provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://provenskincare.com/
Effective URL:
https://provenskincare.com/
Submission: On January 14 via manual (January 14th 2022, 8:11:56 pm UTC) from CA — Scanned from CA

Summary HTTP 266 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 51 IPs in 2 countries across 43 domains to perform 266 HTTP transactions. The main IP is 2606:4700:10::6816:1b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is provenskincare.com. The Cisco Umbrella rank of the primary domain is 932204.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time provenskincare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 99	2606:4700:10:... 2606:4700:10::6816:1b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2600:9000:214... 2600:9000:2140:dc00:2:9629:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:214... 2600:9000:2140:8e00:2:9629:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.84.42.43 99.84.42.43	16509 (AMAZON-02) (AMAZON-02)
9	143.204.150.102 143.204.150.102	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:400d:c09::5c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1	13.33.60.15 13.33.60.15	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.144.83 143.204.144.83	16509 (AMAZON-02) (AMAZON-02)
1	99.84.125.30 99.84.125.30	16509 (AMAZON-02) (AMAZON-02)
2	2600:1400:d:5... 2600:1400:d:597::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.223.26.190 23.223.26.190	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.22.144.165 23.22.144.165	14618 (AMAZON-AES) (AMAZON-AES)
7	54.205.8.205 54.205.8.205	14618 (AMAZON-AES) (AMAZON-AES)
8	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	35.167.90.204 35.167.90.204	16509 (AMAZON-02) (AMAZON-02)
1	44.196.157.173 44.196.157.173	14618 (AMAZON-AES) (AMAZON-AES)
1	34.235.196.25 34.235.196.25	14618 (AMAZON-AES) (AMAZON-AES)
11	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1c::84 2a04:4e42:1c::84	54113 (FASTLY) (FASTLY)
3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	99.84.125.102 99.84.125.102	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	54.205.137.106 54.205.137.106	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.33.60.7 13.33.60.7	16509 (AMAZON-02) (AMAZON-02)
1 8	23.208.216.207 23.208.216.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1 5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
266	51

99 2606:4700:10::6816:1b5c (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2140:dc00:2:9629:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dl7bo1dy930sf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2140:8e00:2:9629:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.42.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-43.ewr52.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.150.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-102.ewr52.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c09::5c (Morganton, United States)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-15.ewr52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.144.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-83.ewr52.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.125.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-30.ewr52.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:597::1d72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.223.26.190 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-26-190.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.22.144.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-144-165.compute-1.amazonaws.com

proven-pay-production.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.205.8.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-8-205.compute-1.amazonaws.com

proven-api-production.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.90.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-90-204.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.157.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-157-173.compute-1.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.196.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-196-25.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1c::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.125.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-102.ewr52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.137.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-137-106.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

provenskincare.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-7.ewr52.r.cloudfront.net

proven.chargebeestatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.208.216.207 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-207.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
103	provenskincare.com 5 redirects provenskincare.com — Cisco Umbrella Rank: 932204 www.provenskincare.com media.provenskincare.com	4 MB
18	google.com 1 redirects pay.google.com — Cisco Umbrella Rank: 3596 analytics.google.com — Cisco Umbrella Rank: 971 play.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 8	404 KB
15	cloudfront.net dl7bo1dy930sf.cloudfront.net	52 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	152 KB
10	herokuapp.com proven-pay-production.herokuapp.com proven-api-production.herokuapp.com	35 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	437 KB
10	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 334 fonts.googleapis.com — Cisco Umbrella Rank: 37 www.googleapis.com — Cisco Umbrella Rank: 35	177 KB
9	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 21172	152 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1848 ekr.zdassets.com — Cisco Umbrella Rank: 2062	320 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2545 rs.fullstory.com — Cisco Umbrella Rank: 2254	136 KB
5	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 940	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	294 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1144	69 KB
4	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2119 api.hubspot.com — Cisco Umbrella Rank: 4757 forms.hubspot.com — Cisco Umbrella Rank: 3131	3 KB
4	pinterest.ca www.pinterest.ca — Cisco Umbrella Rank: 25371	15 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8216	691 B
4	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 743 www.pinterest.com — Cisco Umbrella Rank: 965	2 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	1 KB
3	zendesk.com provenskincare.zendesk.com	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 332	11 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	31 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	134 KB
3	yotpo.com staticw2.yotpo.com — Cisco Umbrella Rank: 6289 p.yotpo.com — Cisco Umbrella Rank: 5919	170 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 369	884 B
2	chargebeestatic.com proven.chargebeestatic.com	823 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	426 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2430	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1066	14 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 660	20 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3246 heapanalytics.com — Cisco Umbrella Rank: 2736	42 KB
2	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 8275	28 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	2 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5021	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2039	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5069	26 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7249	939 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2025	20 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2492	13 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6523	144 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 991	144 B
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1486	83 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5716	6 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1555	35 KB
266	43

	Domain	Requested by
90	www.provenskincare.com	4 redirects provenskincare.com
15	dl7bo1dy930sf.cloudfront.net	provenskincare.com
11	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.gstatic.com www.googletagmanager.com
9	js.chargebee.com	provenskincare.com js.chargebee.com
9	provenskincare.com	1 redirects provenskincare.com
8	www.gstatic.com	pay.google.com www.gstatic.com www.google.com
7	play.google.com	www.gstatic.com
7	proven-api-production.herokuapp.com	provenskincare.com
6	www.google.com	1 redirects js.chargebee.com www.gstatic.com
6	static.zdassets.com	provenskincare.com static.zdassets.com
6	maps.googleapis.com	provenskincare.com maps.googleapis.com cdn.segment.com
5	tr.snapchat.com	1 redirects edge.fullstory.com
5	www.googletagmanager.com	cdn.segment.com www.googletagmanager.com
5	analytics.tiktok.com	provenskincare.com analytics.tiktok.com
4	www.pinterest.ca	s.pinimg.com provenskincare.com
4	www.google.ca
4	rs.fullstory.com	edge.fullstory.com
4	pay.google.com	provenskincare.com pay.google.com www.gstatic.com
4	media.provenskincare.com	provenskincare.com
3	ct.pinterest.com	edge.fullstory.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com edge.fullstory.com
3	provenskincare.zendesk.com	static.zdassets.com
3	bat.bing.com	provenskincare.com bat.bing.com
3	www.googleadservices.com	cdn.segment.com www.googletagmanager.com www.googleadservices.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	proven-pay-production.herokuapp.com	provenskincare.com
2	api.hubspot.com	edge.fullstory.com
2	pixel.tapad.com	2 redirects
2	proven.chargebeestatic.com	js.chargebee.com
2	www.facebook.com
2	trkn.us	1 redirects
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	s.pinimg.com	cdn.segment.com s.pinimg.com
2	edge.fullstory.com	cdn.segment.com edge.fullstory.com
2	www.googleapis.com	provenskincare.com
2	staticw2.yotpo.com	provenskincare.com staticw2.yotpo.com
2	fonts.gstatic.com	fonts.googleapis.com dl7bo1dy930sf.cloudfront.net
2	fonts.googleapis.com	provenskincare.com staticw2.yotpo.com
2	js.braintreegateway.com	provenskincare.com
2	cdnjs.cloudflare.com	provenskincare.com
1	forms.hubspot.com	edge.fullstory.com
1	js.usemessages.com	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	www.pinterest.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	js.hs-analytics.net	cdn.segment.com
1	d.impactradius-event.com	provenskincare.com
1	js.hsforms.net	cdn.segment.com
1	heapanalytics.com
1	p.yotpo.com
1	api.segment.io	cdn.segment.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.heapanalytics.com	provenskincare.com
1	cdn.segment.com	provenskincare.com
1	widget.trustpilot.com	provenskincare.com
1	www.googleoptimize.com	provenskincare.com
266	60

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.youtube.com
partner.provenskincare.com
dl7bo1dy930sf.cloudfront.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-08-07`	a year	crt.sh
js.chargebee.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-24` - `2022-01-22`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.fullstory.com R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-10` - `2023-01-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
provenskincare.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.chargebeestatic.com Amazon	`2021-04-08` - `2022-05-07`	a year	crt.sh
*.google.ca GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://provenskincare.com/
Frame ID: D70F5AEE39D15D9AA3B317EF41E0DCE1
Requests: 215 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fprovenskincare.com&mid=
Frame ID: C7EBEA708F69F72C8FD337ADC63F182B
Requests: 13 HTTP requests in this frame

Frame: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html
Frame ID: E5A56C07BC331F5F092FE09C9AEC2E61
Requests: 8 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js
Frame ID: 7B849EFB8CAF2EA838179E629345300F
Requests: 8 HTTP requests in this frame

Frame: https://www.pinterest.ca/ct.html
Frame ID: 35FDC093260339166627F489375ACEC2
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=9ea0eaf4-2262-4064-82e3-98264a901f80
Frame ID: B81E97CB19E40C97C701838F9F0D13CB
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1642166370458&pnid=140&pcid=7eb18bd7-8c0a-4cc6-9969-7ff30350cf80
Frame ID: 2E53962A9AFED58191AC553CB2D2E56C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=plj5kyx7wzm9
Frame ID: 3C5B83EF8904AA225B427E411B749554
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 64C92C115C25FEC307038C8C775D5B94
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: DDEE8E6A2F544890092FAB06743B5953
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Skincare Routine Formulated For Your Personal Needs | PROVEN

Page URL History Show full URLs

http://provenskincare.com/ HTTP 301
https://provenskincare.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

266
Requests

98 %
HTTPS

57 %
IPv6

43
Domains

60
Subdomains

51
IPs

2
Countries

7364 kB
Transfer

21538 kB
Size

43
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/provenskincare/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/provenskincare

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB6y1t_mob1GPt7rzUaXNvQ/

Search URL Search Domain Scan URL

URL: https://partner.provenskincare.com/
Title: Influencer Program

Search URL Search Domain Scan URL

URL: https://dl7bo1dy930sf.cloudfront.net/img/PROVEN-SKINCARE-CLINICAL-TEST-RESULTS-AND-PICTURES.pdf
Title: study

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://provenskincare.com/ HTTP 301
https://provenskincare.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/quiz/bg-green-icon2.svg HTTP 307
https://media.provenskincare.com/img/quiz/bg-green-icon2.svg

Request Chain 54

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/proven-logo-vertical-white.svg HTTP 307
https://media.provenskincare.com/img/proven-logo-vertical-white.svg

Request Chain 112

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/quiz/bg-green-icon2.svg HTTP 307
https://media.provenskincare.com/img/quiz/bg-green-icon2.svg

Request Chain 140

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/proven-logo-vertical-white.svg HTTP 307
https://media.provenskincare.com/img/proven-logo-vertical-white.svg

Request Chain 191

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=149.56.153.187;cuidchk=1

Request Chain 218

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BtnhYdfqJc_z_gTN1b2gDw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BtnhYdfqJc_z_gTN1b2gDw&random=3295475734&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BtnhYdfqJc_z_gTN1b2gDw&random=3295475734&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCi5XDKjraK2Pc7vi9YP3VDFSadSacI0tx45I3sQemltYCM1gCTe8sGn8CsVuFqE5IGxhMA55jngVKBTHBpLK3m

Request Chain 224

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.ca/ct.html

Request Chain 246

https://tr.snapchat.com/cm/s?pnid=140&cb=1642191111155 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1642166370458%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1642166370458%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1642166370458&pnid=140&pcid=7eb18bd7-8c0a-4cc6-9969-7ff30350cf80

266 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
provenskincare.com/
Redirect Chain

http://provenskincare.com/
https://provenskincare.com/

521 KB
33 KB

500ms
454ms

Document
text/html

2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6882122adb21af5d1a1fc433924cf9fc01d376ecc5e165cd06d190f5e622cb49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
content-type: text/html; charset=utf-8
cf-ray: 6cd983fbcb697150-YUL
cache-control: s-maxage=30
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Express
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

Date: Fri, 14 Jan 2022 20:11:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 14 Jan 2022 21:11:48 GMT
Location: https://provenskincare.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6cd983fb4f877138-YUL

GET
H2 200 abhaya-libre-font.css
dl7bo1dy930sf.cloudfront.net/styles/fonts/ 3 KB
871 B 69ms
18ms Stylesheet
text/css 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl7bo1dy930sf.cloudfront.net/styles/fonts/abhaya-libre-font.css
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0576746adb248de95ac646bcf2e86b2631b2c9b43bc051777b07e1209c990360

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: f4.Yw6SC_gUPehmNEfrWUOHqSbx5Pgbs
content-encoding: gzip
last-modified: Mon, 17 May 2021 17:52:56 GMT
server: AmazonS3
age: 39931
etag: W/"697ead66fdb798fcc85ead8c5bbeecda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 09:26:09 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: udDhiDRDisEBFO_20LYm_Gv9RC1BQvU-Dq79wfa4ucU2NIHke3t_ZA==

GET
H2 200 hp-v1hero-bg-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/ 37 KB
37 KB 88ms
75ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bg-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f6ca14838f75b9da7e6d893680e3f8b7719cfeeb2ea3a8b093ebee6ba5bf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
via: 1.1 42f2de9d3efb503e7960e52396f998c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 37434
last-modified: Mon, 26 Apr 2021 18:21:59 GMT
server: cloudflare
etag: "cfqX0AzobXLrYJ_h1SruevIA:f2d3deec90a80ad587c86b98e04e1b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "image too large for AVIF"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=274 v=2021.12.0 l=37434
accept-ranges: bytes
cf-ray: 6cd983fed81a7150-YUL
cf-bgj: imgq:86,h2pri

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
702 B 77ms
31ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5790138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 382
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C46KIF05n89%2F2riJEh%2B6Nn%2BtVzUrk6ALCp90MJ4sW556Fo8Hv%2FZqmMvBFqPIbMR08hLetO%2BcUCh8GdlP1yt1PlDu29CCuUz6FKO3M9GtRXY18UrN3spt4W6yhEovklFYnMcSo%2FOO2qrxnVpHJ8y9IZDL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cd983ff19f87144-YUL
expires: Wed, 04 Jan 2023 20:11:48 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 72ms
27ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7880213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 637
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfLxTtac6vyVgSSDLSZ%2Bc17S1fHLEQ6fvpC4nFMt4jpYp%2Bv4D1j3tDXdip30%2BilzWxzWIf1S0IzKFBVNjBnQ%2BJQSFIJnzAxgy1rtX%2F7nm0k6Di45Y0GRbf0ADp86DAjpqLWOQQurIc6q34kmvdxhYOV1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cd983ff19f97144-YUL
expires: Wed, 04 Jan 2023 20:11:48 GMT

GET
H2 200 main.a6b8cccb7cb72c09bf39.css
provenskincare.com/dist/ 3 MB
229 KB 154ms
153ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0cdaafb05aebc670c3cdc62e7a78ac997bb929a0c7a5bed29f7eeb9409c0e949

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 175827
x-powered-by: Express
content-encoding: br
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
etag: W/"42a0c-17e4fb12ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=30
cf-polished: origSize=2988112
cf-ray: 6cd983fec8057150-YUL
cf-bgj: minify

GET
H2 200 v3-logo-vertical.svg
dl7bo1dy930sf.cloudfront.net/img/ 2 KB
1 KB 67ms
19ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/v3-logo-vertical.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1856b8056e8ee3cdb276ab7312950c665ca5fb0c76e7649a5de044af8d9c0d78

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:07:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 21:55:00 GMT
server: AmazonS3
age: 43458
etag: W/"aa0b555c5db10d003bf03bce9e5e05b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yMkxJLAK730XXjpIqvphgEBuxRiHJfoM
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-type: image/svg+xml
x-amz-cf-id: vYYfktd3li4FNyOFCgeD5--UiZukCOTIs3rF_yDt57feVtXJOfYt6w==

GET
H2 200 hp-v1hero-bottle-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/ 55 KB
56 KB 103ms
94ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bottle-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc8d796bba7a68f4bacd7c532169d69b78b38b473768695f194bc576b5a0fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 56770
last-modified: Mon, 26 Apr 2021 18:22:00 GMT
server: cloudflare
etag: "cf9_nVsvgD9YU6_Q7P5dSZ0A:9f5962d5a31419b4e88d0f79ebd95045"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=37 c=1231 v=2021.12.0 l=56770
accept-ranges: bytes
cf-ray: 6cd983fed81c7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 vogue-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 2 KB
2 KB 83ms
75ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/vogue-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5391d40e1889ecb9b36fad23734c6fe45d50569ee8a8aae1da8d794b8214559e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
via: 1.1 79f9fb603ee37517dbf3cd108c449392.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 1596
last-modified: Wed, 06 May 2020 00:07:04 GMT
server: cloudflare
etag: "cfFVBDN-vjI57D7inThMQuow:54d8d15029030dbb33cfaada09a5df0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=3 c=371 v=2021.12.2 l=1596
accept-ranges: bytes
cf-ray: 6cd983fed81d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 new-york-times-grey-icon.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 8 KB
8 KB 82ms
74ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/new-york-times-grey-icon.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0043b74cad3af5be4da76dba7f7bbdb124d7d93998314b19355cae3d1b98ab3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7837
last-modified: Fri, 13 Mar 2020 23:57:41 GMT
server: cloudflare
etag: "cfmukeJ9c1eMB-4z-xyygYPw:03bdf7f79104fba62b8963c81193e44a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=41 c=616 v=2021.12.2 l=7837
accept-ranges: bytes
cf-ray: 6cd983fed81f7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 sharktank-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 2 KB
2 KB 82ms
74ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/sharktank-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35650671d8c7af59f8492d2dd872e86d613cf578a5ef04b7c984a112601b7ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2071
last-modified: Thu, 07 May 2020 17:45:14 GMT
server: cloudflare
etag: "cfc3MMcAaV9xblfp6Oi_pLjA:df447bfbfe8d168ace78b5bfbdca53bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=29 c=320 v=2021.12.2 l=2071
accept-ranges: bytes
cf-ray: 6cd983fed8217150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 allure-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 106ms
99ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/allure-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c0b4e50d63eddc4a075efc74fd39728f0cbeb166f41a17f41a20e0528772fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2669
last-modified: Wed, 06 May 2020 00:07:04 GMT
server: cloudflare
etag: "cfNxA5GtkM_0g6E1QfRmkqcg:408ffbe1ea6fed66934308889a0f41a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=8 c=305 v=2021.12.0 l=2669
accept-ranges: bytes
cf-ray: 6cd983fed8207150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 the-wall-street-journal-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 6 KB
6 KB 36ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/the-wall-street-journal-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8597f4191e4ec7dc45f83c7bafd46f850b3a910845df8038c350ee52a2699c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 a123807296d8a3060657bb737260f995.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6234
last-modified: Wed, 29 Apr 2020 23:58:36 GMT
server: cloudflare
etag: "cf00hn21eEHD6K8vNvH7Pbyw:a805fc3e53490f09779bb366ba632887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=42 c=702 v=2021.12.2 l=6234
accept-ranges: bytes
cf-ray: 6cd983ff58a67150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 refinery29-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 4 KB
4 KB 33ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/refinery29-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bffda250847d12895f943833068ceb90239ad1170edc1673232ba4aa5d1f95fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 3846
last-modified: Wed, 29 Apr 2020 23:58:36 GMT
server: cloudflare
etag: "cf_U029s_ORhhU89xGsW6tJw:6f53e818cb873e8554fe4412aff8b7b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=22 c=343 v=2021.12.2 l=3846
accept-ranges: bytes
cf-ray: 6cd983ff58aa7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 cnbc-grey-icons.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 34ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/cnbc-grey-icons.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78f0de56a931c6189b4aff0b2c9f78d3a263fb9c9aa970107115880701cb33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2645
last-modified: Fri, 13 Mar 2020 23:57:41 GMT
server: cloudflare
etag: "cfc99ryb_af4jC0258pRMEAg:7905f6d8b95d98bf69b3a67afc51f2e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=20 c=295 v=2021.12.2 l=2645
accept-ranges: bytes
cf-ray: 6cd983ff58ac7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 people-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 35ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/people-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463d51a0ec0a4b4165898851fe1e9e5a1d3dcb1a80c9277493d03cf23a40249d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 3042
last-modified: Thu, 07 May 2020 17:43:28 GMT
server: cloudflare
etag: "cfzW5CXFcUUX39UT-aVcVv0w:e1f5536672938ccbc020a5c8fbf876f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=32 c=288 v=2021.12.0 l=3042
accept-ranges: bytes
cf-ray: 6cd983ff58af7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you1-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 12 KB
13 KB 32ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you1-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9d70a3b0890d85eb0631d030b668a4f645cfb3ac8a7ea7450578aa61fcd0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 12783
last-modified: Thu, 15 Apr 2021 22:08:56 GMT
server: cloudflare
etag: "cf9N81RwU7ybpbQ-PsbC5Ylg:066c05355d898a8e52c96e2e90d05c14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=24 c=1237 v=2021.12.2 l=12783
accept-ranges: bytes
cf-ray: 6cd983ff78db7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 arbutin.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 27 KB
27 KB 32ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/arbutin.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf86938f783674210545999b5d6da96254cc4b21eb047224fb7f329f78ed165e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 759533d02225fb7e951ea4dc2b01fd49.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 27687
last-modified: Fri, 03 Jan 2020 02:41:40 GMT
server: cloudflare
etag: "cfu-Mo5UGM_Hix_fqLIiBX8w:c6017d6bace0eec87dce66ec03e3d9e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=53 c=1605 v=2021.12.2 l=27687
accept-ranges: bytes
cf-ray: 6cd983ff78dc7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Kojic-Acid-Mulberry-Extract-Tranexamic-Acid.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 68 KB
69 KB 32ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Kojic-Acid-Mulberry-Extract-Tranexamic-Acid.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cdaf93cd259a149c5670940aea586693e79fc0bbd89aa68a5fa2a417dc5ce3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 e11cadb582e1707cafaebffffaca42e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 70003
last-modified: Fri, 03 Jan 2020 02:41:46 GMT
server: cloudflare
etag: "cf3Fa_L2IUkkagcUU5e7t2JQ:68de42b0c5c28aa6d41bb38fc4a4ddce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=65 c=613 v=2021.12.2 l=70003
accept-ranges: bytes
cf-ray: 6cd983ff88ed7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Pomegranate-Extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 62 KB
62 KB 42ms
41ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Pomegranate-Extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74502e391a9b59078e74d5cf98edf5b23e753b5590403f2dd114465bb74f382f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 63467
last-modified: Fri, 03 Jan 2020 02:41:49 GMT
server: cloudflare
etag: "cfBeqlNY1AORBreiBVq30wiQ:7d4bd5de13093ffef10ca9988161e888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=28 c=1580 v=2021.12.2 l=63467
accept-ranges: bytes
cf-ray: 6cd983ff98f57150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you2-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 11 KB
11 KB 38ms
38ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you2-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc55abf8746b56b4914bcda65d9f2cc61ee1e3ea7818436ca1a6277bd5ad6897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11242
last-modified: Thu, 15 Apr 2021 22:08:57 GMT
server: cloudflare
etag: "cfZGx8Nq_Zgp2Z5NiltzNSDg:736e6c0ef61db674342ad9112178fd45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=53 c=587 v=2022.1.0 l=11242
accept-ranges: bytes
cf-ray: 6cd983ff98f97150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Granactive-Retinol.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 12 KB
12 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Granactive-Retinol.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8fbe469cdfb876e22024445f3c9d376025120f106365db02551a34d40d9b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 12096
last-modified: Fri, 03 Jan 2020 02:41:44 GMT
server: cloudflare
etag: "cfTR9CvHRZk7D7DwJJrB1ybw:b51d432992e5fb204994d45147a1e45e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=27 c=1183 v=2021.12.0 l=12096
accept-ranges: bytes
cf-ray: 6cd983ff98fb7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Ubiquinone-CoQ10.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 17 KB
17 KB 35ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Ubiquinone-CoQ10.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a455bed92688ecb0154949056602cd05e3935a1477b9a4c9977ce4babbd4884

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17576
last-modified: Fri, 03 Jan 2020 02:41:53 GMT
server: cloudflare
etag: "cffvfi6SsV7LkolC9VSlf8AA:7fb489b1e392207243743c6926e21f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=69 c=1801 v=2022.1.0 l=17576
accept-ranges: bytes
cf-ray: 6cd983ffb91d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Curcumin-Extract-turmeric-extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 65 KB
66 KB 31ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Curcumin-Extract-turmeric-extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331f8cefac801437eff2724b5d79232460c02abef59b39e1b03ce594e188759d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 42f2de9d3efb503e7960e52396f998c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 67032
last-modified: Fri, 03 Jan 2020 02:41:43 GMT
server: cloudflare
etag: "cfEATOEmM9G9pun2Ob5yTTLQ:131107b8c89deebfee45b7adcec249e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=15 c=2854 v=2021.12.2 l=67032
accept-ranges: bytes
cf-ray: 6cd983ffb9207150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you3-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 9 KB
9 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you3-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697244d1fd188b3bd6e08eb73be45a40f3d6d1758c58e8844fd60fe549955f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9519
last-modified: Thu, 15 Apr 2021 22:08:57 GMT
server: cloudflare
etag: "cfQrVQXftg3X98Q6UDmL_3Kg:152b240512d66b9fb0e29fca091396ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=37 c=1515 v=2022.1.0 l=9519
accept-ranges: bytes
cf-ray: 6cd983ffc93e7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Tasmanian-Pepper.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 39 KB
40 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Tasmanian-Pepper.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0966ed1f296de66dbc09c654a601629cc878b24c3dffe37ccc59ababc28741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 40392
last-modified: Fri, 03 Jan 2020 02:41:53 GMT
server: cloudflare
etag: "cf8pK54kIg0BX_Gi4vMnaGZw:e6085926b68ca523e959949b6f97a6ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=122 c=1758 v=2022.1.0 l=40392
accept-ranges: bytes
cf-ray: 6cd983ffc9487150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 arnica-montana-flower-extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 170 KB
170 KB 33ms
33ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/arnica-montana-flower-extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ae4be9138eed8e081745279e0be0307abbb4a03ef235a1c182b737024acba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 174040
last-modified: Fri, 03 Jan 2020 02:41:40 GMT
server: cloudflare
etag: "cfQjR4He3M63YW4lZjKgbt2Q:1c564fc405e4c2ba86291ef1d2729a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=265 v=2021.12.2 l=174040
accept-ranges: bytes
cf-ray: 6cd983ffd9607150-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 Calendula.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 42 KB
42 KB 33ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Calendula.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971f352db21fcdb192853ac6d7f1e9e465bad56d869ab59d46afed122c07ef6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 43176
last-modified: Fri, 03 Jan 2020 02:41:42 GMT
server: cloudflare
etag: "cf-0pUo0TELsHFXVsE_38N_A:75a2bd60398fe3e05fec4e2fd2e3ec8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=104 c=1859 v=2021.12.0 l=43176
accept-ranges: bytes
cf-ray: 6cd983ffd9637150-YUL
cf-bgj: imgq:85,h2pri

GET
H2

200

bg-green-icon2.svg
media.provenskincare.com/img/quiz/
Redirect Chain

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
https://media.provenskincare.com/img/quiz/bg-green-icon2.svg

1 KB
1 KB

113ms
25ms

Image
image/svg+xml

2600:9000:2140:8e00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Server: 2600:9000:2140:8e00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8204b4f84cbe1a7f594e9451f83f1901d0f6fc5f107c81221b8c42ba7f2cb2dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: I69vs4SPh4tRal6JML9WXyBHzNLcgOzF
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 00:22:36 GMT
server: AmazonS3
age: 44079
etag: W/"84759cf224a63aef00a393aba046bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:57:11 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: vndCM-BKcurOCCrdTboq4WrL2LPsrU2MrQQ0efaep9Gwy3idB3yZkQ==

Redirect headers

date: Fri, 14 Jan 2022 20:11:49 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
cache-control: max-age=14400
content-security-policy: default-src 'none'
content-length: 60
cf-ray: 6cd983ffe9707150-YUL
cf-resized: err=9412

GET
H2 200 personalized-image-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 35 KB
36 KB 29ms
28ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/personalized-image-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09045dcf1f0753839f4886b822ced8c75c47cccdd47e85cec848dc8f30ab9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 36248
last-modified: Mon, 04 Jan 2021 18:04:09 GMT
server: cloudflare
etag: "cfc5JBx0gCzLYeywQRkCXDKQ:d1060c39987be05db51636cb31607033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=445 v=2021.12.0 l=36248
accept-ranges: bytes
cf-ray: 6cd983ffe9717150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 desktop-section2-image.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 50 KB
51 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/desktop-section2-image.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b1630a6723f0de568e878db5e53e0e0df494cffa3622dc4f782fba1d760921

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 51502
last-modified: Fri, 06 Mar 2020 18:22:13 GMT
server: cloudflare
etag: "cfLrE_7PMLkeWtYHv7VCEHmA:7ee9c9c4ae2b138271ae8fc792c994d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=34 c=709 v=2021.12.2 l=51502
accept-ranges: bytes
cf-ray: 6cd983fff97a7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 simplified-image-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 100 KB
100 KB 33ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/simplified-image-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443bb2805b80c1ef2fce6745d430010bba949826914b18a4d31259598dad928e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 102094
last-modified: Fri, 14 Aug 2020 23:05:11 GMT
server: cloudflare
etag: "cfvLQrirBBiBVKKofLp4Nv-A:1ab2e3b25e6428c0a7942ca79d132787"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=49 c=918 v=2022.1.0 l=102094
accept-ranges: bytes
cf-ray: 6cd983fff97e7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 section4-jarIngredient.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 75 KB
75 KB 39ms
38ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/section4-jarIngredient.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ed976a4724709fcaf7ff3bdbcbb53b85e52705907714e94344053ae921c2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 76356
last-modified: Mon, 03 Aug 2020 22:52:45 GMT
server: cloudflare
etag: "cfPv_UkPWB2xuFMDjo6CLM1Q:7350afc8df4b084519d3e3d54169ec5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=1015 v=2021.12.0 l=76356
accept-ranges: bytes
cf-ray: 6cd9840009a87150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Vitamin-C-Stabalized-Active.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 58 KB
58 KB 40ms
40ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Vitamin-C-Stabalized-Active.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4657ba75aee330df7c2711a7bda9634b2e66acfc89fce056044cb9e81b1566c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 59210
last-modified: Fri, 03 Jan 2020 02:41:54 GMT
server: cloudflare
etag: "cfGIZW3IjHMfT6tjZdnFSZow:8873d7ca32717f1be50374571c296909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=15 c=751 v=2021.12.2 l=59210
accept-ranges: bytes
cf-ray: 6cd9840009ac7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Green-Tea-Extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 67 KB
67 KB 30ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Green-Tea-Extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c005506a752bcbe41277a2a85a40d4e0c2a9adf7584141696cd80be1e3493322

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 75e95d402c844985152ed9360801af07.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 68548
last-modified: Fri, 03 Jan 2020 02:41:45 GMT
server: cloudflare
etag: "cfO96GjnktKl3vRWI-Gbqqxw:b0b2ea55748c989a7aad8319d12182b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=34 c=3420 v=2021.12.2 l=68548
accept-ranges: bytes
cf-ray: 6cd9840019c17150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 softer2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 8 KB
4 KB 55ms
20ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/softer2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77b116309a3a18dcd1ddc9bca96398428ef69ab83d79f368fe001579df507ce8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: .o41y3mAOOfdeA1UGy17D7XUhvIL3kDo
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 44079
etag: W/"863c591d10b7c11739c6b6582f8881b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 09:26:09 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: Ctk-58hFHN7rdDr-86MIYFuMnpzrtDcxx6JQqPRQ-wsAO413FItUug==

GET
H2 200 smoother2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
4 KB 54ms
20ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/smoother2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2d5dbf4a954c67f09ec38a9bf867fcc61772a3d7ba5e0fa99b1c1683c24c948

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Xd2kRh3oZnQ0fwLGo3pbDeuLX5liArfG
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 30151
etag: W/"2b74d4cc5f0d8ef82dbf1ba88901df39"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 11:50:32 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: KR9LPZ1u6ZTxicGZFnKRhu3hfuJR-3T-cf_7kZ7a0GMtOzFGnWT0YA==

GET
H2 200 brighter2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 9 KB
5 KB 54ms
20ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/brighter2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5cced06008892d3601bc8481951aa99952439a21f551c5e8b27909644c7fd27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: taA8aQqx8Ziyci_V8u4xYh.yXyFKHCad
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 35510
etag: W/"e91d952027d72a74cd1f99e6bd312735"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 11:15:12 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: _hDXH-EShuga00xLiZKACnLDeK0vfq3Vu-FGeZrkXL3jsGBegW1Pyw==

GET
H2 200 cruelty-free2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
3 KB 20ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/cruelty-free2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33d5c0e489c5fc032ebb1f3db66f5e9aa469d35c8e100e3474d3f17214add149

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: BihlYvMDJ8BAsPSI76M7Hkzr2aBt4HlS
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 37528
etag: W/"30553c7e1f0ba78c7e510856c1825aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 09:46:22 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: DhYSwkHiaTT7g01qoRTaA46ab0NSoenyVejHurNOhgCD6K7LBNOSqg==

GET
H2 200 clean-beauty2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 9 KB
5 KB 19ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/clean-beauty2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 646758145804d42d7b524f868a1b002963b79c1d477b7ce565b860147100efbf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: JCZwDh7FEWyadHg1HocvUvO54I__nXUf
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 44080
etag: W/"bb1e2a349df9dda21a8ed7bfbb97793c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:57:10 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: 7FsDvhulz2E3foRysiAxdO7pGHljEVSFCLDDy3npHhH1SPcKh5t5BA==

GET
H2 200 made-in-usa2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
4 KB 20ms
18ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/made-in-usa2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12ad863b1233abbc6e8e0b4789705b548baf510f8f83b9c0e88c1bd00c079b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:24:13 GMT
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 38857
etag: W/"f46c7809053526e1c50443c1dc52804e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 602d3pnn7I9Zu8uo36bP36lT.a1T4yGi
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-type: image/svg+xml
x-amz-cf-id: LlcIkQxzJFiNV9AVvI-zOscR5yRtn0E_MT4-aHF4dcC2wYudJqTO1A==

GET
H2 200 amy-in-lab-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 43 KB
44 KB 35ms
35ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/amy-in-lab-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4f5d12cffdfafbd897c94cbf0525fd831ee721068a876a8ab07d62df7971bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 44292
last-modified: Mon, 03 Aug 2020 23:34:54 GMT
server: cloudflare
etag: "cfcm8p_tJYJPXMtgqEDJurLg:e331dd71dfaf2a1a80213e9ee50d35cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=39 c=1345 v=2022.1.0 l=44292
accept-ranges: bytes
cf-ray: 6cd9840029d07150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 amy-signiture.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 35ms
34ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/amy-signiture.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa7fda767d7b6ae61ae9904d0579635516707f568aec59c52223d0334dbc597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 a35229400ee2bfea0d760fa6dd2467b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2836
last-modified: Fri, 14 Aug 2020 22:51:11 GMT
server: cloudflare
etag: "cfAsQ6SbRsf8aqsaRQtT9CNA:941f8823cf1ff162f0fe531c7fecbd86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=123 c=6 v=2021.12.0 l=2836
accept-ranges: bytes
cf-ray: 6cd9840039dc7150-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 yuan.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 31ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/yuan.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2368d86f3e6647bf945f0543fef72a3f311cf4f1f83daf62d3ab6b43b04a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 6c54d5aad34fd574d1282c92c7b7e105.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8246
last-modified: Fri, 30 Aug 2019 23:02:14 GMT
server: cloudflare
etag: "cfpqzWzYYdUCommhSTxGSaiw:348ce0945a35a2d8c2b70d8800313fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=39 c=900 v=2021.12.0 l=8246
accept-ranges: bytes
cf-ray: 6cd984004a117150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 hollmig.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 33ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/hollmig.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d5f4da3e334515d5cddcbd566bf99f948c8e83af2ef6bc579368421b02ab8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8090
last-modified: Mon, 03 Aug 2020 22:46:53 GMT
server: cloudflare
etag: "cf4rM4zei3jf_wVwcIOBPDuQ:5fca245c37efd6a032258b5c404c07fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=31 c=719 v=2021.12.0 l=8090
accept-ranges: bytes
cf-ray: 6cd984005a157150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 conley.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 32ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/conley.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a760b4c60ab075c6eb7f9efa51d7ac8204abd608154e4799c76030c9c14ecd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 03e4d3b42a136dd5df035a167106f809.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8071
last-modified: Mon, 03 Aug 2020 22:46:53 GMT
server: cloudflare
etag: "cf23o0rquyxyBv1i0M5bMcVA:cebba51df531d91bc47c2380caa218ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=28 c=667 v=2021.12.2 l=8071
accept-ranges: bytes
cf-ray: 6cd984005a167150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 its-about-time-img-desktop2.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 17 KB
17 KB 30ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/its-about-time-img-desktop2.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eebfd0782dc876c3f1898ac926a079ad4e3a6724e56416cce8b7140f7efa0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17190
last-modified: Wed, 02 Jun 2021 17:19:46 GMT
server: cloudflare
etag: "cfiovDHJY86V8CMG4PokOQtw:63081b5dc4d606bbc40ccb2b847e8596"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=26 c=2039 v=2021.12.0 l=17190
accept-ranges: bytes
cf-ray: 6cd984006a2d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-4.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 13 KB
13 KB 29ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-4.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e33b079461e2f33c554b4899c2e8b818c699fc0e74c536b3decdca06a90d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 13105
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cf2YPA3b4c29SX3QAbOOmVAw:4d302e9ee5cbaea9449cb3f80dc2ca32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=8 c=939 v=2021.12.2 l=13105
accept-ranges: bytes
cf-ray: 6cd984006a3a7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-5.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 15 KB
15 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-5.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c92f05820a6c5de6f808c06e094c636090cbc9b27bbdcddc9f9fa96c119641

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 14993
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cfm9ImjHcd9iisRstmVk9UwQ:637242862131b5699365d543e03db439"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=63 c=1353 v=2022.1.0 l=14993
accept-ranges: bytes
cf-ray: 6cd984007a5d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-6.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 32 KB
32 KB 33ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-6.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb88ab4402fbdc4374d230d9c0961a18c0a72401c72211525e6750412c19da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 32934
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cfBwRalyvTsZ73GVL3H70uyw:8ce776eba677b5ddbd9f8eea5674c1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=2607 v=2022.1.0 l=32934
accept-ranges: bytes
cf-ray: 6cd984008a647150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-7.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 10 KB
10 KB 30ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-7.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d0547e910015cbb7c6afaed1b430f8e5249635ca8650cc3389a171cf83ea31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9747
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cf3NDDTbUAmeAC80SyU4R5Rg:4f93b7b27bfe924a1417639c31d1245f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=1665 c=7555 v=2022.1.0 l=9747
accept-ranges: bytes
cf-ray: 6cd984008a667150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-8.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 10 KB
10 KB 32ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-8.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead782132b9c9a165a21c9e5a3705804d8f44a42b888ab86d65a9b0196da7980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 6c54d5aad34fd574d1282c92c7b7e105.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10326
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cfah7lZmhB2aFFLvfmjwOIpw:501b8e806b5e20428f44fe116e7a59d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=31 c=2532 v=2021.12.0 l=10326
accept-ranges: bytes
cf-ray: 6cd984009a817150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-1.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 30 KB
30 KB 43ms
42ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-1.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b592df762b6f8da4214da6f1a773faf7ac6974617a9d9d5ae216fe5a8eb3cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 30414
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cfYA7g_Cih6BKB08wvThEyNw:2c49dd0d831b12a56451758ed918d395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=11 c=90 v=2021.12.0 l=30414
accept-ranges: bytes
cf-ray: 6cd984009a8b7150-YUL
cf-bgj: imgq:86,h2pri

GET
H2 200 insta-gallery-2.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 18 KB
19 KB 34ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-2.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4895453339f24e72cca491c411f93dcfd3c8e92e43de4d79efa551af2b598f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 3aa2aa1b7b816f70e94675c9a63f98d1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 18832
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cf18V48FtFi8oMb5G-27XUyg:04c01ccde3954ef96128bb4d2e713f29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=965 v=2021.12.0 l=18832
accept-ranges: bytes
cf-ray: 6cd98400baa57150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-3.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 21 KB
22 KB 29ms
28ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-3.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4786aceb6f6d42ee3ff93ea02d9a3db65f4748c615d7fb3064a45f87a4ba79a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 408dd545e3504770874c676e6b00ca24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 21768
last-modified: Fri, 14 Aug 2020 22:48:28 GMT
server: cloudflare
etag: "cfda6aooEForqAwnmMA_FwRA:7f3c54daeba4e5e024d81d713e95b164"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=17 c=2199 v=2021.12.0 l=21768
accept-ranges: bytes
cf-ray: 6cd98400baaa7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2

200

proven-logo-vertical-white.svg
media.provenskincare.com/img/
Redirect Chain

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/proven-logo-vertical-white.svg
https://media.provenskincare.com/img/proven-logo-vertical-white.svg

6 KB
3 KB

19ms
18ms

Image
image/svg+xml

2600:9000:2140:8e00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.provenskincare.com/img/proven-logo-vertical-white.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Server: 2600:9000:2140:8e00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4103f74eb3f5890820772b200a99b29b1c719658aa5a279584c4ed3dca8eba27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: _j2EcbmKo2kQ3iH5YUKtPO5g0nhuXe.l
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 18:23:48 GMT
server: AmazonS3
age: 45435
etag: W/"3fc5d46e2f962d77db47944875fc0a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:34:35 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: VT3WRPkKaSXfIYKjL-9AjysTMfp9ZslRnvz4qRqQ8kN8nGxDt8qcXw==

Redirect headers

date: Fri, 14 Jan 2022 20:11:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://media.provenskincare.com/img/proven-logo-vertical-white.svg
cache-control: max-age=14400
content-security-policy: default-src 'none'
content-length: 67
cf-ray: 6cd98400baaf7150-YUL
cf-resized: err=9412

GET
H2 200 rocket-loader.min.js Show response
provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Jan 2022 19:09:30 GMT
server: cloudflare
etag: W/"61df276a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6cd983fef8487150-YUL
vary: Accept-Encoding
expires: Sun, 16 Jan 2022 20:11:48 GMT

GET
H2 200 main-9300fb3e1f7f7df2f2a1.js Show response
provenskincare.com/dist/ 5 MB
1 MB 156ms
155ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 503de4b22b41d45c9378420536cb91c2b7831ed7bad4c9c7b3d1f2262c43ba48

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 175827
x-powered-by: Express
content-encoding: br
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
etag: W/"155b2f-17e4fb12ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=30
cf-polished: origSize=5521976
cf-ray: 6cd983ff28777150-YUL
cf-bgj: minify

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.81.0/js/ 54 KB
15 KB 107ms
19ms Script
application/javascript 99.84.42.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/3.81.0/js/paypal-checkout.min.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-43.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 13575b73cac87583ac763ca4c7686f8afa32e1073005708e2cbe60c7f6ebb24a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 16:04:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 18:01:44 GMT
server: nginx
age: 14821
etag: W/"61e06908-d972"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: NtOOY6EAGidQ01aCTXjC9kLg_mKhD5BZqaHpX5eYmwpf8GqBpLnm8w==
via: 1.1 df34174e06a3ec2969f1c48a3cd66ca2.cloudfront.net (CloudFront)
expires: Sat, 15 Jan 2022 16:04:48 GMT

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.81.0/js/ 42 KB
13 KB 110ms
22ms Script
application/javascript 99.84.42.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/3.81.0/js/client.min.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-43.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: a38be85daeb6788a0b0516a2f6009b31e418cfa8d1e9b3d52401b467ff622b9a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 14:29:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 18:01:42 GMT
server: nginx
age: 20521
etag: W/"61e06906-a7ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Y824Ei31rnxeL_rHHspmo99a-AxbDAWmxF-SDC1okw6QTzuBFeQB-w==
via: 1.1 df34174e06a3ec2969f1c48a3cd66ca2.cloudfront.net (CloudFront)
expires: Sat, 15 Jan 2022 14:29:48 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 148 KB
45 KB 72ms
19ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d35aa5b5fca843377ae49c8b2fa542a04711c030c8669fd3dbc87e50c5d0982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: M6qpPKyCQ_LNRyLV7UK05dxyLhSL7kqI
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 275
etag: W/"52df7b08bd220f8d80836a2a6fd16714"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:07:14 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: p5e4yy10drIsuugmQbnUKdOyTlWHZ0Z-ExLC8ps1WlpqeaYach9CUQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 95 KB
31 KB 145ms
65ms Script
application/javascript 2607:f8b0:400d:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

111f1700ccb35898fa18b3bbf8eb1d0b0f6e7f744cf9fa6e59e5a2723dd9f20f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vDtoR62nTT9ciyxsTzyxKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-vDtoR62nTT9ciyxsTzyxKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-vDtoR62nTT9ciyxsTzyxKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-vDtoR62nTT9ciyxsTzyxKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:11:49 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 87 KB
35 KB 82ms
34ms Script
application/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WFPZFDT

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0828d2e3bcab33bd2db5aedf65dac5a15d5b8f37bc35a5a76842615731d7f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35210
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 18:24:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 20:11:49 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 69ms
17ms Script
application/x-javascript 13.33.60.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.60.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-60-15.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f2d93058b573566d1970ee894c9b413b6982ac99938f76918e6b7aa109363285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 37661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Fri, 14 Jan 2022 09:44:09 GMT
content-length: 6078
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Dec 2021 17:08:35 GMT
server: AmazonS3
etag: "21f1d42b116ae864b665ab3c395f3e3e"
content-type: application/x-javascript
via: 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
x-amz-cf-id: f0h51sTrJ0oMJmmacqqblLEiwuI4QLw652rCAZ-LuCMSqiC9yaacAQ==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 160 KB
52 KB 110ms
62ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI&libraries=places

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

219b1ad337ad768e5b6585f3ff1eb46edc3161515b72dd4b2a7a19cea5af491f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53303
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:41:49 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 81ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f947a483-536f-4d3d-9dbc-a2c1e93b7423

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MTJ0G9B3HHGQYNJB
x-amz-id-2: /GDIKNp4p/ElbToc86rwWVvqUqOQg2KH8IIGyfC0Oz5UbAm7LQY7MJN7Tqf/zhcSbbtYAKyQuek=
last-modified: Sun, 09 Jan 2022 23:14:59 GMT
server: cloudflare
etag: W/"301f9083ec60c9321ec7789c905c3232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PryZTMyOyweGaFnjwP16GDJImV%2BM81eV1NeiC6LaDOdWhLRtVMzLO%2F7f7gTM9LyosZLqdNDRp9FyQ%2B9KjZAWjc%2Bu9bevyFTIOQCKMI2%2BRifydeUaFOpulnUYVHB9E7i8cEYgJDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: oV93LKh3GEBdpA7a6pYv5Alew2GE593j
cf-ray: 6cd983ff7e42f975-YYZ

GET
H2 200 css
fonts.googleapis.com/ 2 KB
982 B 86ms
35ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abhaya+Libre:400,700&display=swap

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9572cbb0d9a40330cd976ab8242aa56cf8adad6eeb334f64c2ae16e38413e74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 20:11:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 20:11:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 20:11:49 GMT

GET
H2 200 footer-bg-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/footer/ 11 KB
11 KB 32ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/footer/footer-bg-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc0aa0baa04ce717bca8c49aead6b51c9c9fe0d9c03e96a6b14a8d9f962505d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11090
last-modified: Fri, 11 Jun 2021 21:31:15 GMT
server: cloudflare
etag: "cfqKCoNxDz2NJPngtYsmDJaw:67ccfd4963a51cbdfce879926cba2f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=32 c=1402 v=2021.12.0 l=11090
accept-ranges: bytes
cf-ray: 6cd98400cac47150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 brandongrotesque-regular-webfont.woff2
provenskincare.com/dist/ 27 KB
27 KB 147ms
147ms Font
application/font-woff2 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/brandongrotesque-regular-webfont.woff2
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 970b41c7b91e24fdedd379e95edddece68399a53af803e2c9ab314f38410f681

Request headers

Referer: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
etag: W/"6cd4-17e4fb12ed8"
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
age: 2542
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000, s-maxage=30
accept-ranges: bytes
cf-ray: 6cd98400cabd7150-YUL
content-length: 27860

GET
H2 200 brandongrotesque-bold-webfont.woff2
provenskincare.com/dist/ 28 KB
28 KB 146ms
146ms Font
application/font-woff2 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/brandongrotesque-bold-webfont.woff2
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3808d783c90f7e80499abbd3aa363157574df658c7820ababb64d391588af368

Request headers

Referer: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
etag: W/"6e2c-17e4fb12ed8"
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
age: 2542
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000, s-maxage=30
accept-ranges: bytes
cf-ray: 6cd98400cabe7150-YUL
content-length: 28204

GET
H2 200 brandongrotesque-medium-webfont.woff2
provenskincare.com/dist/ 28 KB
28 KB 169ms
168ms Font
application/font-woff2 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/brandongrotesque-medium-webfont.woff2
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 39ccf43a0ed08d642d45708e5756cfe20c94519a3061137988a97c0c7f53ecbe

Request headers

Referer: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
etag: W/"6f80-17e4fb12ed8"
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
age: 2542
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000, s-maxage=30
accept-ranges: bytes
cf-ray: 6cd98400cac07150-YUL
content-length: 28544

GET
H2 200 e3t5euGtX-Co5MNzeAOqinEYx2zCrdZJ.woff2
fonts.gstatic.com/s/abhayalibre/v6/ 21 KB
21 KB 68ms
19ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abhayalibre/v6/e3t5euGtX-Co5MNzeAOqinEYx2zCrdZJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Abhaya+Libre:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d3a86cd3fe9595d44b74dfb4b784b4d21bd6c7f23ddb2c0d2397c895993ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 07:55:18 GMT
x-content-type-options: nosniff
age: 562591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21084
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:00:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 08 Jan 2023 07:55:18 GMT

GET
H2 200 brandongrotesque-black-webfont.woff
provenskincare.com/dist/ 35 KB
35 KB 175ms
175ms Font
application/font-woff 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provenskincare.com/dist/brandongrotesque-black-webfont.woff
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e68f416becae43969e3298824f3b733a0ed2ce56ee6c6416e34162f80c7dd278

Request headers

Referer: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cd98400cac17150-YUL
date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 vegur
etag: W/"8c54-17e4fb12ed8"
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 19:08:39 GMT
server: cloudflare
age: 2542
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=31536000, s-maxage=30
content-encoding: br

GET
H2 200 e3t5euGtX-Co5MNzeAOqinEYo23CrdZJyIU9BQ.woff2
fonts.gstatic.com/s/abhayalibre/v6/ 12 KB
12 KB 83ms
35ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abhayalibre/v6/e3t5euGtX-Co5MNzeAOqinEYo23CrdZJyIU9BQ.woff2

Requested by

Host: dl7bo1dy930sf.cloudfront.net
URL: https://dl7bo1dy930sf.cloudfront.net/styles/fonts/abhaya-libre-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff8c269f434418e8978782f1bad54f77c7708bca7c1a00505504de6ff6918ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl7bo1dy930sf.cloudfront.net/
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:00:25 GMT
x-content-type-options: nosniff
age: 25884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12532
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:17:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:00:25 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/ 415 KB
83 KB 100ms
30ms Script
text/javascript 143.204.144.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.144.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-144-83.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22da86dc82b90066474e9ef15261b48aabafbdd077c9e30958a1d76d8013cd28

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: YDsxWtLF6U5RZ5ogDl0rpnhv1VI3N4xc
content-encoding: gzip
etag: W/"d5cb0856c4d84d0915d49b4001094d43"
x-amz-cf-pop: EWR52-C2
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 18:10:18 GMT
server: AmazonS3
date: Fri, 14 Jan 2022 20:11:49 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: Ck_-_L53hdngYIZ1udo3uHgOYd_rjADsfYALq-sA4AbSSs5Vp2_Gcg==

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 84ms
56ms XHR
application/json 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://provenskincare.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 heap-3880160878.js Show response
cdn.heapanalytics.com/js/ 104 KB
41 KB 118ms
54ms Script
application/javascript 99.84.125.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3880160878.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.125.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-125-30.ewr52.r.cloudfront.net

Software

nginx /

Resource Hash

01c7d9e2c8e60ef039fbb17f02c55cec82a8540a824c1bd6ae1876c3c579c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: EWR52-C3
etag: W/"1a1e2-95MLcdEcdNlYkj9XoW7ywQ"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b45a69a5045b8813964c4110841f77f6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: CTLa7DCpu3JIaT20JduYiNrXzywc-qNeRNgOv-XVeNc746Ubs4l1hw==

GET
H2 200 f947a483-536f-4d3d-9dbc-a2c1e93b7423 Show response
ekr.zdassets.com/compose/ 407 B
1002 B 380ms
319ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f947a483-536f-4d3d-9dbc-a2c1e93b7423

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f947a483-536f-4d3d-9dbc-a2c1e93b7423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf50c74c392471fbab3bcfd8da9e538c52ed24440df85c1a589743ab59d9a856

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: f730fbed-2d9f-4487-af00-c58d903eb575
x-runtime: 0.002680
server: cloudflare
etag: W/"cf50c74c392471fbab3bcfd8da9e538c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFKJJUNk6REUzFeamlrM07CsNwOZces9JeVAY0YK7O8HOJ7PYoeB0tCNuY1A71EvH%2FTMt7vyxRC1yuXBMHGA8XsZsWWbiYjCc3bC4XLdZbCJAUbZTM3wt9qJm21kbit1bd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6cd984034d9e3fcd-YYZ

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C7EB 17 KB
7 KB 81ms
81ms Document
text/html 2607:f8b0:400d:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fprovenskincare.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fde26f4ce2a45a2fea532919f69241588020baf9539db40ccdaa6fd32d561b9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-b0ydib4emdw5/FEyNnlCag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-b0ydib4emdw5/FEyNnlCag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Fri, 14 Jan 2022 20:11:49 GMT
date: Fri, 14 Jan 2022 20:11:49 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-b0ydib4emdw5/FEyNnlCag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-b0ydib4emdw5/FEyNnlCag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widget.js Show response
staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/ 447 KB
120 KB 71ms
24ms Script
text/javascript 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.js

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

dce63fa8d984cd8f22973cd72c8c690e83ffa1a0066f00097c1797886897ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=2
vary: Accept-Encoding
content-length: 122566
x-xss-protection: 1; mode=block
x-request-id: f3951d651b5087f8698d888ce9b535e4
x-runtime: 0.020127
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"2611fd41ca0496d51ab3d47a490c8ef8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7809
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 0-d0d07a1ccb393c1835b4.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 22ms
21ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: mSS5jcuvxs3RInLENzzr9pqHrIyebGqf
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Dec 2021 08:55:27 GMT
server: AmazonS3
age: 155
etag: W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:09:24 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: NBw7ByJMPFvEvKFRwLBbMdFcwC3Z-uMDOsBQA4Lmr3uB3CodmDaC-w==

GET
H2 200 60-8e0ff7a6273c5bf6d141.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 25ms
24ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/60-8e0ff7a6273c5bf6d141.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d19f713af09d0f36be4d9eb4e41fe80108e21e0490b3ea1ea90df73bd35f26d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: JoerSkvcVyqhbdKw2l8qz7_fRNsipZTW
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 68
etag: W/"018f33c5c61dd46612adcf7579cc55e4"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:10:41 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: QaQzsBGHGks4q_oHGAwcBYKKFKy-cLpdknkGfU1S5NLvcMXgbyalwQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 207ms
128ms Script
application/javascript 23.223.26.190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.26.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-26-190.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 798dbceb.90ced117
date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642191109761419
x-cache: TCP_MISS from a23-223-25-190.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 110,23.223.25.190
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=29, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022011420114901011300616509567834
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.137
x-tt-trace-host: 01c023061f99b6bc1ee14794adc831dd78e28092f6675d0191103536c716e4a2c5a96de761267bfd3614889641cf394cdfa43aaabf3abe3f7d681b2142e10a87c5564eb9996cb9c340257c076fc2a56e28ab785c7005227f821e5549adcacb9b5db8938be85a5f1af29331bbe45591fd21
expires: Fri, 14 Jan 2022 20:11:49 GMT

POST
H2 200 geolocate Show response
www.googleapis.com/geolocation/v1/ 103 B
172 B 125ms
69ms Fetch
application/json 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cc58a8fbf2661b1209870c1878576fc94b183130d2aae962914cfb13e19f4827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://provenskincare.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 105
x-xss-protection: 0

GET
H2 200 animation.css
js.chargebee.com/v2/ 758 B
1 KB 18ms
17ms Stylesheet
text/css 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ikeIZQ.nqBoZ6zU6LtB_FzVx5ZPQ1cVf
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 08:55:27 GMT
server: AmazonS3
age: 135
etag: "f8a79fc47c28375628855b4c78ff6f85"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:09:35 GMT
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 758
x-amz-cf-id: khe58YOHVciHZsW81rMyAt9NUqXeCII858z37jZimsHE7PnvOWBkNg==

OPTIONS
H/1.1 204
No Content products
proven-pay-production.herokuapp.com/ Frame 0
0 100ms
28ms Preflight 23.22.144.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-pay-production.herokuapp.com/products?version=current
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.144.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-144-165.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://provenskincare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,If-None-Match
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Date: Fri, 14 Jan 2022 20:11:49 GMT
Via: 1.1 vegur

OPTIONS
H/1.1 200
OK questions
proven-api-production.herokuapp.com/api/ Frame 0
0 69ms
30ms Preflight 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://provenskincare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,If-None-Match
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Content-Length: 0
Date: Fri, 14 Jan 2022 20:11:49 GMT
Via: 1.1 vegur

POST
H2 200 geolocate Show response
www.googleapis.com/geolocation/v1/ 103 B
534 B 93ms
61ms Fetch
application/json 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cc58a8fbf2661b1209870c1878576fc94b183130d2aae962914cfb13e19f4827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://provenskincare.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 105
x-xss-protection: 0

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 45 KB
8 KB 142ms
51ms XHR
application/json 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: cce88e8655deefbbd13f3ee0c21297fc2ea7755ca91a7397a4801e50075502e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:49 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

GET
H/1.1 200
OK products Show response
proven-pay-production.herokuapp.com/ 6 KB
2 KB 130ms
40ms XHR
application/json 23.22.144.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-pay-production.herokuapp.com/products?version=current
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.144.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-144-165.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: d766d7ed26fc5d52adf1b663396c94c135d0cd3e8ee6a7e9e94435693ffca0b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:49 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

GET
H2 200 v3-logo-vertical.svg
dl7bo1dy930sf.cloudfront.net/img/ 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/v3-logo-vertical.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1856b8056e8ee3cdb276ab7312950c665ca5fb0c76e7649a5de044af8d9c0d78

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:07:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 21:55:00 GMT
server: AmazonS3
age: 43459
etag: W/"aa0b555c5db10d003bf03bce9e5e05b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yMkxJLAK730XXjpIqvphgEBuxRiHJfoM
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-type: image/svg+xml
x-amz-cf-id: k5v8A4jwCTcXm7EB1FEBgHUi60p-JkOAiDh-VlbAqrskz5DLO-pciQ==

GET
H2 200 hp-v1hero-bottle-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/ 55 KB
56 KB 32ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bottle-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc8d796bba7a68f4bacd7c532169d69b78b38b473768695f194bc576b5a0fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 56770
last-modified: Mon, 26 Apr 2021 18:22:00 GMT
server: cloudflare
etag: "cf9_nVsvgD9YU6_Q7P5dSZ0A:9f5962d5a31419b4e88d0f79ebd95045"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=37 c=1231 v=2021.12.0 l=56770
accept-ranges: bytes
cf-ray: 6cd9840488187150-YUL
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK products Show response
proven-pay-production.herokuapp.com/ 6 KB
2 KB 46ms
45ms XHR
application/json 23.22.144.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-pay-production.herokuapp.com/products?version=current
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.144.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-144-165.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: d766d7ed26fc5d52adf1b663396c94c135d0cd3e8ee6a7e9e94435693ffca0b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Authorization: [object Object]
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:49 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

GET
H2 200 vogue-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 2 KB
2 KB 31ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/vogue-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5391d40e1889ecb9b36fad23734c6fe45d50569ee8a8aae1da8d794b8214559e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 79f9fb603ee37517dbf3cd108c449392.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 1596
last-modified: Wed, 06 May 2020 00:07:04 GMT
server: cloudflare
etag: "cfFVBDN-vjI57D7inThMQuow:54d8d15029030dbb33cfaada09a5df0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=3 c=371 v=2021.12.2 l=1596
accept-ranges: bytes
cf-ray: 6cd98404b8507150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 new-york-times-grey-icon.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 8 KB
8 KB 35ms
35ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/new-york-times-grey-icon.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0043b74cad3af5be4da76dba7f7bbdb124d7d93998314b19355cae3d1b98ab3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7837
last-modified: Fri, 13 Mar 2020 23:57:41 GMT
server: cloudflare
etag: "cfmukeJ9c1eMB-4z-xyygYPw:03bdf7f79104fba62b8963c81193e44a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=41 c=616 v=2021.12.2 l=7837
accept-ranges: bytes
cf-ray: 6cd98404b8527150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 sharktank-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 2 KB
2 KB 35ms
34ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/sharktank-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35650671d8c7af59f8492d2dd872e86d613cf578a5ef04b7c984a112601b7ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2071
last-modified: Thu, 07 May 2020 17:45:14 GMT
server: cloudflare
etag: "cfc3MMcAaV9xblfp6Oi_pLjA:df447bfbfe8d168ace78b5bfbdca53bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=29 c=320 v=2021.12.2 l=2071
accept-ranges: bytes
cf-ray: 6cd98404b8547150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 allure-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 34ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/allure-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c0b4e50d63eddc4a075efc74fd39728f0cbeb166f41a17f41a20e0528772fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2669
last-modified: Wed, 06 May 2020 00:07:04 GMT
server: cloudflare
etag: "cfNxA5GtkM_0g6E1QfRmkqcg:408ffbe1ea6fed66934308889a0f41a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=8 c=305 v=2021.12.0 l=2669
accept-ranges: bytes
cf-ray: 6cd98404b8557150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 the-wall-street-journal-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 6 KB
6 KB 31ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/the-wall-street-journal-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8597f4191e4ec7dc45f83c7bafd46f850b3a910845df8038c350ee52a2699c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 a123807296d8a3060657bb737260f995.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6234
last-modified: Wed, 29 Apr 2020 23:58:36 GMT
server: cloudflare
etag: "cf00hn21eEHD6K8vNvH7Pbyw:a805fc3e53490f09779bb366ba632887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=42 c=702 v=2021.12.2 l=6234
accept-ranges: bytes
cf-ray: 6cd98404b8567150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 refinery29-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 4 KB
4 KB 34ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/refinery29-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bffda250847d12895f943833068ceb90239ad1170edc1673232ba4aa5d1f95fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 3846
last-modified: Wed, 29 Apr 2020 23:58:36 GMT
server: cloudflare
etag: "cf_U029s_ORhhU89xGsW6tJw:6f53e818cb873e8554fe4412aff8b7b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=22 c=343 v=2021.12.2 l=3846
accept-ranges: bytes
cf-ray: 6cd98404b85f7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 cnbc-grey-icons.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 50ms
38ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/cnbc-grey-icons.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78f0de56a931c6189b4aff0b2c9f78d3a263fb9c9aa970107115880701cb33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2645
last-modified: Fri, 13 Mar 2020 23:57:41 GMT
server: cloudflare
etag: "cfc99ryb_af4jC0258pRMEAg:7905f6d8b95d98bf69b3a67afc51f2e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=20 c=295 v=2021.12.2 l=2645
accept-ranges: bytes
cf-ray: 6cd98404f8fe7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 people-gray-logo.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 44ms
40ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/people-gray-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463d51a0ec0a4b4165898851fe1e9e5a1d3dcb1a80c9277493d03cf23a40249d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 3042
last-modified: Thu, 07 May 2020 17:43:28 GMT
server: cloudflare
etag: "cfzW5CXFcUUX39UT-aVcVv0w:e1f5536672938ccbc020a5c8fbf876f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=32 c=288 v=2021.12.0 l=3042
accept-ranges: bytes
cf-ray: 6cd98404f8ff7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you1-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 12 KB
13 KB 48ms
45ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you1-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9d70a3b0890d85eb0631d030b668a4f645cfb3ac8a7ea7450578aa61fcd0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 12783
last-modified: Thu, 15 Apr 2021 22:08:56 GMT
server: cloudflare
etag: "cf9N81RwU7ybpbQ-PsbC5Ylg:066c05355d898a8e52c96e2e90d05c14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=24 c=1237 v=2021.12.2 l=12783
accept-ranges: bytes
cf-ray: 6cd98404f9027150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 arbutin.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 27 KB
27 KB 44ms
41ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/arbutin.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf86938f783674210545999b5d6da96254cc4b21eb047224fb7f329f78ed165e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 759533d02225fb7e951ea4dc2b01fd49.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 27687
last-modified: Fri, 03 Jan 2020 02:41:40 GMT
server: cloudflare
etag: "cfu-Mo5UGM_Hix_fqLIiBX8w:c6017d6bace0eec87dce66ec03e3d9e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=53 c=1605 v=2021.12.2 l=27687
accept-ranges: bytes
cf-ray: 6cd98404f9037150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Kojic-Acid-Mulberry-Extract-Tranexamic-Acid.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 68 KB
69 KB 48ms
46ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Kojic-Acid-Mulberry-Extract-Tranexamic-Acid.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cdaf93cd259a149c5670940aea586693e79fc0bbd89aa68a5fa2a417dc5ce3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 e11cadb582e1707cafaebffffaca42e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 70003
last-modified: Fri, 03 Jan 2020 02:41:46 GMT
server: cloudflare
etag: "cf3Fa_L2IUkkagcUU5e7t2JQ:68de42b0c5c28aa6d41bb38fc4a4ddce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=65 c=613 v=2021.12.2 l=70003
accept-ranges: bytes
cf-ray: 6cd98404f9057150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Pomegranate-Extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 62 KB
62 KB 44ms
42ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Pomegranate-Extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74502e391a9b59078e74d5cf98edf5b23e753b5590403f2dd114465bb74f382f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 63467
last-modified: Fri, 03 Jan 2020 02:41:49 GMT
server: cloudflare
etag: "cfBeqlNY1AORBreiBVq30wiQ:7d4bd5de13093ffef10ca9988161e888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=28 c=1580 v=2021.12.2 l=63467
accept-ranges: bytes
cf-ray: 6cd98404f9077150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you2-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 11 KB
11 KB 35ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you2-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc55abf8746b56b4914bcda65d9f2cc61ee1e3ea7818436ca1a6277bd5ad6897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11242
last-modified: Thu, 15 Apr 2021 22:08:57 GMT
server: cloudflare
etag: "cfZGx8Nq_Zgp2Z5NiltzNSDg:736e6c0ef61db674342ad9112178fd45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=53 c=587 v=2022.1.0 l=11242
accept-ranges: bytes
cf-ray: 6cd98405496e7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Granactive-Retinol.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 12 KB
12 KB 35ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Granactive-Retinol.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8fbe469cdfb876e22024445f3c9d376025120f106365db02551a34d40d9b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 12096
last-modified: Fri, 03 Jan 2020 02:41:44 GMT
server: cloudflare
etag: "cfTR9CvHRZk7D7DwJJrB1ybw:b51d432992e5fb204994d45147a1e45e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=27 c=1183 v=2021.12.0 l=12096
accept-ranges: bytes
cf-ray: 6cd98405496f7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Ubiquinone-CoQ10.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 17 KB
17 KB 34ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Ubiquinone-CoQ10.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a455bed92688ecb0154949056602cd05e3935a1477b9a4c9977ce4babbd4884

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17576
last-modified: Fri, 03 Jan 2020 02:41:53 GMT
server: cloudflare
etag: "cffvfi6SsV7LkolC9VSlf8AA:7fb489b1e392207243743c6926e21f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=69 c=1801 v=2022.1.0 l=17576
accept-ranges: bytes
cf-ray: 6cd9840549707150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Curcumin-Extract-turmeric-extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 65 KB
66 KB 34ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Curcumin-Extract-turmeric-extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331f8cefac801437eff2724b5d79232460c02abef59b39e1b03ce594e188759d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 42f2de9d3efb503e7960e52396f998c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 67032
last-modified: Fri, 03 Jan 2020 02:41:43 GMT
server: cloudflare
etag: "cfEATOEmM9G9pun2Ob5yTTLQ:131107b8c89deebfee45b7adcec249e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=15 c=2854 v=2021.12.2 l=67032
accept-ranges: bytes
cf-ray: 6cd9840549767150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 analyze-you3-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 9 KB
10 KB 37ms
35ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/analyze-you3-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697244d1fd188b3bd6e08eb73be45a40f3d6d1758c58e8844fd60fe549955f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9519
last-modified: Thu, 15 Apr 2021 22:08:57 GMT
server: cloudflare
etag: "cfQrVQXftg3X98Q6UDmL_3Kg:152b240512d66b9fb0e29fca091396ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=37 c=1515 v=2022.1.0 l=9519
accept-ranges: bytes
cf-ray: 6cd9840549777150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Tasmanian-Pepper.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 39 KB
40 KB 35ms
35ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Tasmanian-Pepper.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0966ed1f296de66dbc09c654a601629cc878b24c3dffe37ccc59ababc28741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 40392
last-modified: Fri, 03 Jan 2020 02:41:53 GMT
server: cloudflare
etag: "cf8pK54kIg0BX_Gi4vMnaGZw:e6085926b68ca523e959949b6f97a6ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=122 c=1758 v=2022.1.0 l=40392
accept-ranges: bytes
cf-ray: 6cd98405497b7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 arnica-montana-flower-extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 170 KB
170 KB 42ms
41ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/arnica-montana-flower-extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ae4be9138eed8e081745279e0be0307abbb4a03ef235a1c182b737024acba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 110142bfecf028552c3361846a29130b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 174040
last-modified: Fri, 03 Jan 2020 02:41:40 GMT
server: cloudflare
etag: "cfQjR4He3M63YW4lZjKgbt2Q:1c564fc405e4c2ba86291ef1d2729a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=265 v=2021.12.2 l=174040
accept-ranges: bytes
cf-ray: 6cd9840579c57150-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 Calendula.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 42 KB
42 KB 40ms
39ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Calendula.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971f352db21fcdb192853ac6d7f1e9e465bad56d869ab59d46afed122c07ef6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 43176
last-modified: Fri, 03 Jan 2020 02:41:42 GMT
server: cloudflare
etag: "cf-0pUo0TELsHFXVsE_38N_A:75a2bd60398fe3e05fec4e2fd2e3ec8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=104 c=1859 v=2021.12.0 l=43176
accept-ranges: bytes
cf-ray: 6cd9840579c77150-YUL
cf-bgj: imgq:85,h2pri

GET
H2

200

bg-green-icon2.svg
media.provenskincare.com/img/quiz/
Redirect Chain

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
https://media.provenskincare.com/img/quiz/bg-green-icon2.svg

1 KB
1 KB

22ms
22ms

Image
image/svg+xml

2600:9000:2140:8e00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
Protocol: H2
Server: 2600:9000:2140:8e00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8204b4f84cbe1a7f594e9451f83f1901d0f6fc5f107c81221b8c42ba7f2cb2dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: I69vs4SPh4tRal6JML9WXyBHzNLcgOzF
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 00:22:36 GMT
server: AmazonS3
age: 44080
etag: W/"84759cf224a63aef00a393aba046bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:57:11 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: 9hBmUqJ7Ysi2HWBg8LVApTWckNY0NQaBlcdRHdOUuj-enbxHWSwq4A==

Redirect headers

date: Fri, 14 Jan 2022 20:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://media.provenskincare.com/img/quiz/bg-green-icon2.svg
cache-control: max-age=14400
content-security-policy: default-src 'none'
content-length: 60
cf-ray: 6cd9840579c87150-YUL
cf-resized: err=9412

GET
H2 200 personalized-image-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 35 KB
36 KB 33ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/personalized-image-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09045dcf1f0753839f4886b822ced8c75c47cccdd47e85cec848dc8f30ab9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 36248
last-modified: Mon, 04 Jan 2021 18:04:09 GMT
server: cloudflare
etag: "cfc5JBx0gCzLYeywQRkCXDKQ:d1060c39987be05db51636cb31607033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=445 v=2021.12.0 l=36248
accept-ranges: bytes
cf-ray: 6cd9840589d57150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 desktop-section2-image.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 50 KB
51 KB 40ms
39ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/desktop-section2-image.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b1630a6723f0de568e878db5e53e0e0df494cffa3622dc4f782fba1d760921

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 51502
last-modified: Fri, 06 Mar 2020 18:22:13 GMT
server: cloudflare
etag: "cfLrE_7PMLkeWtYHv7VCEHmA:7ee9c9c4ae2b138271ae8fc792c994d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=34 c=709 v=2021.12.2 l=51502
accept-ranges: bytes
cf-ray: 6cd9840589d77150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 simplified-image-desktop.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 100 KB
100 KB 41ms
40ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/simplified-image-desktop.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443bb2805b80c1ef2fce6745d430010bba949826914b18a4d31259598dad928e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 102094
last-modified: Fri, 14 Aug 2020 23:05:11 GMT
server: cloudflare
etag: "cfvLQrirBBiBVKKofLp4Nv-A:1ab2e3b25e6428c0a7942ca79d132787"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=49 c=918 v=2022.1.0 l=102094
accept-ranges: bytes
cf-ray: 6cd9840589d97150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 section4-jarIngredient.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 75 KB
75 KB 46ms
42ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/section4-jarIngredient.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ed976a4724709fcaf7ff3bdbcbb53b85e52705907714e94344053ae921c2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 76356
last-modified: Mon, 03 Aug 2020 22:52:45 GMT
server: cloudflare
etag: "cfPv_UkPWB2xuFMDjo6CLM1Q:7350afc8df4b084519d3e3d54169ec5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=1015 v=2021.12.0 l=76356
accept-ranges: bytes
cf-ray: 6cd98405ba637150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Vitamin-C-Stabalized-Active.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 58 KB
58 KB 35ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Vitamin-C-Stabalized-Active.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4657ba75aee330df7c2711a7bda9634b2e66acfc89fce056044cb9e81b1566c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 59210
last-modified: Fri, 03 Jan 2020 02:41:54 GMT
server: cloudflare
etag: "cfGIZW3IjHMfT6tjZdnFSZow:8873d7ca32717f1be50374571c296909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=15 c=751 v=2021.12.2 l=59210
accept-ranges: bytes
cf-ray: 6cd98405ba647150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 Green-Tea-Extract.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/ 67 KB
67 KB 37ms
35ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/results/ingredient-images/Green-Tea-Extract.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c005506a752bcbe41277a2a85a40d4e0c2a9adf7584141696cd80be1e3493322

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 75e95d402c844985152ed9360801af07.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 68548
last-modified: Fri, 03 Jan 2020 02:41:45 GMT
server: cloudflare
etag: "cfO96GjnktKl3vRWI-Gbqqxw:b0b2ea55748c989a7aad8319d12182b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=34 c=3420 v=2021.12.2 l=68548
accept-ranges: bytes
cf-ray: 6cd98405ca7b7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 softer2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 8 KB
4 KB 20ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/softer2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77b116309a3a18dcd1ddc9bca96398428ef69ab83d79f368fe001579df507ce8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: .o41y3mAOOfdeA1UGy17D7XUhvIL3kDo
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 44080
etag: W/"863c591d10b7c11739c6b6582f8881b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 09:26:09 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: gNA8WWC7ImzffKOrcvUSVtznVhGZSJrOcEJzlz2nmUPjLyYWcascfQ==

GET
H2 200 smoother2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
4 KB 20ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/smoother2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2d5dbf4a954c67f09ec38a9bf867fcc61772a3d7ba5e0fa99b1c1683c24c948

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Xd2kRh3oZnQ0fwLGo3pbDeuLX5liArfG
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 30152
etag: W/"2b74d4cc5f0d8ef82dbf1ba88901df39"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 11:50:32 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: HRxQnRRKsDhxS4Rw_iFCAWYjbFM0lODHLS48OHPb0G-pEzU-i_ybcQ==

GET
H2 200 brighter2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 9 KB
4 KB 19ms
17ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/brighter2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5cced06008892d3601bc8481951aa99952439a21f551c5e8b27909644c7fd27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: taA8aQqx8Ziyci_V8u4xYh.yXyFKHCad
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:21:52 GMT
server: AmazonS3
age: 35511
etag: W/"e91d952027d72a74cd1f99e6bd312735"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 11:15:12 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: M_U3kGw49HEr5eZaZgONlbetvoA5dhlRYG3oTd_0iL7_QN6gUEOnoQ==

GET
H2 200 cruelty-free2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
3 KB 21ms
19ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/cruelty-free2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33d5c0e489c5fc032ebb1f3db66f5e9aa469d35c8e100e3474d3f17214add149

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: BihlYvMDJ8BAsPSI76M7Hkzr2aBt4HlS
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 37528
etag: W/"30553c7e1f0ba78c7e510856c1825aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 09:46:22 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: kUWxzKIMrwSOSnp6CWOqf_Bio3mhecrO7-1B79YickJ15UxN6x3lvg==

GET
H2 200 clean-beauty2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 9 KB
5 KB 22ms
20ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/clean-beauty2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 646758145804d42d7b524f868a1b002963b79c1d477b7ce565b860147100efbf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: JCZwDh7FEWyadHg1HocvUvO54I__nXUf
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 44080
etag: W/"bb1e2a349df9dda21a8ed7bfbb97793c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:57:10 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: J4F-jspRIlTk4HxcKdEg6Rl7i5JoNgDHxwY-MZHfvIJpZFgApZUf5A==

GET
H2 200 made-in-usa2-icon.svg
dl7bo1dy930sf.cloudfront.net/img/home/phil/ 7 KB
4 KB 22ms
20ms Image
image/svg+xml 2600:9000:2140:dc00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7bo1dy930sf.cloudfront.net/img/home/phil/made-in-usa2-icon.svg
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:dc00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12ad863b1233abbc6e8e0b4789705b548baf510f8f83b9c0e88c1bd00c079b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:24:13 GMT
content-encoding: gzip
last-modified: Mon, 18 May 2020 23:23:51 GMT
server: AmazonS3
age: 38857
etag: W/"f46c7809053526e1c50443c1dc52804e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 602d3pnn7I9Zu8uo36bP36lT.a1T4yGi
via: 1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-type: image/svg+xml
x-amz-cf-id: 0TLL6c8Ghb3ANMyOxdb1M7bd7Z7v6AtojY0cl_t8gxxh2gdsKa5-fw==

GET
H2 200 amy-in-lab-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 43 KB
44 KB 40ms
38ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/amy-in-lab-desktop.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4f5d12cffdfafbd897c94cbf0525fd831ee721068a876a8ab07d62df7971bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 44292
last-modified: Mon, 03 Aug 2020 23:34:54 GMT
server: cloudflare
etag: "cfcm8p_tJYJPXMtgqEDJurLg:e331dd71dfaf2a1a80213e9ee50d35cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=39 c=1345 v=2022.1.0 l=44292
accept-ranges: bytes
cf-ray: 6cd98405ca7d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 amy-signiture.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 3 KB
3 KB 38ms
37ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/amy-signiture.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa7fda767d7b6ae61ae9904d0579635516707f568aec59c52223d0334dbc597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 a35229400ee2bfea0d760fa6dd2467b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2836
last-modified: Fri, 14 Aug 2020 22:51:11 GMT
server: cloudflare
etag: "cfAsQ6SbRsf8aqsaRQtT9CNA:941f8823cf1ff162f0fe531c7fecbd86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=123 c=6 v=2021.12.0 l=2836
accept-ranges: bytes
cf-ray: 6cd98405ca7f7150-YUL
cf-bgj: imgq:100,h2pri

GET
H2 200 yuan.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 29ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/yuan.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2368d86f3e6647bf945f0543fef72a3f311cf4f1f83daf62d3ab6b43b04a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 6c54d5aad34fd574d1282c92c7b7e105.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8246
last-modified: Fri, 30 Aug 2019 23:02:14 GMT
server: cloudflare
etag: "cfpqzWzYYdUCommhSTxGSaiw:348ce0945a35a2d8c2b70d8800313fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=39 c=900 v=2021.12.0 l=8246
accept-ranges: bytes
cf-ray: 6cd98405fac47150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 hollmig.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 48ms
43ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/hollmig.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d5f4da3e334515d5cddcbd566bf99f948c8e83af2ef6bc579368421b02ab8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8090
last-modified: Mon, 03 Aug 2020 22:46:53 GMT
server: cloudflare
etag: "cf4rM4zei3jf_wVwcIOBPDuQ:5fca245c37efd6a032258b5c404c07fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=31 c=719 v=2021.12.0 l=8090
accept-ranges: bytes
cf-ray: 6cd984060adb7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 conley.png
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 8 KB
8 KB 32ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/conley.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a760b4c60ab075c6eb7f9efa51d7ac8204abd608154e4799c76030c9c14ecd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 03e4d3b42a136dd5df035a167106f809.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8071
last-modified: Mon, 03 Aug 2020 22:46:53 GMT
server: cloudflare
etag: "cf23o0rquyxyBv1i0M5bMcVA:cebba51df531d91bc47c2380caa218ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=28 c=667 v=2021.12.2 l=8071
accept-ranges: bytes
cf-ray: 6cd984060adf7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 its-about-time-img-desktop2.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/ 17 KB
17 KB 34ms
33ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/its-about-time-img-desktop2.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eebfd0782dc876c3f1898ac926a079ad4e3a6724e56416cce8b7140f7efa0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17190
last-modified: Wed, 02 Jun 2021 17:19:46 GMT
server: cloudflare
etag: "cfiovDHJY86V8CMG4PokOQtw:63081b5dc4d606bbc40ccb2b847e8596"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=26 c=2039 v=2021.12.0 l=17190
accept-ranges: bytes
cf-ray: 6cd984060ae07150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-4.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 13 KB
13 KB 33ms
32ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-4.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e33b079461e2f33c554b4899c2e8b818c699fc0e74c536b3decdca06a90d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 13105
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cf2YPA3b4c29SX3QAbOOmVAw:4d302e9ee5cbaea9449cb3f80dc2ca32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=8 c=939 v=2021.12.2 l=13105
accept-ranges: bytes
cf-ray: 6cd984060ae17150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-5.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 15 KB
15 KB 34ms
34ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-5.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c92f05820a6c5de6f808c06e094c636090cbc9b27bbdcddc9f9fa96c119641

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 14993
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cfm9ImjHcd9iisRstmVk9UwQ:637242862131b5699365d543e03db439"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=63 c=1353 v=2022.1.0 l=14993
accept-ranges: bytes
cf-ray: 6cd984062b1f7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-6.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 32 KB
32 KB 32ms
31ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-6.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb88ab4402fbdc4374d230d9c0961a18c0a72401c72211525e6750412c19da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 32934
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cfBwRalyvTsZ73GVL3H70uyw:8ce776eba677b5ddbd9f8eea5674c1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=2607 v=2022.1.0 l=32934
accept-ranges: bytes
cf-ray: 6cd984063b307150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-7.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 10 KB
10 KB 32ms
30ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-7.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d0547e910015cbb7c6afaed1b430f8e5249635ca8650cc3389a171cf83ea31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9747
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cf3NDDTbUAmeAC80SyU4R5Rg:4f93b7b27bfe924a1417639c31d1245f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=1665 c=7555 v=2022.1.0 l=9747
accept-ranges: bytes
cf-ray: 6cd984063b3c7150-YUL
cf-bgj: imgq:85,h2pri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-8.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead782132b9c9a165a21c9e5a3705804d8f44a42b888ab86d65a9b0196da7980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 6c54d5aad34fd574d1282c92c7b7e105.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10326
last-modified: Tue, 04 Aug 2020 00:08:28 GMT
server: cloudflare
etag: "cfah7lZmhB2aFFLvfmjwOIpw:501b8e806b5e20428f44fe116e7a59d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=31 c=2532 v=2021.12.0 l=10326
accept-ranges: bytes
cf-ray: 6cd984064b3e7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-1.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 30 KB
30 KB 33ms
33ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-1.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b592df762b6f8da4214da6f1a773faf7ac6974617a9d9d5ae216fe5a8eb3cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 30414
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cfYA7g_Cih6BKB08wvThEyNw:2c49dd0d831b12a56451758ed918d395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=11 c=90 v=2021.12.0 l=30414
accept-ranges: bytes
cf-ray: 6cd984064b637150-YUL
cf-bgj: imgq:86,h2pri

GET
H2 200 insta-gallery-2.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 18 KB
19 KB 30ms
29ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-2.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4895453339f24e72cca491c411f93dcfd3c8e92e43de4d79efa551af2b598f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 3aa2aa1b7b816f70e94675c9a63f98d1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 18832
last-modified: Tue, 04 Aug 2020 00:08:26 GMT
server: cloudflare
etag: "cf18V48FtFi8oMb5G-27XUyg:04c01ccde3954ef96128bb4d2e713f29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=17 c=965 v=2021.12.0 l=18832
accept-ranges: bytes
cf-ray: 6cd984065b7d7150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 insta-gallery-3.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/ 21 KB
22 KB 35ms
34ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/phil/insta-gallery-3.jpg

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4786aceb6f6d42ee3ff93ea02d9a3db65f4748c615d7fb3064a45f87a4ba79a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 408dd545e3504770874c676e6b00ca24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 21768
last-modified: Fri, 14 Aug 2020 22:48:28 GMT
server: cloudflare
etag: "cfda6aooEForqAwnmMA_FwRA:7f3c54daeba4e5e024d81d713e95b164"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/m q=0 n=17 c=2199 v=2021.12.0 l=21768
accept-ranges: bytes
cf-ray: 6cd984066b947150-YUL
cf-bgj: imgq:85,h2pri

GET
H2 200 hp-v1hero-bg-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/ 37 KB
37 KB 39ms
39ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bg-desktop.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f6ca14838f75b9da7e6d893680e3f8b7719cfeeb2ea3a8b093ebee6ba5bf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
via: 1.1 42f2de9d3efb503e7960e52396f998c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 37434
last-modified: Mon, 26 Apr 2021 18:21:59 GMT
server: cloudflare
etag: "cfqX0AzobXLrYJ_h1SruevIA:f2d3deec90a80ad587c86b98e04e1b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "image too large for AVIF"
content-type: image/webp
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=14 c=274 v=2021.12.0 l=37434
accept-ranges: bytes
cf-ray: 6cd98404f9087150-YUL
cf-bgj: imgq:86,h2pri

GET
H2

200

proven-logo-vertical-white.svg
media.provenskincare.com/img/
Redirect Chain

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/proven-logo-vertical-white.svg
https://media.provenskincare.com/img/proven-logo-vertical-white.svg

6 KB
3 KB

18ms
18ms

Image
image/svg+xml

2600:9000:2140:8e00:2:9629:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.provenskincare.com/img/proven-logo-vertical-white.svg
Protocol: H2
Server: 2600:9000:2140:8e00:2:9629:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4103f74eb3f5890820772b200a99b29b1c719658aa5a279584c4ed3dca8eba27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: _j2EcbmKo2kQ3iH5YUKtPO5g0nhuXe.l
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 18:23:48 GMT
server: AmazonS3
age: 45436
etag: W/"3fc5d46e2f962d77db47944875fc0a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
date: Fri, 14 Jan 2022 07:34:35 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: d43gCOceqcxGuqbcIfqIvDxdeOb3wW1AORKBLh4js6RhGuu_Jwj_vA==

Redirect headers

date: Fri, 14 Jan 2022 20:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://media.provenskincare.com/img/proven-logo-vertical-white.svg
cache-control: max-age=14400
content-security-policy: default-src 'none'
content-length: 67
cf-ray: 6cd984067b967150-YUL
cf-resized: err=9412

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 45 KB
8 KB 57ms
55ms XHR
application/json 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: cce88e8655deefbbd13f3ee0c21297fc2ea7755ca91a7397a4801e50075502e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Authorization: [object Object]
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:50 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/footer/footer-bg-logo.png

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/dist/main.a6b8cccb7cb72c09bf39.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc0aa0baa04ce717bca8c49aead6b51c9c9fe0d9c03e96a6b14a8d9f962505d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11090
last-modified: Fri, 11 Jun 2021 21:31:15 GMT
server: cloudflare
etag: "cfqKCoNxDz2NJPngtYsmDJaw:67ccfd4963a51cbdfce879926cba2f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
cf-resized: internal=ok/h q=0 n=32 c=1402 v=2021.12.0 l=11090
accept-ranges: bytes
cf-ray: 6cd984067b9c7150-YUL
cf-bgj: imgq:85,h2pri

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C7EB 2 KB
2 KB 32ms
31ms Other
text/html 2607:f8b0:400d:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c09::5c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fprovenskincare.com&mid=
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 master-6804e99f981fb0c1d0c52c0be475b8ad.html Show response
js.chargebee.com/v2/ Frame E5A5 203 B
633 B 17ms
17ms Document
text/html 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/60-8e0ff7a6273c5bf6d141.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

882a54ce07c1a85aa60df075c276a354d049eadb070e848ccc67faa71e6e15f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/

Response headers

content-type: text/html
content-length: 203
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
x-amz-version-id: VDDGC4spS65z67vJREBi2.075OnbG0Vq
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
date: Fri, 14 Jan 2022 20:07:19 GMT
cache-control: max-age=300,public
etag: "02e3e608326b09b590d1ccb955665254"
x-cache: Hit from cloudfront
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: kshSjsGpwyD7QyWGPC1PMAAexCHSEK6zS4deyy8XCCJBV3d1mNeQ3Q==
age: 270

GET
H2 200 widget.css
staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/ 483 KB
49 KB 26ms
26ms Stylesheet
text/css 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2021-11-09_09-11-04

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

347a3e42ca0d77c5fecb3a20ff785e13ea716c746ec4a7c29d29adb01f40a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=4
vary: Accept-Encoding
content-length: 50016
x-xss-protection: 1; mode=block
x-request-id: 38644df98651a686ba0b1aa0ac6315da
x-runtime: 0.111970
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"f3cc2a124a971957873952ffc9001eff"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7142
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame C7EB 147 KB
52 KB 69ms
21ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fprovenskincare.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2593d26ee9aa5d2f1199959ecd81c8b0ef652bb5b26aa340b4eedcbf4defd51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52902
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 04:32:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 13 Jan 2023 17:10:42 GMT

OPTIONS
H/1.1 200
OK questions
proven-api-production.herokuapp.com/api/ Frame 0
0 35ms
35ms Preflight 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?variant=B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://provenskincare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,If-None-Match
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Content-Length: 0
Date: Fri, 14 Jan 2022 20:11:50 GMT
Via: 1.1 vegur

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 45 KB
8 KB 74ms
72ms XHR
application/json 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?variant=B
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: cce88e8655deefbbd13f3ee0c21297fc2ea7755ca91a7397a4801e50075502e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Authorization: [object Object]
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:50 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 31ms
28ms Script
application/javascript 23.223.26.190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.26.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-26-190.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 798dc161.90ced19c
date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642191110083932
x-cache: TCP_MISS from a23-223-25-190.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 9,23.223.25.190
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202201142011500101130060710713FDF1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,23.220.104.137
x-tt-trace-host: 01c023061f99b6bc1ee14794adc831dd78e28092f6675d0191103536c716e4a2c5a96de761267bfd3614889641cf394cdfa43aaabf3abe3f7d681b2142e10a87c506e23f8ea9c381391e2f0469222cd39237b08165fce34d3c02a9b355e3f5ba74772d0e35c66dbb344d824e97fce8059e
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 715 B
1 KB 35ms
35ms Script
application/javascript 23.223.26.190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5FM6VVGE0M3SF4IV8NG&hostname=provenskincare.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.26.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-26-190.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0c33ec9a9c3b870144eb720fd8f6846d418ec1fa20541d802683afbe9a078e05

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 658b2ba8.90ced1ae
date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642191110135208
x-cache: TCP_MISS from a23-223-25-190.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 16,23.223.25.190
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=10, inner; dur=1
content-length: 323
pragma: no-cache
server: nginx
x-tt-logid: 2022011420115001011313507917135656
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.104.150
x-tt-trace-host: 01c023061f99b6bc1ee14794adc831dd78e28092f6675d0191103536c716e4a2c5663cf5601244c4eccc35f7080e927d64f0540736bcfc8c492b28016f629816117be51b07dddbee14d4ab0941f22d5d22496e0aec4dc4d39b0a26d0ec0fecba647a0a554598b180780f348ec9776aeaae
expires: Fri, 14 Jan 2022 20:11:50 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
144 B 234ms
76ms XHR
application/json 35.167.90.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.90.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-90-204.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://provenskincare.com
date: Fri, 14 Jan 2022 20:11:50 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 json Show response
maps.googleapis.com/maps/api/geocode/ 18 KB
2 KB 87ms
86ms Fetch
application/json 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/geocode/json?latlng=45.5016889,-73.567256&sensor=false&key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3f7fdcb1af8fedaaaeedb7ddf1a262bfc43cf70279b44dfa52bd68a7e8cccd0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
x-goog-maps-metro-area: Montreal
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
server-timing: gfet4t7; dur=59
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 80ms
25ms Image
image/gif 44.196.157.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&se_va=Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG&cx=eyJwdl91dWlkIjo5MDQxNTQyMTB9&dtm=1642191110183&tid=347436&vp=1600x1200&ds=1600x8237&vid=1&duid=df48af8969f48a7f&p=web&tv=js-0.13.2&fp=3441833202&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fprovenskincare.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.157.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-157-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Sat, 15 Jan 2022 20:11:50 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 74ms
24ms Image
image/gif 34.235.196.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3880160878&u=2589151897748626&v=7517111475396375&s=1767847040256034&b=web&tv=4.0&z=0&h=%2F&d=provenskincare.com&t=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&ts=1642191110212&st=1642191110214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.196.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-196-25.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

OPTIONS
H/1.1 200
OK questions
proven-api-production.herokuapp.com/api/ Frame 0
0 26ms
26ms Preflight 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?variant=B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://provenskincare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,If-None-Match
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Content-Length: 0
Date: Fri, 14 Jan 2022 20:11:50 GMT
Via: 1.1 vegur

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 45 KB
8 KB 50ms
49ms XHR
application/json 54.205.8.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?variant=B
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/dist/main-9300fb3e1f7f7df2f2a1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.8.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-8-205.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: cce88e8655deefbbd13f3ee0c21297fc2ea7755ca91a7397a4801e50075502e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Authorization: [object Object]
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 20:11:50 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 vegur

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
19ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5451
date: Fri, 14 Jan 2022 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 20:40:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 57ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ZzSr2dWUfs6RYAoY/++Gd+3DC/0UhfgQDtfIz4ZgWo12C5wnAmsL90YwmmK6eTzfjO+doZXhbo+izr2cy+npLg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 14 Jan 2022 20:11:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 224 KB
68 KB 37ms
11ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f17320332190c9df489344bf017c8aabd61a019329ae15f6c889308dca13e4ae

Request headers

Referer: https://provenskincare.com/
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 19:44:31 GMT
content-encoding: gzip
age: 1639
x-guploader-uploadid: ADPycdsKxwxoYcSshThiElGQIIVzWtXLWdDb-1y4l7dKZYLL06WZSibQe_tT9TqIYNeKjGe9wFCEJy_MBve7ZacAbFg0daTU0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68717
last-modified: Fri, 07 Jan 2022 17:12:39 GMT
server: UploadServer
etag: "dc00f7c2806e8dcd407a54a66f64c778"
x-goog-hash: crc32c=zdOOmg==, md5=3AD3woBujc1AelSmb2THeA==
x-goog-generation: 1641575559790768
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68717
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 14 Jan 2022 20:44:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
70 KB 124ms
74ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4db2ef3c793edc9a9f02227af71f87a1babadd70520c7f848aad814e8922f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71544
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 18:24:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 565 KB
144 KB 109ms
48ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 75
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 04:47:31 UTC
server: cloudflare
etag: W/"49987de4bcbe452bcfd1007cc2d781f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKKri%2B8S4dzQn8c2Hww%2Bg4oiQDpAmmK3msFaqu%2BqiAUVS3ir%2FYLW%2B5CNxdeCldoJkM03CBONnROpEL5aAB109fT3P2vbiZWdasMqe9FKNKnprk7wmp60UPdIEZC1BmrHqrzMN0zoFaerc5gM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IVTpif2flqawbiKKXO54iMstAlvYfdsT
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6cd984076a42ca4b-YUL
x-amz-cf-id: pH5MpqXfEix2yRf1GnJkF6JssLElEu8op_AcBCUDxOWYXqBQhz9wbA==
x-hs-target-asset: FormsNext/static-5.432/bundles/project_with_deps.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
51 KB 102ms
53ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-813896931

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43f547cddb1f240415ab4d38c219904a961471cb92bb79991e063e3d1b1cc1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51923
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 18:24:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 111ms
27ms Script
application/javascript 2a04:4e42:1c::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1c::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a85ea540e774d24b3472a92b0e69b48634c76af3a0dfce7d10ed473163285984

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "b994f61922eded883a63a8a3d9ec54c1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 110ms
63ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0163ed9c37be09a5c977ee44c0745babb1af4ab7c9f7e1a810119de828ae8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14840
x-xss-protection: 0
server: cafe
etag: 17148994969531381094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 json Show response
maps.googleapis.com/maps/api/geocode/ 18 KB
2 KB 58ms
57ms Fetch
application/json 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/geocode/json?latlng=45.5016889,-73.567256&sensor=false&key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3f7fdcb1af8fedaaaeedb7ddf1a262bfc43cf70279b44dfa52bd68a7e8cccd0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
x-goog-maps-metro-area: Montreal
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
server-timing: gfet4t7; dur=31
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 master-e5a156564c365db2cc4d.js Show response
js.chargebee.com/v2/ Frame E5A5 198 KB
59 KB 22ms
20ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-e5a156564c365db2cc4d.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e0d134bdc662a04fae8a4f8c286af22eac0d74ca224452c3e00f8435ea3e1957

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: FfIVkGE6.7VCW4zULBfSgLqiIxa3F3C_
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 104
etag: W/"a549954db6786a4bfa7cc7a61474408e"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:10:06 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: R6GcQmw8hQ7wGPoThPoyoYiby6WYtLr-OkcGlBFuN3esfk842igzZQ==

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0... Frame C7EB 36 KB
13 KB 50ms
22ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0fKpqVqm4.L.B1.O/am=DAAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrigss6IQA2dptld5Dp2jjEdIsD3YQ/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af41438f551956cda15b2e819ac22146c70c66d7b7be3231aef4f1550bd10897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 06:24:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 13 Jan 2023 17:14:02 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0... Frame C7EB 73 KB
27 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0fKpqVqm4.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrigss6IQA2dptld5Dp2jjEdIsD3YQ/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd01ecbea3553894676f82b187a592a888bf240a17cf6d5629d7e34b80466a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27491
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 06:24:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 13 Jan 2023 17:14:02 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
622 B 63ms
36ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2021-11-09_09-11-04

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 19:44:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 20:11:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 20:11:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 47ms
45ms Ping
application/octet-stream 23.223.26.190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.26.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-26-190.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 798dc46c.90ced230
date: Fri, 14 Jan 2022 20:11:50 GMT
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-223-25-190.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 24,23.223.25.190
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=17, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201142011500101130062091456A154
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.220.104.137
x-tt-trace-host: 01c023061f99b6bc1ee14794adc831dd78e28092f6675d0191103536c716e4a2c5a96de761267bfd3614889641cf394cdfa43aaabf3abe3f7d681b2142e10a87c5d011c993900373a24526f5f1bd7717e1089086d4faff96b9514a4f644ab7dcf4849ea123366f5ae1c2d06136e921512f
expires: Fri, 14 Jan 2022 20:11:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 47ms
46ms Ping
application/octet-stream 23.223.26.190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.26.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-26-190.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 658b31b7.90ced233
date: Fri, 14 Jan 2022 20:11:50 GMT
x-cache-remote: TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-223-25-190.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 23,23.223.25.190
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=16, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201142011500101130060710A1D01A5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.104.150
x-tt-trace-host: 01c023061f99b6bc1ee14794adc831dd78e28092f6675d0191103536c716e4a2c5663cf5601244c4eccc35f7080e927d64f0540736bcfc8c492b28016f62981611a28b8fe79b3090e4818551c9ba4d271068b1d76bd6b6da0b988376304793197c6437c4d8c2a8bd5db2b387c08956efa2
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H2 200 web-widget-framework-87b6fad8690cc5a54112.js Show response
static.zdassets.com/web_widget/latest/ Frame 7B84 213 KB
72 KB 48ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f947a483-536f-4d3d-9dbc-a2c1e93b7423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c697db1f8fb2ad454e452a0c6bde1ef5a66e2bae2702c0a6c9fcfe7ffc3b41d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246314
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JMMA0SZEWYBDR1GZ
x-amz-id-2: k3S+Pl/XvGR5I+Q1DymdYoj+ZQbFf9hPm828z0CcNxYrEalJ/W/P1X3ll69A3hjO9md+Q7MhVPU=
last-modified: Tue, 11 Jan 2022 05:36:13 GMT
server: cloudflare
etag: W/"be2ee39e2abd0597b1763f42b35e5da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNRKPKxViZqhlXKhdHECzknuPNExLfXneoBART9lOYYA%2Bdye5ho64HhjwLwAxPK6OJayNIWPtfWThJx76hKp0RWRcbQ7Eyy5iLFAqjUvX6a5XY%2BVhR3MRkmb6XTQt2fbvDqpOkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CML9ocOPnhYK71Pgsa8DeKb3tlpkYd4s
cf-ray: 6cd984081ff3f975-YYZ
expires: Wed, 11 Jan 2023 05:36:12 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 3 KB
1 KB 243ms
217ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 521cb89d2edd31e2854ab8fbd0d50b315fbbc8fe392db34fd98279455589ca70

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://provenskincare.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1099
via: 1.1 google

GET
H2 200 70-dc12418706d3d900499b.js Show response
js.chargebee.com/v2/ Frame E5A5 3 KB
2 KB 21ms
21ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/70-dc12418706d3d900499b.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-e5a156564c365db2cc4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b46f76c8c276a41409e0b298d1b9add02762ff622774fc71b40c178e0133a54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 4VvuCbTHUKHLLED2C3NO_1uZ3605lJBV
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 5
etag: W/"0857a90ae25bfe46370ad1e49d5a1da7"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:11:46 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: pFVeSejFdHQygnxLQ1mO3q1_N0sftpK4HcRdqfUw8D4qnEiPN6VsTA==

GET
H2 200 80-4f2f7aadf7e90686a52e.js Show response
js.chargebee.com/v2/ Frame E5A5 2 KB
1 KB 20ms
20ms Script
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/80-4f2f7aadf7e90686a52e.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-e5a156564c365db2cc4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1f13a7681dc76d6f94eb9689010957102fad6201d9fe66cf9a38bff2175fc3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Kin6yJAixJFUEKIIxJFJwxymvOtId6ez
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 248
etag: W/"64a37d7c238a5b49c2aa2bf3c1f76c4a"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:07:42 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: eSfToozthosp_oZRdgDU3muwm9VSeGu3XU4cPdyVd9-4iZpxvKkK2Q==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 40ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: HiIJfKjgEpGoAupBRcookIkCPS0cJsvbc91SseNGC91R9L/GWzqFeCmnr4gDI8Lnhew1TTjlbyy6Qz26YZBqBw==
x-frame-options: DENY
date: Fri, 14 Jan 2022 20:11:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 101684010396000 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 56ms
35ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/101684010396000?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0382033ed17632c84a22cd8fef78b3cac8b88a2cf3fba5963695dcbba9084b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89097
x-xss-protection: 0
pragma: public
x-fb-debug: A6HMl7a04yEPyQsZM7ZdiLAyTFdquwiRhzZ7L2Bot1PsSvNNZSvfhamOrAe3eIUOPgr3ZwdNBOiBpZo8yslcqQ==
x-frame-options: DENY
date: Fri, 14 Jan 2022 20:11:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 46ms
19ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 19:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jan 2022 20:32:34 GMT

GET
H2 200 pi-worker-6804e99f981fb0c1d0c52c0be475b8ad.js
js.chargebee.com/v2/ Frame E5A5 59 KB
20 KB 20ms
19ms Other
application/x-javascript 143.204.150.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/pi-worker-6804e99f981fb0c1d0c52c0be475b8ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-102.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3ca18f3873d212c3cbdfc078db8a7daabf075421a58ec1b5234cbee32cee554

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-6804e99f981fb0c1d0c52c0be475b8ad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: hoPJcZkLWQPcpD1Rw0nlrzouIrm2N6bc
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 13 Jan 2022 02:40:31 GMT
server: AmazonS3
age: 269
etag: W/"47d340caa3c19ed995da6a22f567d1be"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ca4d42b1568d18e9383473e6c150f2e2.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 14 Jan 2022 20:07:21 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: NvHdrreyhlkWwvcLome4R3Pq2E6APkIe28h4w4W8sWRUkv4dP0jy5A==

GET
H2 200 main.4fd9fcbb.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 26ms
26ms Script
application/javascript 2a04:4e42:1c::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.4fd9fcbb.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1c::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5955908348c9dc49badb9b08e2448d49db335f16720edaf1bf6cbe67692129ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "ee862b07a016793ba80ef67b90f043d5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 19222
access-control-expose-headers: X-CDN

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C7EB 49 KB
20 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0fKpqVqm4.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrigss6IQA2dptld5Dp2jjEdIsD3YQ/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5451
date: Fri, 14 Jan 2022 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 20:40:59 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C7EB 1 MB
341 KB 59ms
59ms XHR
text/html 2607:f8b0:400d:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::5c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

571174fdf686ab6cc2f73a0550ce39cf429f3c804d22b5653d05225b98b6c572

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XCkSXVUN9jr+W3NgGYB9NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-XCkSXVUN9jr+W3NgGYB9NQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Fri, 14 Jan 2022 20:11:50 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-XCkSXVUN9jr+W3NgGYB9NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-XCkSXVUN9jr+W3NgGYB9NQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 92ms
63ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-813896931

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0163ed9c37be09a5c977ee44c0745babb1af4ab7c9f7e1a810119de828ae8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14840
x-xss-protection: 0
server: cafe
etag: 17148994969531381094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 155 KB
58 KB 81ms
55ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-813896931

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d0c88bd42b46b0bd75b586162e63649a0fc09e82cb3891225f926b73cb4df1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59079
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 156 KB
58 KB 69ms
43ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-813896931

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70ee6077a73d964c841f911ad0dd6b8109a68845b3c2e7ca470b13d808d39608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59128
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 155 KB
58 KB 86ms
64ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ER9PKMKG33&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-813896931

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36e3547c2671c0a3448e43d55c294097919619a9d6e0bfc23725c33f8c1e755e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58926
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5451
date: Fri, 14 Jan 2022 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 20:40:59 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 94ms
42ms Script
application/javascript 99.84.125.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-102.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
x-amz-cf-id: zI9nWNc67C1AlVnz8fl7pWiQNg7DfF3QqPemHPivX8b4iREjWqiIAw==

GET
H2 200 A2241056-177d-4088-9b22-3c908eaca2c61.js Show response
d.impactradius-event.com/ 41 KB
13 KB 73ms
48ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2241056-177d-4088-9b22-3c908eaca2c61.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ed7616803be59d12d7e1f58df78df47f049e71de0b3b191e4d8e0ae4394e1f9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdu106Vpl93cU4Y_XRUNVIfRLctEOVWriecka9xK3WtDtEvTSNQBu18FTUdD4-CYPGp-_5mJ02GqU0s1w_Hw0ROPdIHpng
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12926
last-modified: Tue, 20 Jul 2021 07:13:50 GMT
server: UploadServer
etag: "d6c3cb40d713799b45ebf3af27eb1127"
vary: Accept-Encoding
x-goog-hash: crc32c=pwWiXQ==, md5=1sPLQNcTeZtF6/OvJ+sRJw==
x-goog-generation: 1626765230515426
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12926
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 14 Jan 2022 20:16:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 74ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: provenskincare.com
URL: https://provenskincare.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:49 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 304170EBF4E949FBB7AE04A7DF8C649C Ref B: YTO01EDGE0810 Ref C: 2022-01-14T20:11:50Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H/1.1

200
OK

ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=149.56.153.187;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=149.56.153.187;cuidchk=1

42 B
780 B

34ms
33ms

Image
image/gif

54.205.137.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=149.56.153.187;cuidchk=1

Protocol

HTTP/1.1

Server

54.205.137.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-137-106.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 20:11:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 14 Jan 2022 20:11:50 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=149.56.153.187;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/745175160/ 2 KB
1 KB 37ms
36ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/745175160/?random=1642191110594&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

5dca0fe66a3068fb19114bfabf1925da3b77e2af50637ceed2ffa1bb14e3ab46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4541520.js Show response
js.hs-analytics.net/analytics/1642191300000/ 62 KB
20 KB 106ms
50ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1642191300000/4541520.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318c043986072ade361aec4a29376e5b673256821a934707f6ec02e8941ce7cc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KHZHR7DZ62XD5HJQ
x-amz-server-side-encryption: AES256
cf-ray: 6cd98409aeaf7156-YUL
x-amz-id-2: GVxKmGxGtsYEt7ASyX8mMuul3ARxvvcALlipTlBHuf8phhuKauJzqnsrJfcDI2oLu2s8ouuH4LY=
last-modified: Mon, 19 Jul 2021 14:56:33 GMT
server: cloudflare
etag: W/"153ecbf916dd442f76f98cc127d585e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 14 Jan 2022 20:15:21 GMT

GET
H2 200 config Show response
provenskincare.zendesk.com/embeddable/ Frame 7B84 559 B
1 KB 108ms
50ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://provenskincare.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8a12a19a62770b4cff51a93f816822ecc684325972d299e56dc044cc47e275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Fri, 14 Jan 2022 20:11:50 GMT
x-envoy-decorator-operation: embeddable.pod19.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20
x-zendesk-origin-server: embeddable-app-server-686d74964f-955ln
x-envoy-upstream-service-time: 28
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=31536000;
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: STALE
x-request-id: 6cd967f489f6f579-IAD
x-runtime: 0.027125
server: cloudflare
etag: W/"ab8a12a19a62770b4cff51a93f816822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1tvBbdwzWf61ERDsyk2VZhdW474RFRKbocTGSsIMDdWe0Qwa%2FBPsJfzYjRWQyEAXVrIknGBx8VoKqSAunTiogZUYKHd0bNckkrouGtzO0LyC9%2FpVh0LP2Ijm4eQjP40U2htsUSjQhhT2r3T"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6cd98409ea5bf999-YYZ

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 123ms
51ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109841154-1&cid=1230844927.1642191110&jid=1200638794&gjid=1537549211&_gid=421422585.1642191110&_u=aGBAgEAjQAAAAE~&z=588891774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 20:11:50 GMT
content-type: text/plain
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 39ms
37ms Script
application/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-5XVH5PH&t=gtm13&cid=1230844927.1642191110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19c12e98e3b610d33ad108d18c8530c1993b3874edd9e428ee5835c7bbdc3c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35272
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 18:24:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
19ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1883804223&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provenskincare.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjQ~&jid=1200638794&gjid=1537549211&cid=1230844927.1642191110&tid=UA-109841154-1&_gid=421422585.1642191110&z=1908431534

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 14:05:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1883804223&t=event&ni=1&_s=2&dl=https%3A%2F%2Fprovenskincare.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20home%20Page&ev=0&_u=aGBAgEAjQAAAAE~&jid=&gjid=&cid=1230844927.1642191110&tid=UA-109841154-1&_gid=421422585.1642191110&z=1865047168

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 14:05:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 57ms
19ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=101684010396000&ev=PageView&dl=https%3A%2F%2Fprovenskincare.com%2F&rl=&if=false&ts=1642191110714&sw=1600&sh=1200&ud[external_id]=4366f3c93b14a6ebee72fadc7ebe085984a8a5a0b35647b2a41a9f5fd5e93c59&v=2.9.48&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1642191110712.390800615&it=1642191110458&coo=false&dpo=&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H2 200 retrieve_js_info Show response
proven.chargebeestatic.com/api/internal/1642190400/ Frame E5A5 257 B
823 B 19ms
19ms XHR
application/json 13.33.60.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://proven.chargebeestatic.com/api/internal/1642190400/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-e5a156564c365db2cc4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.60.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-60-7.ewr52.r.cloudfront.net

Software

ChargeBee /

Resource Hash

4cdcbaa6e705a3ea0a0136dd08ebe32c09ff2eb3ef9d4dc9261b84c788f93d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Authorization: Basic live_6kZQSUeccuNwXGfLaRID1DojKld9qo7gn

Response headers

date: Fri, 14 Jan 2022 20:00:47 GMT
via: 1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront)
age: 663
x-cache: Hit from cloudfront
content-length: 257
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: PUBLIC, max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version
x-amz-cf-id: X1c0NPU1moSsdrE324FZF768KYR2IQuxuqXdM9EwCUm2joB6yKGK3A==
expires: Fri, 14 Jan 2022 21:00:47 GMT

OPTIONS
H2 202 retrieve_js_info
proven.chargebeestatic.com/api/internal/1642190400/ Frame 0
0 177ms
73ms Preflight 13.33.60.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://proven.chargebeestatic.com/api/internal/1642190400/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.60.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-60-7.ewr52.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-requested-with
Origin: https://js.chargebee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Fri, 14 Jan 2022 20:11:50 GMT
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
pragma: no-cache
access-control-allow-origin: https://js.chargebee.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version
access-control-allow-methods: GET, OPTIONS, POST
server: ChargeBee
x-cache: Miss from cloudfront
via: 1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: d1S_5tEo-IwJ3Uo1RTXpn9iFOVfv-95yQGJ7B3EvzDrF-bwH5Uft9A==

GET
H3 200 integrations Show response
rs.fullstory.com/rec/ 0
10 B 56ms
42ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=F2508
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
ct.pinterest.com/user/ 518 B
863 B 95ms
29ms XHR
application/json 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613287502723&cb=1642191110735

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f62449368ca7569739f5c258755679e3c1eef1ec85954e6cba3277a6a4a80d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8819df17.1642191110.a68b9fb
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1618984164982990
pin-unauth: dWlkPU1tRTVNV0V5WXpZdE9URm1OUzAwTm1JekxUazNOekF0WkRFMU1URmlOakEzWXpabA
access-control-allow-origin: https://provenskincare.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 380
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 17424522.js Show response
bat.bing.com/p/action/ 0
112 B 35ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17424522.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Jan 2022 20:11:49 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7BA18AB9272A4B6F9182CCD756AD007D Ref B: YTO01EDGE0810 Ref C: 2022-01-14T20:11:50Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17424522&Ver=2&mid=6436f3f4-0972-42aa-b5d2-8ec7558b8d54&sid=359b5920757611ec86d95bb6a4a6b187&vid=359b7530757611ec8650ab6b49a8e1d5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&p=https%3A%2F%2Fprovenskincare.com%2F&r=&lt=1227&evt=pageLoad&msclkid=N&sv=1&rn=807074
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F59286DA98E4173A9804143E1966D38 Ref B: YTO01EDGE0810 Ref C: 2022-01-14T20:11:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
32ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ER9PKMKG33&gtm=2oe1c0&_p=1883804223&sr=1600x1200&ul=en-us&cid=1230844927.1642191110&_s=1&dl=https%3A%2F%2Fprovenskincare.com%2F&dt=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&sid=1642191110&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ER9PKMKG33&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 83ms
33ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-91WG9T9YM4&gtm=2oe1c0&_p=1883804223&sr=1600x1200&_gaz=1&ul=en-us&cid=1230844927.1642191110&_s=1&dl=https%3A%2F%2Fprovenskincare.com%2F&dt=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&sid=1642191110&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.page_path=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 88ms
51ms Ping
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91WG9T9YM4&cid=1230844927.1642191110&gtm=2oe1c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 84ms
37ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91WG9T9YM4&cid=1230844927.1642191110&gtm=2oe1c0&aip=1&z=1288229535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame C7EB 131 B
152 B 83ms
56ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 86ms
32ms Preflight
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame C7EB 131 B
152 B 75ms
50ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 80ms
34ms Preflight
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 75ms
34ms Preflight
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 Jan 2022 20:11:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame C7EB 131 B
152 B 76ms
51ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0... Frame C7EB 17 KB
7 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0fKpqVqm4.L.B1.O/am=DAAE/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrigss6IQA2dptld5Dp2jjEdIsD3YQ/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb3301b76a301c7992d71f28464fcf0a108a131ac4884fb54c1e7a38903bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7260
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 06:24:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 13 Jan 2023 17:14:03 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0... Frame C7EB 8 KB
3 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Ok0fKpqVqm4.L.B1.O/am=DAAE/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrigss6IQA2dptld5Dp2jjEdIsD3YQ/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d589a7dc89779bfea256a4373a149ce9828ddb31b08846c18e13a8dccd40c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 06:24:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 13 Jan 2023 17:14:03 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/745175160/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24...
https://www.google.com/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_jav...
https://www.google.ca/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java...

42 B
64 B

42ms
41ms

Image
image/gif

2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BtnhYdfqJc_z_gTN1b2gDw&random=3295475734&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCi5XDKjraK2Pc7vi9YP3VDFSadSacI0tx45I3sQemltYCM1gCTe8sGn8CsVuFqE5IGxhMA55jngVKBTHBpLK3m

Protocol

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-conversion/745175160/?random=594693926&cv=9&fst=1642191110594&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprovenskincare.com%2F&tiba=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BtnhYdfqJc_z_gTN1b2gDw&random=3295475734&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCi5XDKjraK2Pc7vi9YP3VDFSadSacI0tx45I3sQemltYCM1gCTe8sGn8CsVuFqE5IGxhMA55jngVKBTHBpLK3m
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 53ms
52ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613287502723&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fprovenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%224fd9fcbb%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1642191110884

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8819df17.1642191110.a68ba13
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1826548168390348
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
576 B 53ms
52ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22home%22%7D&tid=2613287502723&ad=%7B%22loc%22%3A%22https%3A%2F%2Fprovenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%224fd9fcbb%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1642191110884

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8819df17.1642191110.a68ba17
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 5877111980376151
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 45 B
312 B 66ms
40ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=9ea0eaf4-2262-4064-82e3-98264a901f80

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

bf8bf79a36f4f9447bb94a56e20f9d9c29b6718a87f56f1dbc52801a42c87c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
39ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109841154-1&cid=1230844927.1642191110&jid=1200638794&_u=aGBAgEAjQAAAAE~&z=981555332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 64ms
37ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109841154-1&cid=1230844927.1642191110&jid=1200638794&_u=aGBAgEAjQAAAAE~&z=981555332

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ct.html Show response
www.pinterest.ca/ Frame 35FD
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.ca/ct.html

413 B
4 KB

119ms
114ms

Document
text/html

23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4fd9fcbb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

080fef23e0efa78be7fab6fba33a301e1fa040bfcf50bf450705f52c42ac5698

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-b16a5644bd41a0300055996615a693fc' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8172872557328627; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-b16a5644bd41a0300055996615a693fc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8172872557328627; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-b16a5644bd41a0300055996615a693fc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 86
pinterest-generated-by: coreapp-webapp-prod-0a038008
content-encoding: gzip
pinterest-version: edfaf3c
referrer-policy: origin
x-pinterest-rid: 8172872557328627
date: Fri, 14 Jan 2022 20:11:51 GMT
content-length: 280
akamai-grn: 0.8819df17.1642191111.a68ba5f
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.ca/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 128
pinterest-generated-by: coreapp-webapp-prod-0a03894d
content-encoding: gzip
pinterest-version: edfaf3c
referrer-policy: origin
x-pinterest-rid: 1596489098436690
date: Fri, 14 Jan 2022 20:11:51 GMT
akamai-grn: 0.8819df17.1642191110.a68ba1e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 113ms
58ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=F2508&UserId=6471906943655936&SessionId=6527310465687552&PageId=6519602152824832&Seq=1&PageStart=1642191110495&PrevBundleTime=0&LastActivity=499&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4bca3a8cc060f8f2e24f68b33cc1a4edc6105b5ea28309bb35d065798776abde

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://provenskincare.com
date: Fri, 14 Jan 2022 20:11:51 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 4541520.js Show response
js-na1.hs-scripts.com/ 2 KB
939 B 121ms
59ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/4541520.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1642191300000/4541520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6c27e3e7d394f94c4bcb7956bbc0281e08449d3ac13c21a73f8d10757936cc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-hubspot-correlation-id: aee5a41f-1ce3-4838-bd4c-8cdfb516e028
cf-polished: origSize=1962
last-modified: Fri, 14 Jan 2022 20:11:29 GMT
server: cloudflare
x-trace: 2B9DE90515A2E83BD3D0A4B3E19AF009F0C1498CE9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.provenskincare.com
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 6cd9840c0a827156-YUL
cf-bgj: minify

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
998 B 115ms
70ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=4541520&rcu=https%3A%2F%2Fwww.provenskincare.com%2F&pu=https%3A%2F%2Fprovenskincare.com%2F&t=Skincare+Routine+Formulated+For+Your+Personal+Needs+%7C+PROVEN&cts=1642191110971&vi=2d372e9b09eb477f7f6d6934a2527db6&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5ba4a705-477a-47b3-b99a-d6a010a95558
cf-ray: 6cd9840bef1f4bca-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beeVylUQrRJBOhaUKnINufms66OzbN8jNP0EPMytdtudVp5UtFp%2Fn9iIBjXXp%2FSbziVpLgY75i13VaYRYXMFKjd3GAU1oDzWEzZ0dZUFHF7E2dNaF9R4a15OoR6xzuC1LIyVMJ7V8MnArzF3DFbt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 i Show response
tr.snapchat.com/cm/ Frame B81E 672 B
688 B 78ms
64ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=9ea0eaf4-2262-4064-82e3-98264a901f80

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/

Response headers

server: nginx/1.17.3
date: Fri, 14 Jan 2022 20:11:51 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame E5A5 884 B
794 B 41ms
41ms Script
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-e5a156564c365db2cc4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f811640d0afe5cd317f23cacc9fa3852a0f565e8284535dcb328cc8b7665814b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Fri, 14 Jan 2022 20:11:50 GMT

GET
H3 200 p
tr.snapchat.com/ 68 B
86 B 57ms
46ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=9ea0eaf4-2262-4064-82e3-98264a901f80&ev=PAGE_VIEW&pl=https%3A%2F%2Fprovenskincare.com%2F&ts=1642191110981&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=56e01395-b5c7-4c97-9977-ebb6279dabff&m_sl=2561&m_rd=2658&m_pi=641&m_pl=1227&m_ic=0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 web-widget-39900-bad8471d2b7add37a93f.js Show response
static.zdassets.com/web_widget/latest/ Frame 7B84 372 KB
114 KB 74ms
74ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-39900-bad8471d2b7add37a93f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246315
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JMM8JG2BCNDQX2E1
x-amz-id-2: U5lpG5xdX/5VXs38LRdsnWGXurLZIOieFr3FdeCmlC1zfwpg8kd3cH4HU+XpkOBo38HuLrF/iNY=
last-modified: Tue, 11 Jan 2022 05:36:15 GMT
server: cloudflare
etag: W/"f529f07bc9a9b52c28c54dfb5ac3d537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjpZ%2BFSbXigYUBFCTfr2K6YkqFmbOgFHYnE37rRoUID3J86zEINur2vdVqjGzBsIwMuvpQzGCD71j2hSnMAiouo3T4pMwLKX%2BgotByCCX%2FltrshOEurMAGQKGdEm4nIwXbg6C%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Hu3EjwxEwLvswnoi3og_NUhh.Z0ZPntm
cf-ray: 6cd9840bfcd4f975-YYZ
expires: Wed, 11 Jan 2023 05:36:14 GMT

GET
H2 200 web-widget-82496-589058dacc8ab84d7796.js Show response
static.zdassets.com/web_widget/latest/ Frame 7B84 85 KB
24 KB 94ms
94ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-82496-589058dacc8ab84d7796.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246314
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6H10SW1FMQ44ZNFQ
x-amz-id-2: bZef5yquesGNgtQNsoJn9cnSbCtjFZ8jiLxcEMcVmLGDxAjv7c1+hHXIJnpg6V7gXaM8xQyAK0M=
last-modified: Tue, 11 Jan 2022 05:36:15 GMT
server: cloudflare
etag: W/"a578a65dad91fe91cb0130ffd39b46ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmYzhqnJFH%2FanWc3MDh1Qj9aE40Kfu87dnv3cBhWmvAjeWUT%2BBvXmLsS7mMwZkSxijUy9eNyXuUSTZGvOuT7Y9H8cM3ewbTa3KmaBYQtXHfBNgHY%2B%2B2osKB8RINGO4dkCQrrenA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: XmBfchOa1nU_Xj55gYxYavG4mPwtakPM
cf-ray: 6cd9840bfcd7f975-YYZ
expires: Wed, 11 Jan 2023 05:36:14 GMT

GET
H2 200 web_widget-fdd2885907000dd0d1bf.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 7B84 443 KB
98 KB 57ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-fdd2885907000dd0d1bf.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315807594714645376dc85b1f2e13b5ac7d47ef6a493722e5fa9d09485ee77ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246315
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JMM5RT2BVBTABZDB
x-amz-id-2: 8VwNQNRTxSsANwgRW8+4zVCdXt035Vz5cqmad+4Z019OUMcXJVoQGWZZnZeS4h5Gswty39vsCno=
last-modified: Tue, 11 Jan 2022 05:32:56 GMT
server: cloudflare
etag: W/"8bf4ed5e66736b302133fa556cbf5629"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef9S20DHluD6ca%2BwvSKYtN%2BsgAR5yXdW4h297IV5gIpUnXeaooF3tnR6klt8SIJTCQXK%2FRaOsg4Z8pmJiwVxrNn3IouMlmohnG5OfclbkdOdCjg4xHfoz9KxtrUJujPSiUzX7DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iPPmrOc8cnnjiQ.vj0J2M3I9j8F3J0bT
cf-ray: 6cd9840bfcdbf975-YYZ
expires: Wed, 11 Jan 2023 05:32:55 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 98 KB
37 KB 42ms
42ms Script
application/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-NKCFSP3&t=gtm22&cid=1230844927.1642191110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b8d2afead8ea3d1de96fef58084040646ad9e720b92238d3bf02002d3835df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38267
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:11:51 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame E5A5 351 KB
138 KB 48ms
22ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.chargebee.com/
Origin: https://js.chargebee.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 06:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141749
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 06:19:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame C7EB 131 B
152 B 63ms
63ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pniSID1RZ64.es5.O/am=DAAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhjFQISpU_u-biwJXerrCS7mdI1Ng/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame B81E 18 KB
7 KB 18ms
17ms Script
application/javascript 99.84.125.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=9ea0eaf4-2262-4064-82e3-98264a901f80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-102.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 02:27:23 GMT
content-encoding: gzip
server: CloudFront
age: 63868
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR52-C3
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
x-amz-cf-id: ebmT9cBkmLrEDOtbSWXXozyWfczWVWWYYiHU28Cf_ZgnVnR_DH2cFA==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 52ms
52ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109841154-3&cid=1230844927.1642191110&jid=1113005980&gjid=1577068696&_gid=421422585.1642191110&_u=aGDAiEAjRAAAAE~&z=549578873

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 20:11:51 GMT
content-type: text/plain
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5452
date: Fri, 14 Jan 2022 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 20:40:59 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1883804223&t=pageview&_s=1&dl=https%3A%2F%2Fprovenskincare.com%2F&dp=%2F&dh=www.provenskincare.com&ul=en-us&de=UTF-8&dt=Skincare%20Routine%20Formulated%20For%20Your%20Personal%20Needs%20%7C%20PROVEN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjRAAAAE~&jid=1113005980&gjid=1577068696&cid=1230844927.1642191110&tid=UA-109841154-3&_gid=421422585.1642191110&gtm=2wg1c0KBQ57K4&cd5=&cd6=https%3A%2F%2Fprovenskincare.com%2F&cd2=1230844927.1642191110&cd3=20220114%7C06254137&cd4=20%3A11%3A51&z=567917316

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 14:05:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21954
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 82 KB
26 KB 97ms
38ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4541520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer: https://provenskincare.com/
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 56578
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6cc93e476f5e5491-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6cd9840cf92eecea-YUL
last-modified: Tue, 07 Dec 2021 01:47:22 UTC
server: cloudflare
etag: W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: rRRRHmVbhh5shp3y5LL9yV5ELD6xACiQdhQPxRsyUGULRQGEKQdfZA==
x-hs-target-asset: collected-forms-embed-js/static-1.260/bundles/project.js

GET
H2 200 4541520.js Show response
js.hs-banner.com/ 61 KB
16 KB 93ms
47ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4541520.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4541520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c439c477f02c457d6c0236e782d374ad5292030c5ddd042316d182f40e1cce6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZE74Q68YQ639RS0W
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: fJRQMaoEUfbvNDqpSvpPyWgvirW31cFuUCkH5sIWo7I4DlVLcU5WK7zPe4Uy8SYBnWJo758CrPU=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 20:00:13 GMT
server: cloudflare
etag: W/"afcc869fea70b55b2a5915b039ba80d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: tXI5GdR6tZBJDjHUAEnIrTl4tKoBeVfC
access-control-allow-origin: https://www.provenskincare.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6cd9840ceb767151-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 14 Jan 2022 20:15:23 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 87ms
29ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4541520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7247ea1aa0c0219d596548a11252be0858818d20301b647f42c78af7160d6800

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 270
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9558/bundles/project.js&cfRay=6cd97d75eeae541f-YYZ
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 14 Jan 2022 08:07:10 UTC
server: cloudflare
etag: W/"21e6096d54e5a6f6067c848783dd537b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ZNdC0pXh94dNG.u6PLdpSdC0XndLI9oV
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6cd9840cf8254bd7-YUL
x-amz-cf-id: i1EEouOkKknOSGF9HGeNMU_f2pTKrNVelvKnYI6EBas4_vkFJUU1-A==
x-hs-target-asset: conversations-embed/static-1.9558/bundles/project.js

GET
H2 200 embeddable_blip Show response
provenskincare.zendesk.com/ Frame 7B84 0
496 B 94ms
94ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://provenskincare.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1DQSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tY2EiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIwYzE2ZDU5NWMyNGQ0YTM0YTI1NGFmYmZlNDgyZjJmMyIsInN1aWQiOiI2ZGFjMzc1MWFiMTQ0Mjc5YTRlYjQ5MGZkNWYzNTRjYyIsInZlcnNpb24iOiI0MzlkYzk0IiwidGltZXN0YW1wIjoiMjAyMi0wMS0xNFQyMDoxMTo1MS4yNDBaIiwidXJsIjoiaHR0cHM6Ly9wcm92ZW5za2luY2FyZS5jb20vIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 410eeedbaf1255462a6be3e0e5b5ab33
last-modified: Fri, 14 Jan 2022 20:11:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrrhZaHdGpmjECYxhO7oQuBtH7wqOhfnm0hfwGroVa%2Bs2kDZKLkvB6DMn9yLu9Tas4qA5Fj%2BdiGB%2FCK4hCQ9QgVmgOX9cfsecapJJQmjkJ0%2BluHecrklq7hNE%2Fh8g3L27lBpV5MfyYpl7rm1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://provenskincare.com
accept-ranges: bytes
cf-ray: 6cd9840d5ebcf999-YYZ

GET
H2 200 en-ca-json-d6fc82df7cb0d31db7fe.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 7B84 26 KB
6 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/en-ca-json-d6fc82df7cb0d31db7fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8a9a335801ed833a2ca90e59cfd99852ccb2ebdf4a976fcc8c77f79678773b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6199015
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3TR3V6GMNHDDQRHK
x-amz-id-2: FnqFzVT1iXCoEBurCLx571YpWHAohgsaetF2DID+KZTJ9H+tWG8zvWkKrf5vCJY2xcO7fu4MMM4=
last-modified: Wed, 03 Nov 2021 23:47:20 GMT
server: cloudflare
etag: W/"53de576d797e3e3cf94d4f51ed040486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hk8rxXSd8KSP9ab48ijM%2FNXO3rGRpo3Ue4YD%2B0IVaJAX69KlGdwBxrGbJRfFFWJfz%2BVOrE84SkfKxvhfIK3Ew2YLBpUGJEyZrhkzO46hfhp%2Fq%2FDrIre0HOTciqMm41ke%2FcCyZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: _TIStzf6Sy1g4OGAKWVdgVxX_Lx2H.an
cf-ray: 6cd9840d6f78f975-YYZ
expires: Thu, 03 Nov 2022 23:47:19 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 2E53
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1642191111155
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1642166370458%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1642166370458%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1642166370458&pnid=140&pcid=7eb18bd7-8c0a-4cc6-9969-7ff30350cf80

0
15 B

61ms
61ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1642166370458&pnid=140&pcid=7eb18bd7-8c0a-4cc6-9969-7ff30350cf80

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Fri, 14 Jan 2022 20:11:51 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Fri, 14 Jan 2022 20:11:51 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1642166370458&pnid=140&pcid=7eb18bd7-8c0a-4cc6-9969-7ff30350cf80
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3C5B 39 KB
20 KB 78ms
48ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=plj5kyx7wzm9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f89e69bc8e1ded24d449567d4b7081382dfc6d6739175450d8505f8408b8d383

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vmy/QJhavM3d4gcah+FnUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jan 2022 20:11:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vmy/QJhavM3d4gcah+FnUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20249
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
38ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109841154-3&cid=1230844927.1642191110&jid=1113005980&_u=aGDAiEAjRAAAAE~&z=2060091911

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109841154-3&cid=1230844927.1642191110&jid=1113005980&_u=aGDAiEAjRAAAAE~&z=2060091911

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame 35FD 0
4 KB 62ms
61ms Other
text/plain 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?rid=8172872557328627

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-0828516c99434853598110532e4386b9' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5249615916853071; frame-ancestors 'self' , script-src 'nonce-0828516c99434853598110532e4386b9' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=5249615916853071
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-0828516c99434853598110532e4386b9' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5249615916853071; frame-ancestors 'self' , script-src 'nonce-0828516c99434853598110532e4386b9' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=5249615916853071
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8819df17.1642191111.a68baae
content-security-policy-report-only: script-src 'nonce-0828516c99434853598110532e4386b9' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 5249615916853071
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: db000f4
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 14 Jan 2022 20:11:51 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a038a82

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame 35FD 0
4 KB 111ms
110ms Other
text/plain 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?reportonly

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-42ca74041bbe49affc444a79512900c4' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1079207725910876; frame-ancestors 'self' , script-src 'nonce-42ca74041bbe49affc444a79512900c4' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1079207725910876
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-42ca74041bbe49affc444a79512900c4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1079207725910876; frame-ancestors 'self' , script-src 'nonce-42ca74041bbe49affc444a79512900c4' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1079207725910876
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8819df17.1642191111.a68baaf
content-security-policy-report-only: script-src 'nonce-42ca74041bbe49affc444a79512900c4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 80
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1079207725910876
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: db000f4
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 14 Jan 2022 20:11:51 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03b514

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame 35FD 0
4 KB 105ms
104ms Other
text/plain 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?reportonly

Requested by

Host: provenskincare.com
URL: https://provenskincare.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-17f8b5dad92426c32561beee7f216715' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1686397872516392; frame-ancestors 'self' , script-src 'nonce-17f8b5dad92426c32561beee7f216715' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1686397872516392
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-17f8b5dad92426c32561beee7f216715' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1686397872516392; frame-ancestors 'self' , script-src 'nonce-17f8b5dad92426c32561beee7f216715' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1686397872516392
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8819df17.1642191111.a68bab2
content-security-policy-report-only: script-src 'nonce-17f8b5dad92426c32561beee7f216715' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 70
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1686397872516392
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: db000f4
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 14 Jan 2022 20:11:51 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a039e68

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 64C9 0
18 B 45ms
18ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://provenskincare.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://provenskincare.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 14 Jan 2022 20:11:51 GMT

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 261 B
1 KB 175ms
150ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4541520&conversations-embed=static-1.9558&mobile=false&messagesUtk=104123f47b3343b2bbfb66c61d45d8d2&traceId=104123f47b3343b2bbfb66c61d45d8d2&hubspotUtk=2d372e9b09eb477f7f6d6934a2527db6&__hstc=16502953.2d372e9b09eb477f7f6d6934a2527db6.1642191110968.1642191110968.1642191110968.1&__hssc=16502953.1.1642191110968

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96969f6be41af467e1f83cf914161b7032dce162b4327f42ae6372831cd2b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
X-HubSpot-Messages-Uri: https://provenskincare.com/

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9b8e2202-f19a-4d79-af7b-70e48a0298f9
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 205
server: cloudflare
x-trace: 2BC7E02966C4F73F44F5B9DB86B98FA8B0DE6DCA5D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICqf1MJBma5yirLPqE2WbQb6U2S0tdLlu8B8Nr9SlHh%2FeTGFWXOPaIYWmW%2BNo15KP8mXYBbY4y4EPF%2BmOyJVcwqOUyQOJ6A8mzPvyj3K7gNGLnT3W6AJoTCXA%2B8ll%2BAhWsELhDeI1jvsjjHCwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://provenskincare.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6cd9840f4fadecee-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 136ms
77ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://provenskincare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6cd9840eaa9dece6-YUL
access-control-allow-origin: https://provenskincare.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 121791d2-3a3c-48c1-b63d-9f5d51c60e44
x-trace: 2B5ACD72987138C5F9FFB05ECDC8179F1941164F29000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISeF%2FLPc6upSEXR%2FKXXLevJ1nM5H5k60CAuwifJLsZ0%2BOC90sLwKllrOaTDU0tAk%2FtpTIIt14UGtxLmj1e9jjW24D2kOlQx9%2B9fLwgk62TIVcv7MMgStQKf6ySp91sHQvgX9a0HiZ7QkOf4MmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 embeddable_blip Show response
provenskincare.zendesk.com/ Frame 7B84 0
292 B 61ms
60ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://provenskincare.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9wcm92ZW5za2luY2FyZS5jb20vIiwidGltZSI6MjQyLCJsb2FkVGltZSI6NjQuNzk5OTk5MjM3MDYwNTUsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJTa2luY2FyZSBSb3V0aW5lIEZvcm11bGF0ZWQgRm9yIFlvdXIgUGVyc29uYWwgTmVlZHMgfCBQUk9WRU4iLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGhlaWdodD1kZXZpY2UtaGVpZ2h0LGluaXRpYWwtc2NhbGU9MSxtYXhpbXVtLXNjYWxlPTEiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjBjMTZkNTk1YzI0ZDRhMzRhMjU0YWZiZmU0ODJmMmYzIiwic3VpZCI6IjZkYWMzNzUxYWIxNDQyNzlhNGViNDkwZmQ1ZjM1NGNjIiwidmVyc2lvbiI6IjQzOWRjOTQiLCJ0aW1lc3RhbXAiOiIyMDIyLTAxLTE0VDIwOjExOjUxLjQ4MloiLCJ1cmwiOiJodHRwczovL3Byb3ZlbnNraW5jYXJlLmNvbS8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-87b6fad8690cc5a54112.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: ea193f04d59894b107302b8ff2e47f3a
last-modified: Fri, 14 Jan 2022 20:11:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAADXaob57jsBcrv8msQZYkcLRzBW%2BgZvZN2UqpMOJxMj0E4AP4WnmXSg8sckAjz3cRwmTJsB%2FEWNYkm6PnThhqt6X2%2BfkXip3Kj3tTw%2B4RY28BpfedrZjmpBXij%2FSRlK3qz0FVVkVF0XEg1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://provenskincare.com
accept-ranges: bytes
cf-ray: 6cd9840ed8d5f999-YYZ

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
680 B 86ms
73ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4541520&utk=2d372e9b09eb477f7f6d6934a2527db6

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d909e53834c6d7df314b3b393f7fdf8f4510c2d20608066f116941ce487f0d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5e7278a4-d237-46a0-bf50-4d4bd7a7e9be
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcerYNCykuycZTueBdSTBzZEGMd3GLRNX%2FfyFX%2BNRjLeGLVPoqMfLFRoYAiZ4V%2BJvLnhLdR1TGZEp8EvOxDSnwN32vWAGLXzyafVq6Cc8F7MRGQNg%2FRDoOAyhX5z3FRm1k5uB2MH5gAI%2FxMwCHuT"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://provenskincare.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6cd9840eeaebece6-YUL
access-control-allow-headers: *

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 3C5B 51 KB
24 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=plj5kyx7wzm9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 06:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 06:15:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 3C5B 351 KB
138 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 06:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141749
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 06:19:05 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame DDEE 224 KB
67 KB 26ms
12ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f17320332190c9df489344bf017c8aabd61a019329ae15f6c889308dca13e4ae

Request headers

Referer
Origin: https://provenskincare.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 19:15:41 GMT
content-encoding: gzip
age: 3370
x-guploader-uploadid: ADPycdt8HV4vFcW0bxZ7Nq_acMQb78Djzec0JFdxA_Oze91rN5PRL-KrKqR1HEH1DJ1cafhPzNtGeVo4dQ2zYEjHGKH57XV19g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68717
last-modified: Fri, 07 Jan 2022 17:12:39 GMT
server: UploadServer
etag: "dc00f7c2806e8dcd407a54a66f64c778"
x-goog-hash: crc32c=zdOOmg==, md5=3AD3woBujc1AelSmb2THeA==
x-goog-generation: 1641575559790768
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68717
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 14 Jan 2022 20:15:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3C5B 102 B
133 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

762bc62721580cd804e80ef3be945628fb5d4ebaa24dba64c13759d25809cc52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=plj5kyx7wzm9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 14 Jan 2022 20:11:51 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/5/ 77 KB
28 KB 47ms
20ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/5/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1f54009f8477de8570d9c8cd5b46f3713d4278f43e3c8d34d91a4d7dc3a9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 12:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28691
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 02:10:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 12:22:35 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/5/ 298 KB
91 KB 49ms
22ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/5/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5dc6f130f2a81f9b5f01099051a1184590a5258bce07aad8e4b2aa1eabb2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 19:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93193
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 02:10:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 19:33:11 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 90ms
87ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=F2508&UserId=6471906943655936&SessionId=6527310465687552&PageId=6519602152824832&Seq=2&PageStart=1642191110495&PrevBundleTime=1642191111030&LastActivity=4168&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 05340e0a07b18968ad321d411deaaddf7ea41e123b2b5b49f5a316f1ab7617f4

Request headers

Referer: https://provenskincare.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://provenskincare.com
date: Fri, 14 Jan 2022 20:11:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 00:11:17	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.google.com/	1970-01-20 04:33:22	Name: NID Value: 511=swhhQVW2zIMdQ9vS5IMABndNSrdTcs2j8Zkip7eyw-z8VHAsOjB8t7htznVQi9gT_p-ke7A7ioOP_7J_JeWEtkHlC2E6c19El2c7Zpmf8EC6j7wa84AGhIKFgXhVNZxHRvEvqdTYzpR5Dt1OYQDOPZWcui6XKzzRFMshSQEeyoA
.provenskincare.com/	1970-01-20 08:55:27	Name: ajs_anonymous_id Value: %221a0d23bf-82c0-4674-8f02-0c9402217c33%22
provenskincare.com/	1970-01-20 17:41:03	Name: _sp_id.b601 Value: df48af8969f48a7f.1642191110.1.1642191110.1642191110
provenskincare.com/	1970-01-20 00:09:52	Name: _sp_ses.b601 Value: *
.provenskincare.com/	1970-01-20 09:37:48	Name: _hp2_id.3880160878 Value: %7B%22userId%22%3A%222589151897748626%22%2C%22pageviewId%22%3A%227517111475396375%22%2C%22sessionId%22%3A%221767847040256034%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.yotpo.com/	1970-01-20 08:55:27	Name: pixel Value: 9810692a-41f8-4b61-41b2-2e77049c6256
.provenskincare.com/	1970-01-20 00:09:52	Name: _hp2_ses_props.3880160878 Value: %7B%22ts%22%3A1642191110212%2C%22d%22%3A%22provenskincare.com%22%2C%22h%22%3A%22%2F%22%7D
.provenskincare.com/	1970-01-20 00:09:58	Name: _gid Value: GA1.2.421422585.1642191110
.provenskincare.com/	1970-01-20 02:19:27	Name: _gcl_au Value: 1.1.2050247796.1642191111
.bing.com/	1970-01-20 09:31:27	Name: MUID Value: 3D6ED838AABF6C5126C7C914AB956D5F
.bat.bing.com/	1970-01-20 00:19:55	Name: MR Value: 0
.trkn.us/	1970-01-20 08:55:27	Name: barometric[cuid] Value: cuid_0599c5f6-f74d-4e16-9d33-c92af5d83e24
.provenskincare.com/	1970-01-20 00:09:51	Name: _gat Value: 1
.provenskincare.com/	1970-01-20 02:19:27	Name: _fbp Value: fb.1.1642191110712.390800615
.provenskincare.com/	1970-01-20 08:55:27	Name: fs_uid Value: rs.fullstory.com#F2508#6471906943655936:6527310465687552/1673727110
.provenskincare.com/	1970-01-20 00:11:17	Name: _uetsid Value: 359b5920757611ec86d95bb6a4a6b187
.provenskincare.com/	1970-01-20 09:31:27	Name: _uetvid Value: 359b7530757611ec8650ab6b49a8e1d5
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_gbd Value: provenskincare.com
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_11470 Value: 1642191110764%7C0%7C1642191110764%7C%7C
.facebook.com/	1970-01-20 02:19:27	Name: fr Value: 0GnRR1RyxLoD6YslJ..Bh4dkG...1.0.Bh4dkG.
.provenskincare.com/	1970-01-20 17:41:03	Name: _ga_ER9PKMKG33 Value: GS1.1.1642191110.1.0.1642191110.0
.provenskincare.com/	1970-01-20 17:41:03	Name: _ga_91WG9T9YM4 Value: GS1.1.1642191110.1.0.1642191110.60
.provenskincare.com/	1970-01-20 08:55:27	Name: _pin_unauth Value: dWlkPU1tRTVNV0V5WXpZdE9URm1OUzAwTm1JekxUazNOekF0WkRFMU1URmlOakEzWXpabA
.ct.pinterest.com/	1970-01-20 08:55:27	Name: _pinterest_ct_ua Value: "TWc9PSZsWi9mNUY0NUVVM1AwNC9EaFpramNXQ3IvT1YrSnVWV0lFWWJYRUhiZTR4Wk1zdGtXamd0Nk5kR1hvbTNiNldXK0xobkptZDhVdm4veXhROWp5RDVkdHRqUzJReXhLbDUyaEREVjdia2VjQT0mM1Mxc0lXbVRNbjNJa05uczBlYXVOcUtJV3hRPQ=="
.doubleclick.net/	1970-01-20 00:09:52	Name: test_cookie Value: CheckForPermission
.provenskincare.com/	1970-01-20 09:39:37	Name: _scid Value: 56e01395-b5c7-4c97-9977-ebb6279dabff
.provenskincare.com/	1970-01-20 00:09:58	Name: _ga Value: GA1.2.1230844927.1642191110
.hubspot.com/	1970-01-20 00:09:52	Name: __cf_bm Value: 1H9zRmjH2H.BP80_h7EYlx9YytwQ7wK54uoWhMcL8PY-1642191111-0-AXJzRT8OSDoFY2VXUEurWtPDuqtNm+vfCu+OEjgXauSvUOvi0+4pBXRL1qiaKRlWWrPcmL1wauS1Zd3hvJo0cSw=
.provenskincare.com/	1970-01-20 00:09:52	Name: _gaclientid Value: 1230844927.1642191110
.provenskincare.com/	1970-01-20 00:09:52	Name: _gasessionid Value: 20220114\|06254137
.provenskincare.com/	1970-01-20 00:09:52	Name: _gahitid Value: 20:11:51
.provenskincare.com/	1970-01-20 00:09:58	Name: _dc_gtm_UA-109841154-3 Value: 1
www.pinterest.ca/	1970-01-20 08:48:15	Name: _pinterest_sess Value: TWc9PSZ3MjBtNVZreklsYTZHdHc1ejJOUVRRM1NvTW9odjl0eS9BWGNWMEEwRnFlZmxjZ1hjS25aWTFwY1QwWXlIbUp3dmNIZXdvRk83aDRsRStGdENIdjg5N3lpYldsMndLVFExNGlQcXFlNCtNND0mM0xzTVowTnlwVXU1Sm5UTWw5ZzZpNWdFTzlvPQ==
.snapchat.com/	1970-01-20 09:31:27	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ0AIQgEwIpIdgkoXDfi2YXF69N5TTXEgqX8U10MkZLpJX12L2qsMbBp+NhMmbz2Uxw+J7O8QAAAAA==
.tapad.com/	1970-01-20 01:36:15	Name: TapAd_TS Value: 1642191111344
.tapad.com/	1970-01-20 01:36:15	Name: TapAd_DID Value: 7eb18bd7-8c0a-4cc6-9969-7ff30350cf80
.provenskincare.com/	1970-01-20 09:31:27	Name: __hstc Value: 16502953.2d372e9b09eb477f7f6d6934a2527db6.1642191110968.1642191110968.1642191110968.1
.provenskincare.com/	1970-01-20 09:31:27	Name: hubspotutk Value: 2d372e9b09eb477f7f6d6934a2527db6
.provenskincare.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.provenskincare.com/	1970-01-20 00:09:52	Name: __hssc Value: 16502953.1.1642191110968
.tapad.com/	1970-01-20 01:36:15	Name: TapAd_3WAY_SYNCS Value:
.provenskincare.com/	1970-01-20 09:39:37	Name: _sctr Value: 1\|1642118400000

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://provenskincare.com/ Message: <link rel=preload> has an unsupported `type` value
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-b16a5644bd41a0300055996615a693fc' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
api.hubspot.com
api.segment.io
bat.bing.com
cdn.heapanalytics.com
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
dl7bo1dy930sf.cloudfront.net
edge.fullstory.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
heapanalytics.com
js-na1.hs-scripts.com
js.braintreegateway.com
js.chargebee.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
maps.googleapis.com
media.provenskincare.com
p.yotpo.com
pay.google.com
pixel.tapad.com
play.google.com
proven-api-production.herokuapp.com
proven-pay-production.herokuapp.com
proven.chargebeestatic.com
provenskincare.com
provenskincare.zendesk.com
rs.fullstory.com
s.pinimg.com
sc-static.net
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
tr.snapchat.com
track.hubspot.com
trkn.us
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleapis.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.pinterest.ca
www.pinterest.com
www.provenskincare.com
104.16.53.111
104.18.72.113
107.178.246.49
13.33.60.15
13.33.60.7
142.250.80.34
143.204.144.83
143.204.150.102
23.208.216.207
23.22.144.165
23.223.26.190
2600:1400:d:597::1d72
2600:9000:2140:8e00:2:9629:efc0:93a1
2600:9000:2140:dc00:2:9629:efc0:93a1
2606:4700:10::6816:1b5c
2606:4700::6810:135e
2606:4700::6811:47b0
2606:4700::6811:81ab
2606:4700::6811:b949
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6813:9a53
2607:f8b0:4006:807::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2607:f8b0:400d:c09::5c
2607:f8b0:4023:1404::9a
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:1c::84
34.235.196.25
35.167.90.204
35.186.194.58
35.186.226.184
35.186.249.72
35.201.112.186
44.196.157.173
54.205.137.106
54.205.8.205
99.84.125.102
99.84.125.30
99.84.42.43
0043b74cad3af5be4da76dba7f7bbdb124d7d93998314b19355cae3d1b98ab3b
0163ed9c37be09a5c977ee44c0745babb1af4ab7c9f7e1a810119de828ae8776
01c7d9e2c8e60ef039fbb17f02c55cec82a8540a824c1bd6ae1876c3c579c14f
0382033ed17632c84a22cd8fef78b3cac8b88a2cf3fba5963695dcbba9084b16
05340e0a07b18968ad321d411deaaddf7ea41e123b2b5b49f5a316f1ab7617f4
0576746adb248de95ac646bcf2e86b2631b2c9b43bc051777b07e1209c990360
080fef23e0efa78be7fab6fba33a301e1fa040bfcf50bf450705f52c42ac5698
0b8d2afead8ea3d1de96fef58084040646ad9e720b92238d3bf02002d3835df6
0c33ec9a9c3b870144eb720fd8f6846d418ec1fa20541d802683afbe9a078e05
0cdaafb05aebc670c3cdc62e7a78ac997bb929a0c7a5bed29f7eeb9409c0e949
0dc8d796bba7a68f4bacd7c532169d69b78b38b473768695f194bc576b5a0fbf
0e6c27e3e7d394f94c4bcb7956bbc0281e08449d3ac13c21a73f8d10757936cc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111f1700ccb35898fa18b3bbf8eb1d0b0f6e7f744cf9fa6e59e5a2723dd9f20f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13575b73cac87583ac763ca4c7686f8afa32e1073005708e2cbe60c7f6ebb24a
1856b8056e8ee3cdb276ab7312950c665ca5fb0c76e7649a5de044af8d9c0d78
19c12e98e3b610d33ad108d18c8530c1993b3874edd9e428ee5835c7bbdc3c70
19ed976a4724709fcaf7ff3bdbcbb53b85e52705907714e94344053ae921c2d4
1a455bed92688ecb0154949056602cd05e3935a1477b9a4c9977ce4babbd4884
1eebfd0782dc876c3f1898ac926a079ad4e3a6724e56416cce8b7140f7efa0e4
1f13a7681dc76d6f94eb9689010957102fad6201d9fe66cf9a38bff2175fc3c1
219b1ad337ad768e5b6585f3ff1eb46edc3161515b72dd4b2a7a19cea5af491f
22da86dc82b90066474e9ef15261b48aabafbdd077c9e30958a1d76d8013cd28
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
2593d26ee9aa5d2f1199959ecd81c8b0ef652bb5b26aa340b4eedcbf4defd51b
28c92f05820a6c5de6f808c06e094c636090cbc9b27bbdcddc9f9fa96c119641
2a760b4c60ab075c6eb7f9efa51d7ac8204abd608154e4799c76030c9c14ecd4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b592df762b6f8da4214da6f1a773faf7ac6974617a9d9d5ae216fe5a8eb3cbd
2cdaf93cd259a149c5670940aea586693e79fc0bbd89aa68a5fa2a417dc5ce3d
315807594714645376dc85b1f2e13b5ac7d47ef6a493722e5fa9d09485ee77ae
318c043986072ade361aec4a29376e5b673256821a934707f6ec02e8941ce7cc
331f8cefac801437eff2724b5d79232460c02abef59b39e1b03ce594e188759d
33d5c0e489c5fc032ebb1f3db66f5e9aa469d35c8e100e3474d3f17214add149
347a3e42ca0d77c5fecb3a20ff785e13ea716c746ec4a7c29d29adb01f40a6e6
35650671d8c7af59f8492d2dd872e86d613cf578a5ef04b7c984a112601b7ff5
36e3547c2671c0a3448e43d55c294097919619a9d6e0bfc23725c33f8c1e755e
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3808d783c90f7e80499abbd3aa363157574df658c7820ababb64d391588af368
39ccf43a0ed08d642d45708e5756cfe20c94519a3061137988a97c0c7f53ecbe
3c439c477f02c457d6c0236e782d374ad5292030c5ddd042316d182f40e1cce6
3f7fdcb1af8fedaaaeedb7ddf1a262bfc43cf70279b44dfa52bd68a7e8cccd0f
3f8597f4191e4ec7dc45f83c7bafd46f850b3a910845df8038c350ee52a2699c
4103f74eb3f5890820772b200a99b29b1c719658aa5a279584c4ed3dca8eba27
43f547cddb1f240415ab4d38c219904a961471cb92bb79991e063e3d1b1cc1c5
443bb2805b80c1ef2fce6745d430010bba949826914b18a4d31259598dad928e
463d51a0ec0a4b4165898851fe1e9e5a1d3dcb1a80c9277493d03cf23a40249d
4657ba75aee330df7c2711a7bda9634b2e66acfc89fce056044cb9e81b1566c4
4786aceb6f6d42ee3ff93ea02d9a3db65f4748c615d7fb3064a45f87a4ba79a1
4895453339f24e72cca491c411f93dcfd3c8e92e43de4d79efa551af2b598f28
4b9d70a3b0890d85eb0631d030b668a4f645cfb3ac8a7ea7450578aa61fcd0d8
4bca3a8cc060f8f2e24f68b33cc1a4edc6105b5ea28309bb35d065798776abde
4cdcbaa6e705a3ea0a0136dd08ebe32c09ff2eb3ef9d4dc9261b84c788f93d78
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
4f2368d86f3e6647bf945f0543fef72a3f311cf4f1f83daf62d3ab6b43b04a3f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
503de4b22b41d45c9378420536cb91c2b7831ed7bad4c9c7b3d1f2262c43ba48
51b1630a6723f0de568e878db5e53e0e0df494cffa3622dc4f782fba1d760921
521cb89d2edd31e2854ab8fbd0d50b315fbbc8fe392db34fd98279455589ca70
5391d40e1889ecb9b36fad23734c6fe45d50569ee8a8aae1da8d794b8214559e
571174fdf686ab6cc2f73a0550ce39cf429f3c804d22b5653d05225b98b6c572
58d5f4da3e334515d5cddcbd566bf99f948c8e83af2ef6bc579368421b02ab8c
5955908348c9dc49badb9b08e2448d49db335f16720edaf1bf6cbe67692129ae
59c0b4e50d63eddc4a075efc74fd39728f0cbeb166f41a17f41a20e0528772fe
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5dca0fe66a3068fb19114bfabf1925da3b77e2af50637ceed2ffa1bb14e3ab46
5f62449368ca7569739f5c258755679e3c1eef1ec85954e6cba3277a6a4a80d8
646758145804d42d7b524f868a1b002963b79c1d477b7ce565b860147100efbf
64d589a7dc89779bfea256a4373a149ce9828ddb31b08846c18e13a8dccd40c7
64e33b079461e2f33c554b4899c2e8b818c699fc0e74c536b3decdca06a90d80
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6882122adb21af5d1a1fc433924cf9fc01d376ecc5e165cd06d190f5e622cb49
697244d1fd188b3bd6e08eb73be45a40f3d6d1758c58e8844fd60fe549955f86
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d0c88bd42b46b0bd75b586162e63649a0fc09e82cb3891225f926b73cb4df1e
70ee6077a73d964c841f911ad0dd6b8109a68845b3c2e7ca470b13d808d39608
7247ea1aa0c0219d596548a11252be0858818d20301b647f42c78af7160d6800
74502e391a9b59078e74d5cf98edf5b23e753b5590403f2dd114465bb74f382f
762bc62721580cd804e80ef3be945628fb5d4ebaa24dba64c13759d25809cc52
77b116309a3a18dcd1ddc9bca96398428ef69ab83d79f368fe001579df507ce8
8204b4f84cbe1a7f594e9451f83f1901d0f6fc5f107c81221b8c42ba7f2cb2dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86ae4be9138eed8e081745279e0be0307abbb4a03ef235a1c182b737024acba5
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
882a54ce07c1a85aa60df075c276a354d049eadb070e848ccc67faa71e6e15f3
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8fa7fda767d7b6ae61ae9904d0579635516707f568aec59c52223d0334dbc597
90d0547e910015cbb7c6afaed1b430f8e5249635ca8650cc3389a171cf83ea31
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9572cbb0d9a40330cd976ab8242aa56cf8adad6eeb334f64c2ae16e38413e74b
96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81
970b41c7b91e24fdedd379e95edddece68399a53af803e2c9ab314f38410f681
971f352db21fcdb192853ac6d7f1e9e465bad56d869ab59d46afed122c07ef6c
9cb88ab4402fbdc4374d230d9c0961a18c0a72401c72211525e6750412c19da9
9dc0aa0baa04ce717bca8c49aead6b51c9c9fe0d9c03e96a6b14a8d9f962505d
9ed7616803be59d12d7e1f58df78df47f049e71de0b3b191e4d8e0ae4394e1f9
9fde26f4ce2a45a2fea532919f69241588020baf9539db40ccdaa6fd32d561b9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d5dbf4a954c67f09ec38a9bf867fcc61772a3d7ba5e0fa99b1c1683c24c948
a38be85daeb6788a0b0516a2f6009b31e418cfa8d1e9b3d52401b467ff622b9a
a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00
a85ea540e774d24b3472a92b0e69b48634c76af3a0dfce7d10ed473163285984
aa4f5d12cffdfafbd897c94cbf0525fd831ee721068a876a8ab07d62df7971bb
ab8a12a19a62770b4cff51a93f816822ecc684325972d299e56dc044cc47e275
adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
af41438f551956cda15b2e819ac22146c70c66d7b7be3231aef4f1550bd10897
b09045dcf1f0753839f4886b822ced8c75c47cccdd47e85cec848dc8f30ab9d5
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3f6ca14838f75b9da7e6d893680e3f8b7719cfeeb2ea3a8b093ebee6ba5bf01
b46f76c8c276a41409e0b298d1b9add02762ff622774fc71b40c178e0133a54f
b96969f6be41af467e1f83cf914161b7032dce162b4327f42ae6372831cd2b6d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5dc6f130f2a81f9b5f01099051a1184590a5258bce07aad8e4b2aa1eabb2ef
bd01ecbea3553894676f82b187a592a888bf240a17cf6d5629d7e34b80466a9a
bf86938f783674210545999b5d6da96254cc4b21eb047224fb7f329f78ed165e
bf8bf79a36f4f9447bb94a56e20f9d9c29b6718a87f56f1dbc52801a42c87c88
bffda250847d12895f943833068ceb90239ad1170edc1673232ba4aa5d1f95fe
c005506a752bcbe41277a2a85a40d4e0c2a9adf7584141696cd80be1e3493322
c12ad863b1233abbc6e8e0b4789705b548baf510f8f83b9c0e88c1bd00c079b2
c697db1f8fb2ad454e452a0c6bde1ef5a66e2bae2702c0a6c9fcfe7ffc3b41d1
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc55abf8746b56b4914bcda65d9f2cc61ee1e3ea7818436ca1a6277bd5ad6897
cc58a8fbf2661b1209870c1878576fc94b183130d2aae962914cfb13e19f4827
cce88e8655deefbbd13f3ee0c21297fc2ea7755ca91a7397a4801e50075502e3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce0966ed1f296de66dbc09c654a601629cc878b24c3dffe37ccc59ababc28741
ce8a9a335801ed833a2ca90e59cfd99852ccb2ebdf4a976fcc8c77f79678773b
cf50c74c392471fbab3bcfd8da9e538c52ed24440df85c1a589743ab59d9a856
d19f713af09d0f36be4d9eb4e41fe80108e21e0490b3ea1ea90df73bd35f26d3
d35aa5b5fca843377ae49c8b2fa542a04711c030c8669fd3dbc87e50c5d0982d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d766d7ed26fc5d52adf1b663396c94c135d0cd3e8ee6a7e9e94435693ffca0b3
d909e53834c6d7df314b3b393f7fdf8f4510c2d20608066f116941ce487f0d58
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dce63fa8d984cd8f22973cd72c8c690e83ffa1a0066f00097c1797886897ea3c
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e0d134bdc662a04fae8a4f8c286af22eac0d74ca224452c3e00f8435ea3e1957
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3
e56d3a86cd3fe9595d44b74dfb4b784b4d21bd6c7f23ddb2c0d2397c895993ca
e68f416becae43969e3298824f3b733a0ed2ce56ee6c6416e34162f80c7dd278
e78f0de56a931c6189b4aff0b2c9f78d3a263fb9c9aa970107115880701cb33f
ead782132b9c9a165a21c9e5a3705804d8f44a42b888ab86d65a9b0196da7980
ee1f54009f8477de8570d9c8cd5b46f3713d4278f43e3c8d34d91a4d7dc3a9b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0828d2e3bcab33bd2db5aedf65dac5a15d5b8f37bc35a5a76842615731d7f89
f17320332190c9df489344bf017c8aabd61a019329ae15f6c889308dca13e4ae
f2d93058b573566d1970ee894c9b413b6982ac99938f76918e6b7aa109363285
f3ca18f3873d212c3cbdfc078db8a7daabf075421a58ec1b5234cbee32cee554
f4db2ef3c793edc9a9f02227af71f87a1babadd70520c7f848aad814e8922f21
f5cced06008892d3601bc8481951aa99952439a21f551c5e8b27909644c7fd27
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f811640d0afe5cd317f23cacc9fa3852a0f565e8284535dcb328cc8b7665814b
f89e69bc8e1ded24d449567d4b7081382dfc6d6739175450d8505f8408b8d383
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
fdcb3301b76a301c7992d71f28464fcf0a108a131ac4884fb54c1e7a38903bf0
fe8fbe469cdfb876e22024445f3c9d376025120f106365db02551a34d40d9b23
ff8c269f434418e8978782f1bad54f77c7708bca7c1a00505504de6ff6918ddb

provenskincare.com Open in urlscan Pro 2606:4700:10::6816:1b5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

266 Requests

98 %HTTPS

57 %IPv6

43 Domains

60 Subdomains

51 IPs

2 Countries

7364 kBTransfer

21538 kBSize

43 Cookies

5 Outgoing links

Page URL History

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

98 %
HTTPS

57 %
IPv6

43
Domains

60
Subdomains

51
IPs

2
Countries

7364 kB
Transfer

21538 kB
Size

43
Cookies

266 HTTP transactions
0 data transactions