20Find%20latest%20long%20hairstyles%2C%20medium%20length%20hair%2C%20short%20hairstyles%20for%202020&img_pview=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 19:16:49 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-2888222920870328&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20210329_113746&sat=1617114474795&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=0&mdns=0.111&alldns=0.162&allp=35&fd=(0%2C7%2C0)%2C(1%2C14%2C3)%2C(2%2C0%2C0)&pgh=2527&su=hairstylesweekly.com&r=0.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 19:16:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 50ms
37ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hairstylesweekly.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 50ms
36ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hairstylesweekly.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 19:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74A4 119 KB
39 KB 636ms
636ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef206ca955cde970d79a9b6660580ead8110e11bf00f8b80c072a874dc2437e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COD7g5bh3e8CFRgGBgAdRo0B2w&gqi=IRxmYIWQKZeJbZjEi5AF&layout=/sadbundle/%24csp%253Der3%24/5567045425333904168/machine-learning-B-728x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COD7g5bh3e8CFRgGBgAdRo0B2w&gqi=IRxmYIWQKZeJbZjEi5AF&layout=/sadbundle/%24csp%253Der3%24/5567045425333904168/machine-learning-B-728x90.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 19:16:50 GMT
server: cafe
content-length: 39052
x-xss-protection: 0
set-cookie: IDE=AHWqTUn9uPkvdCxFV7H33a4tn6Ur2sfYUdy_X2UfTa1vArDfMc5_VGhZk82sgfDkxLQ; expires=Tue, 26-Apr-2022 19:16:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 19:16:50 GMT
cache-control: private

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame AE6A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 585506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210329&jk=3001927128911794&bg=!XF-lXxvNAAY56aLOOek7ACkAdvg8WssELbwo6BjLFWYtZRw57mMwQ7fQeD_t3MF1eUQYXt08LoJSbAIAAAA7UgAAAAtoAQcKARHjqhmdXPWN5nL53PefA5VOpV9NceRoaBIAKq2cFWsMDlOUcWSXmyiNQk3SNIHCCHv39qvud6uz_OkEkDyjzIFYQtdrEooR01tn6PD0H0l4F2yH-A6oRTgumzOfwKGhnm1SwfxoTW-0FlTaCN6t08EIfbBsxWJVIFuPuVv7O1F2aE9LctgJnvCOKOUWtjzIeVgSNjv9gQ5nBWKb93zT60RivgVHjdIMYg3iZ7amqmM2HDyEvDX9ce4vkIrbWof2TrmbEkrJ_gL7ahucXvJKjSOXYCSY0SIVqHciDcvGUFLO4tf4RwpB2K7TZ3po9BH9uaKfv4XUWKfcfGtAHLQ6nYPz1Ec0vYNRM-suWrgKImgd_LCZAdgx-YZUZ7K4KsEFkA2_YS_PgXBqLffMnZoZ9usklXo86jB68Qb54l0EDlRdVVqa2N5NgUHa2yxmGgtfkUDPWSo83tgEhSmhxihkHeR6ScVc4BS8M1P92UZYBqMC6tXdPuQ9sRaYiYgdHLNKztefIEC_a24UgHSiOSjQE-V5bvYAg-OVQ77u8zxJlgz_jQU-RePR3KnBNIJA9jnK_hK0UuMHBg9LFz_Pya5pYWzmFlD9q_avJdvt1lF9PJryzPTtY4grtroL1DF3b40hi4oj51MxTv7hGPN9e9sdVlSvOXtricLymh3oKUtgJBxY6zN-g0qiiE8QEda6NvVio8QXDPQkSCEush-QnTU0OG3pwmQ7s1ChFPsqfmO3hZ6ubPhYXQDDDLZQEPvbFs6dAnVyfaSk0wkEN_PuVrUbhQxCBxnHDBVWonz9P78Nkon8glAazycaxBFipuOshbYyHx4N8tz5saB3yWBUYt1XAcJdQQDVgRSODrSCbzcLXvI9FFwsy-NAlHsXfb8NsGCj9v351NXZR4fFNzcbGtjfzXq316TQqftHmoU1ABXFcsTJkWsh_nTPFe-btz6iuVLiaYeFokeLzPDlwLcNITGe_gpc6L9BFYtoluH-kEOi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 19:16:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8c77a2c821ca4e98b0049784c1486a62.js Show response
www.gstatic.com/mysidia/ Frame 25A5 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8c77a2c821ca4e98b0049784c1486a62.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=280&adk=3316573064&adf=2104864472&w=336&lmt=1617304609&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=ffffff&color_link=cb1b7c&color_text=cccccc&color_url=cccccc&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&wgl=1&dt=1617304609416&bpp=5&bdt=166&idt=105&shv=r20210329&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gCdOBCr77K&p=https%3A//hairstylesweekly.com&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 23:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 591210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2797
x-xss-protection: 0
expires: Wed, 23 Jun 2021 23:03:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25A5 3 KB
675 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 18:01:06 GMT
server: ESF
date: Thu, 01 Apr 2021 19:16:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 19:16:50 GMT

GET
H2 200 e91d763233dfa13a1924fbe91cfd4845.js Show response
www.gstatic.com/mysidia/ Frame 25A5 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e91d763233dfa13a1924fbe91cfd4845.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedddb3e8da114412602440e01aa8122a149527f3f30859c276f5efa31ecb7e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 05:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 49928
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Wed, 30 Jun 2021 05:24:42 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 25A5 1 KB
979 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:15:36 GMT

GET
H2 200 42fcf8bf7a7866de9163eb604d46e59a.js Show response
www.gstatic.com/mysidia/ Frame 25A5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42fcf8bf7a7866de9163eb604d46e59a.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd2d99e6e5124043d247cc2cdf999365ee5b7c914726a18901604f3f5095abe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 23:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 591210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
expires: Wed, 23 Jun 2021 23:03:20 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 25A5 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:15:31 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 25A5 2 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:16:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25A5 118 KB
36 KB 71ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:16:50 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 25A5 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:12:59 GMT

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 25A5 25 KB
11 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 43730
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:08:00 GMT

GET
H3-Q050 200 2398034351986173227
tpc.googlesyndication.com/simgad/16712137192714467582/ Frame 25A5 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16712137192714467582/2398034351986173227

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2242737fbcb9b16806246b6d5aac6fd504a2231de7f7dc1013e0ed7c5def5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 10:37:22 GMT
x-content-type-options: nosniff
age: 117568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12556
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 17:58:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 10:37:22 GMT

GET
H3-Q050 200 11858980743559740129
tpc.googlesyndication.com/simgad/ Frame 25A5 21 KB
21 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11858980743559740129

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e141e592dd9cc05cf554ffd96d59972c06ba3f76e3f8bd991a7cb55273dae81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:07:50 GMT
x-content-type-options: nosniff
age: 115740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21539
x-xss-protection: 0
last-modified: Mon, 18 Feb 2019 17:34:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 11:07:50 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 25A5 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSyBdIRxmYLmzIcHu1wbco7HQDtqJrcRe4Ybv46sM2cmiq4YbEAEgndqYE2CVAqAB9NrMmQPIAQGpAlFsqcAvtbM-qAMByAPDBKoExQFP0FxLQyZFxpWw5lddl60Tx9YWgX6AB_Ph5ERJ3OMyWb7REYEpHIOYCdMxYo5ZQwz3BqiNsXBoQb3eAfCT_UdVsTOGaX2Lb_4lPA2kUBRjLlmvNqxSUzjjCAKTYpeESUpRjRMviMS3Npdm_pA0qJ4GA9OE7j6fE8WkoMBNXmIx9OuWLJRUmj6PYqLShY_zlpn3mVs0xz1qd-bTqcY1GaZniKYlRH6w7rs4XfctIk2o4_f_V0bjma0elivede5hUwMUpjfLNcAEtZS_iIkDkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ6-wG0ggJCIDhgBAQARgfgAoByAsB2BMMiBQDshcaChgIABIUcHViLTI4ODgyMjI5MjA4NzAzMjg&sigh=NTodewTnRfc&template_id=5004&tpd=AGWhJmsrhpSsDx6tW5dCYx59HF_7cZlURw4F2b-R284-B63dkg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=280&adk=3316573064&adf=2104864472&w=336&lmt=1617304609&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=ffffff&color_link=cb1b7c&color_text=cccccc&color_url=cccccc&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&wgl=1&dt=1617304609416&bpp=5&bdt=166&idt=105&shv=r20210329&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gCdOBCr77K&p=https%3A//hairstylesweekly.com&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Apr 2021 19:16:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:16:50 GMT

GET
DATA 200
OK truncated
/ Frame 25A5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97a1bf5ab3f6f54f64aa93a33163e42a24bd48dc15f4545e7b744ba94f1946cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 25A5 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 03:55:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
age: 55263
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:55:47 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 25A5 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 77667
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 31 Mar 2022 21:42:23 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame E22E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 585507
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25A5 0
160 B 39ms
38ms Other
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChoIASoWU3F1YXJlUGljdHVyZUluUGljdHVyZQoKCAIqBnNlcnZlcgo_CAQqO2luZnJhX2NvbnRyb2xfNXAsbXlzaWRpYV9hbmFseXRpY3NfZXhwMyxkZWxheWVkX3ZpZGVvX2FkZG9uCgcIBioDMjAwCg0QAyEAABbNzM2DQDAECg0QCiEAAACozMwNQDAECg0QDSEAAAAArXqEPzAECg0QHioHMzM2eDI4MDAECg0QGSoHMzM2eDI4MDAECg0QDiEAAAAArXqEPzAECg0QECEAAAAAgMbYQDAECg0QESEAAAAAAAAAADAECg0QEiEAAAAAAAAAQDAECg0QEyEAAAAAAAAAQDAECg0QBCEAAJLhevODQDAECg0QDyEAAAAAKnuEPzAECg0QFCEAAAAAAAAAADAECg0QFSEAAAAAAAAIQDAECg0QFiEAAAAAAAAIQDAECg0QBSEAALzC9fSDQDAECg0QFyEAAA2uRwCGQDAECg0QGCEAANZwPdiGQDAEEhpDUG5ILTVYaDNlOENGVUgzMVFvZDNGRU02ZyIvd2lsZGVzdF9mbG93ZXIvd2ZfcGljdHVyZV9pbl9waWN0dXJlX3NxdWFyZV9vY2goKA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e91d763233dfa13a1924fbe91cfd4845.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 19:16:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 machine-learning-B-728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/ Frame 2D9A 3 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html

Requested by

Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456b00c6abd9214b0e0433e1b4e806b789472b8f05d24a57a9d48dcc4c33af50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1464
date: Thu, 01 Apr 2021 10:43:39 GMT
expires: Fri, 01 Apr 2022 10:43:39 GMT
last-modified: Mon, 02 Sep 2019 12:16:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30791
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0DC 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrjaDIRxmYKDnKZiMmLAPxpqG2A2OkoqOYoKC6a-4CZSFuNqyHBABIJ3amBNglQKgAfKylugDyAEJqAMByANIqgTAAU_QfkLO0YlhgrFnLuqJr5u6yGbhOqL8GNYOIfoVisGcOznebYfpHARmhNVQVxuE3Zg_KhT-m4KzfKeevzzwfdHGMCMsNc57AQF7Rrrh9LYxiuLJJgRhVw3Jh_iKsZBKj8f3TouBlhZwx5JgwfS7XFOVVbux-b_BypVtLaLBzf1sg0Jhvzqo2ea7xXtGTsab0WUq6XNMMW_5cz5BjFb77DZHiEnSd_uh_Ogr-U4jL1nRz25hohQK-miZSAjgWEc4SsAEurmd_3GSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH9szpF6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCE2gXSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItMjg4ODIyMjkyMDg3MDMyOA&sigh=KFH3JggRE8A&template_id=419&tpd=AGWhJmt4uqX-VyZSr0SejoRRJRqflaTI-6p2jfDXhwdCpifUgQ

Requested by

Host: hairstylesweekly.com
URL: https://hairstylesweekly.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Apr 2021 19:16:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame E0DC 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:15:31 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame E0DC 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:16:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0DC 118 KB
36 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:16:50 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame E0DC 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:12:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E0DC 0
0 14ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSP1YRWmWoH4lz4rD-QC04HB8mnvzwZ6WqjycjdnYPWlhbHiVKOMz1GmiQ5dQkF9S2NeYLKPLDfwATs5QjVNTN8825QcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D5A 143 B
216 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9uPkvdCxFV7H33a4tn6Ur2sfYUdy_X2UfTa1vArDfMc5_VGhZk82sgfDkxLQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2888222920870328&output=html&h=130&adk=1009769216&adf=3472629006&pi=t.aa~a.3009577567~rp.4&w=1200&lmt=1617304609&nsk=d380c0e&rafmt=11&pwprc=3020858740&psa=0&ad_type=text_image&format=1200x130&url=https%3A%2F%2Fhairstylesweekly.com%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617304609654&bpp=2&bdt=403&idt=2&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da3fbe1b83434ce58-22cee0f9efba003f%3AT%3D1617304609%3ART%3D1617304609%3AS%3DALNI_MaExjAzh0PWUVbSV0eI6OEhAdzLbQ&prev_fmts=0x0%2C336x280_as&nras=2&correlator=6414311335539&frm=20&pv=1&ga_vid=1790879281.1617304610&ga_sid=1617304610&ga_hid=830908854&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44740079%2C44739387&oid=3&pvsid=3001927128911794&rx=0&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=rq19xl3kns&p=https%3A//hairstylesweekly.com&dtd=10

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 01 Apr 2021 18:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3210
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2D9A 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2D9A 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 13:07:30 GMT

GET
H3-Q050 200 machinelearning-B-728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/images/ Frame 2D9A 45 KB
46 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/images/machinelearning-B-728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ddb90ac19b38c6d2d6a5a153c102ba3f5ad2699d88f9740b6242489da15a7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45896
x-xss-protection: 0
last-modified: Mon, 02 Sep 2019 12:16:44 GMT
server: sffe
date: Thu, 01 Apr 2021 08:26:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 08:26:22 GMT

GET
H3-Q050 200 mathworks-logo-white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/images/ Frame 2D9A 10 KB
10 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/images/mathworks-logo-white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5567045425333904168/machine-learning-B-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a43d0d049d688af7eda19d4805a2269653a4a502fa0a8a810304084514a0539

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10378
x-xss-protection: 0
last-modified: Mon, 02 Sep 2019 12:16:44 GMT
server: sffe
date: Thu, 01 Apr 2021 08:26:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 08:26:22 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E0DC 0
111 B 41ms
40ms Other
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COD7g5bh3e8CFRgGBgAdRo0B2w&gqi=IRxmYIWQKZeJbZjEi5AF&layout=/sadbundle/%24csp%253Der3%24/5567045425333904168/machine-learning-B-728x90.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 19:16:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D5A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
257 B

40ms
39ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9uPkvdCxFV7H33a4tn6Ur2sfYUdy_X2UfTa1vArDfMc5_VGhZk82sgfDkxLQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Apr 2021 19:16:50 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Apr-2021 20:16:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 19:16:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Apr 2021 19:16:50 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D9A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 585507
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

GET
DATA 200
OK truncated
/ Frame E0DC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93150cb251259924f0b60c29fe22c3d30ec83de86fe58729c9b0f46eeef200a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame 901E 7 KB
2 KB 14ms
14ms Document
text/html 2600:9000:2127:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hairstylesweekly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hairstylesweekly.com/

Response headers

content-type: text/html
content-length: 2089
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Thu, 01 Apr 2021 03:21:21 GMT
etag: W/"60257012-1ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: lVBuEV8mYZvsHEjNuxrGAH1sJjZ2DnvsPuQ5T9GXt_syTDfiO8AS6w==
age: 57351

GET
H2 200 st.a9c2f47cfbd1f141fb724cef861110d7.js Show response
ws.sharethis.com/secure/js/ Frame 901E 88 KB
23 KB 15ms
15ms Script
application/javascript 2600:9000:2127:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/js/st.a9c2f47cfbd1f141fb724cef861110d7.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847

Request headers

Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 01:12:22 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 3780268
etag: W/"60257012-15e0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-robots-tag: noindex, nofollow
content-length: 23428
x-amz-cf-id: ode4XOC-VRuX7W2KKvQyPErhA4BKjgzms_15Srm_cDQ2db3vI-FBbw==
expires: Thu, 17 Feb 2022 01:12:22 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 143ms
109ms Image
text/plain 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=7ikjmoFmvXL5&tv=2021031501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fhairstylesweekly.com%2F&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hairstylesweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:16:50 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-cache-hits: 0
content-length: 0
x-served-by: cache-ams21043-AMS
pragma: no-cache
server: envoy
x-timer: S1617304611.602539,VS0,VE92
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1114595816132655
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hairstylesweekly.com/	1970-01-19 17:58:16	Name: __cfduid Value: de520b638056ad8243f3a3d2332d0c2d21617304608

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://hairstylesweekly.com/wp-content/cache/wpfc-minified/eh13br5e/f9r5q.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
assets.pinterest.com
c.sharethis.mgr.consensu.org
c.statcounter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hairstylesweekly.com
l.sharethis.com
log.pinterest.com
pagead2.googlesyndication.com
partner.googleadservices.com
statcounter.com
tpc.googlesyndication.com
ws.sharethis.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.21.13.216
142.250.186.98
151.101.36.84
172.67.38.97
2600:9000:2127:8c00:3:c04e:c780:93a1
2600:9000:2182:c400:c:a9b7:ddc0:93a1
2606:4700::6810:a823
2a00:1450:4001:800::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a02:26f0:7100:1a4::1931
2a03:2880:f01c:8012:face:b00c:0:3
52.29.155.194
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
0ef206ca955cde970d79a9b6660580ead8110e11bf00f8b80c072a874dc2437e
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
13d4faf0906688938751ee2a054ab1e7b94c118f15a9e84b6dc22c5f961d510d
179e3156b161771e66795584801ffdc2520754dcc60d886b6b3a38f0d57b5e9d
1807fe5ca558b7dfe6df77304cb75b8a92ebcf8910c93797067b0fa81436fcfb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f77816a0968164c2e1f76cabf131b4a85cc953a633d6078cc28729a0ecd3eef
259b69877734215ce89bea840f148b8bb9f3849055e27aa237259e9bd64877e2
29be77b3ae2329ce0df1193166533ae96ff9ee1b763b0523afe388b04e1bb8ed
2b9349fc8e50c0daf1bd8f17ae8f260215afe019a4a160fbba58b52ef9e73c23
30bd7d383d6611c0126226d703f858c271b65b7af67f553590f2f48f5ba000b7
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
456b00c6abd9214b0e0433e1b4e806b789472b8f05d24a57a9d48dcc4c33af50
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47c259b7dbabe0a4700cf5d410c8ac99868b8c90b03eb0a161f647b7baf80ffc
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bb7a17945aaeb59e8806ca59a9234c0af488f74dc59b9eda8cdb144b57940eb
4e141e592dd9cc05cf554ffd96d59972c06ba3f76e3f8bd991a7cb55273dae81
57cb6aa5e496d171d93e34d96b12c1666135b0183195848cdc1be557887bda0a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60bec8e5fecb3db90bf2ccc22243edb35ed9d18d85633393fb1fb5662d7b8909
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
709e056505510521334eb92bfffd82f874c3cebff345cd86b4ed3b612096df30
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76c377e271f7bcaa8b08d7abc6f93c67908724cec322eef82c95fb6ebe2b3b43
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
7ff1e3afcbea9b72b40d04e3238a395bc69564fda2fe33ac0f3c89e0fe308ad9
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847
87f8949474cd91befeb181b57d5a23ed43de14241d24de3f671b36eedb7c4d32
896b18f4e53c9f6074a3236377d8c6177b98c6b981b1003d04842516e6eca464
8a43d0d049d688af7eda19d4805a2269653a4a502fa0a8a810304084514a0539
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
93150cb251259924f0b60c29fe22c3d30ec83de86fe58729c9b0f46eeef200a2
93ff2fe263da8526aab9f30c621cc24312f5d01516c5859d79a36822d4a0076b
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
97a1bf5ab3f6f54f64aa93a33163e42a24bd48dc15f4545e7b744ba94f1946cb
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a3728ba9bea84fe62cbe66c09265383ee2c93a118e97fedc8f23277d4c5d63d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ae5dbee81dd8ab7626ec0012ede70799c52556eaa757dc432ff73c364273a857
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b2242737fbcb9b16806246b6d5aac6fd504a2231de7f7dc1013e0ed7c5def5c5
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
b8aac88654017c013327b810ca47231eb7c9fc392f3996c00c25c4193b1ab937
bd2d99e6e5124043d247cc2cdf999365ee5b7c914726a18901604f3f5095abe9
bedddb3e8da114412602440e01aa8122a149527f3f30859c276f5efa31ecb7e6
c25892bb37ba904642ad5c16db5a584718bffddda523a26dfc9ddb842eaa5e4a
c49e3b129cbf8b5ba3a602c07c02983c67253304794120c52b649e95548ea6d4
c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cd95da8da8781d531933f0a747216b7128afb91be37cead14e046ada960b3c2b
d0b2803f31e158e9fd92ab8941040e499acbb73aeedeab3ae6bde3f9a01f23ce
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
da0df6304d8d617df286e704bb62ddacc59dee11ea1b017c263887491df3987a
dcbc28a7272e76b4c939a5242799052460cc8d63b8f5152bde5eab67d8982c2a
dd5c5913da40109f7ea4de029bf57f7f16c51d728767b7b54f814372517be1ab
e1ddb90ac19b38c6d2d6a5a153c102ba3f5ad2699d88f9740b6242489da15a7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b
ef4543f3765dbb49d8795e70d49e8caa2f668a1b83bf4946441854bf5ceac729
f1e4f380c1e02ed4bfbf04fc1808ef3f807f89c8dbc19e8b409f68bb29297d5c
f2fcad1138c049b5b77841060216a53f6a9e83929188bbdff3bb6b69011526d3
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

hairstylesweekly.com Open in urlscan Pro 104.21.13.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

72 %IPv6

15 Domains

21 Subdomains

19 IPs

3 Countries

949 kBTransfer

2433 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hairstylesweekly.com Open in urlscan Pro
104.21.13.216 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

949 kB
Transfer

2433 kB
Size

1
Cookies

90 HTTP transactions
2 data transactions