pantene.com Open in urlscan Pro
13.107.253.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Effective URL:
https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Submission: On October 10 via api (October 10th 2024, 9:26:59 pm UTC) from US — Scanned from US

Summary HTTP 101 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 22 IPs in 1 countries across 19 domains to perform 101 HTTP transactions. The main IP is 13.107.253.40, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pantene.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 10th 2024. Valid for: 6 months.

This is the only time pantene.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
44	13.107.253.40 13.107.253.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.204.220.139 23.204.220.139	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2600:9000:24f... 2600:9000:24f0:3600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::71	15169 (GOOGLE) (GOOGLE)
1	52.35.73.124 52.35.73.124	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.220.125.154 23.220.125.154	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.249.86.140 13.249.86.140	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	52.247.19.76 52.247.19.76	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.168.97.94 3.168.97.94	16509 (AMAZON-02) (AMAZON-02)
1 2	172.253.122.149 172.253.122.149	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::ac43:49ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.203.25.147 54.203.25.147	16509 (AMAZON-02) (AMAZON-02)
101	22

2 2620:1ec:bdf::40 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.pantene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
privacytermsprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 13.107.253.40 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pantene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.204.220.139 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-220-139.deploy.static.akamaitechnologies.com

cdn.pricespider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:24f0:3600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.73.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-73-124.us-west-2.compute.amazonaws.com

wtbevents.pricespider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.125.154 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-125-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.249.86.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-86-140.jfk52.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.247.19.76 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mediaid.pg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.97.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-97-94.jfk52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net

8631039.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pantene.com 1 redirects www.pantene.com pantene.com	4 MB
13	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3891	315 KB
6	lytics.io c.lytics.io — Cisco Umbrella Rank: 11696	50 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	144 KB
4	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 373 js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945	14 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1794	34 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	409 KB
4	pricespider.com cdn.pricespider.com — Cisco Umbrella Rank: 17275 wtbevents.pricespider.com — Cisco Umbrella Rank: 21210	106 KB
2	doubleclick.net 1 redirects 8631039.fls.doubleclick.net ad.doubleclick.net Failed	785 B
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2568	3 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 446	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1324	171 B
1	pg.com mediaid.pg.com — Cisco Umbrella Rank: 237579	692 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 2160	5 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 1224
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	azureedge.net privacytermsprod.azureedge.net — Cisco Umbrella Rank: 123856	2 KB
101	19

	Domain	Requested by
44	pantene.com	pantene.com
13	images.ctfassets.net	pantene.com
6	c.lytics.io	pantene.com c.lytics.io
6	www.facebook.com
5	cdn.cookielaw.org	pantene.com cdn.cookielaw.org
4	cdn.segment.com	pantene.com cdn.segment.com
4	www.googletagmanager.com	pantene.com www.googletagmanager.com
3	cdn.pricespider.com	pantene.com cdn.pricespider.com
2	8631039.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	pixel.tapad.com	1 redirects
2	match.adsrvr.org	2 redirects
2	connect.facebook.net	pantene.com connect.facebook.net
1	api.segment.io	cdn.segment.com
1	insight.adsrvr.org	js.adsrvr.org
1	js.adsrvr.org	www.googletagmanager.com
1	mediaid.pg.com
1	pghub.io	www.googletagmanager.com
1	z.moatads.com	pantene.com
1	wtbevents.pricespider.com	cdn.pricespider.com
1	www.google-analytics.com	www.googletagmanager.com
1	privacytermsprod.azureedge.net	pantene.com
1	www.pantene.com	1 redirects
0	ad.doubleclick.net Failed
101	24

This site contains links to these domains. Also see Links.

Domain
www.pantene.com.au
www.pantene.com.cn
www.pantene.in
www.pantene.co.id
pantene.jp
www.pantene.com.my
www.pantene.com.ph
www.pantene.co.th
www.zininmeer.be
www.enviedeplus.be
www.pantene.de
www.epithimies.gr
www.pantene.co.uk
pantene.it
www.pantene.pl
pantene.pt
pantene.es
www.pantene.com.tr
www.pantene.com.ar
pantene.com.br
www.pantene.cl
www.pantene.com.co
www.pantene.com.mx
www.pantene.com.pe
www.pantene.ca
twitter.com
www.facebook.com
www.instagram.com
www.tiktok.com
smartlabel.org
www.terracycle.com
privacypolicy.pg.com
termsandconditions.pg.com
preferencecenter.pg.com
herbalessences.com
headandshoulders.com
aussie.com
haircode.com
www.mbib.com
hairbiology.us
olay.com

Subject Issuer	Validity	Valid
pantene.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-07-10` - `2025-01-10`	6 months	crt.sh
*.pricespider.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-06`	a year	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04	`2024-09-19` - `2025-09-14`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-20` - `2024-10-18`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-27` - `2025-09-27`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
pghub.io WR3	`2024-09-02` - `2024-12-01`	3 months	crt.sh
script.crazyegg.com Cloudflare Inc ECC CA-3	`2024-08-02` - `2024-12-31`	5 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
lytics.io WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Frame ID: D047E925DB6DEE6D84996842D2205F13
Requests: 101 HTTP requests in this frame

Frame: https://8631039.fls.doubleclick.net/activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment
Frame ID: 2A7710A30930CB4FE7DB757068B4B1FF
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 56FC5D4B4FA5975EE55276958101AA26
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 69327DF358280A68A1EA976A7E0D50D1
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vxmlb2d&ref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&upid=xsza7zo&upv=1.1.0&paapi=1
Frame ID: 74ED05AFA88691C7DDF72968B90CD49C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 - Content Not Found | Pantene

Page URL History Show full URLs

http://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment HTTP 307
https://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment HTTP 301
https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

101
Requests

97 %
HTTPS

41 %
IPv6

19
Domains

24
Subdomains

22
IPs

1
Countries

4959 kB
Transfer

7070 kB
Size

30
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pantene.com.au/en-au
Title: Australia

Search URL Search Domain Scan URL

URL: http://www.pantene.com.cn/
Title: Chinese Mainland – Greater China

Search URL Search Domain Scan URL

URL: https://www.pantene.in/en-in
Title: India - English

Search URL Search Domain Scan URL

URL: https://www.pantene.co.id/id-id
Title: Indonesia - Bahasa

Search URL Search Domain Scan URL

URL: https://pantene.jp/ja-jp
Title: Japan

Search URL Search Domain Scan URL

URL: https://www.pantene.com.my/en-my
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://www.pantene.com.ph/en-ph
Title: Philippines

Search URL Search Domain Scan URL

URL: https://www.pantene.co.th/th-th
Title: Thailand

Search URL Search Domain Scan URL

URL: http://www.zininmeer.be/tag/pantene
Title: Belgium - Dutch

Search URL Search Domain Scan URL

URL: http://www.enviedeplus.be/tag/pantene
Title: Belgium - French

Search URL Search Domain Scan URL

URL: https://www.pantene.de/de-de
Title: Germany - German

Search URL Search Domain Scan URL

URL: https://www.epithimies.gr/%CF%80%CF%81%CE%BF%CF%8A%CF%8C%CE%BD%CF%84%CE%B1/pantene
Title: Greece

Search URL Search Domain Scan URL

URL: https://www.pantene.co.uk/en-gb
Title: Ireland

Search URL Search Domain Scan URL

URL: https://pantene.it/it-it
Title: Italy - Italian

Search URL Search Domain Scan URL

URL: https://www.pantene.pl/pl-pl
Title: Poland

Search URL Search Domain Scan URL

URL: https://pantene.pt/pt-pt
Title: Portugal - Portuguese

Search URL Search Domain Scan URL

URL: https://pantene.es/es-es
Title: Spain - Spanish

Search URL Search Domain Scan URL

URL: https://www.pantene.com.tr/tr-tr
Title: Turkey

Search URL Search Domain Scan URL

URL: https://www.pantene.com.ar/es-ar
Title: Argentina

Search URL Search Domain Scan URL

URL: https://pantene.com.br/pt-br
Title: Brazil - Portuguese

Search URL Search Domain Scan URL

URL: https://www.pantene.cl/es-cl
Title: Chile

Search URL Search Domain Scan URL

URL: https://www.pantene.com.co/es-co
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www.pantene.com.mx/es-mx
Title: Mexico

Search URL Search Domain Scan URL

URL: https://www.pantene.com.pe/es-pe
Title: Peru

Search URL Search Domain Scan URL

URL: https://www.pantene.ca/en-ca
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.pantene.ca/fr-ca
Title: Canada - French

Search URL Search Domain Scan URL

URL: https://twitter.com/Pantene

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PanteneNA/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pantene/?hl=en-us

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@pantene

Search URL Search Domain Scan URL

URL: https://smartlabel.org/product-search/?br=pantene

Search URL Search Domain Scan URL

URL: https://www.terracycle.com/en-US/brigades/pantene

Search URL Search Domain Scan URL

URL: https://privacypolicy.pg.com/en-US/#statePrivacyNotice
Title: Privacy

Search URL Search Domain Scan URL

URL: https://privacypolicy.pg.com/CHD-en
Title: Consumer Health Data Privacy Policy

Search URL Search Domain Scan URL

URL: https://termsandconditions.pg.com/en-us/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://preferencecenter.pg.com/
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://herbalessences.com/en-us/
Title: Herbal Essences

Search URL Search Domain Scan URL

URL: https://headandshoulders.com/en-us
Title: Head & Shoulders

Search URL Search Domain Scan URL

URL: https://aussie.com/en-us
Title: Aussie

Search URL Search Domain Scan URL

URL: https://haircode.com/
Title: Hair Code

Search URL Search Domain Scan URL

URL: https://www.mbib.com/en-us
Title: My Black is Beautiful

Search URL Search Domain Scan URL

URL: https://hairbiology.us/
Title: Hair Biology

Search URL Search Domain Scan URL

URL: https://olay.com/
Title: Olay

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment HTTP 307
https://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment HTTP 301
https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=jj1jowx&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=jj1jowx&ttd_tpi=1 HTTP 302
https://mediaid.pg.com/ttdsync?tdid=6abe6859-fed2-4d4c-a99f-fa19705a6066&ttd_puid=

Request Chain 77

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756

Request Chain 81

https://8631039.fls.doubleclick.net/activityi;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment HTTP 302
https://8631039.fls.doubleclick.net/activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment

101 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -treatment Show response
pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/
Redirect Chain

http://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
https://www.pantene.com//en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

342 KB
344 KB

430ms
234ms

Document
text/html

13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

429472ad3959368e9e5b938fc5816f788569d8891590c6d821840990abcbb8eb

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=31536000
content-length: 349867
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
content-type: text/html
date: Thu, 10 Oct 2024 21:26:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-apg-ha-id: NA-EUS2
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000myz
x-cache: TCP_MISS
x-content-type-options: nosniff
x-fd-int-roxy-purgeid: 150
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block

Redirect headers

content-length: 0
content-type: text/html
date: Thu, 10 Oct 2024 21:26:49 GMT
location: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
x-azure-ref: 20241010T212649Z-168d47657fds77w912vyvuevmg00000001yg000000001c0m
x-cache: CONFIG_NOCACHE

GET
H2 200 1fe59058004d7409.css
pantene.com/_next/static/css/ 3 KB
5 KB 206ms
205ms Stylesheet
text/css 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/css/1fe59058004d7409.css

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b043f50ab2fe0db32e5c39f93742bdc96fea70d40534de98dfb3e6cc34b2939

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/css
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 3551
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000mzs

GET
H2 200 ps-widget.js Show response
cdn.pricespider.com/1/lib/ 5 KB
2 KB 1610ms
167ms Script
application/x-javascript 23.204.220.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pricespider.com/1/lib/ps-widget.js
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.220.139 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-220-139.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: db542359ce54f6f22c749d096ec4eb110227a1d80fe247d88ac567e94d56c772

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: "44d6f86b4cbb65813e601ff2f2cbeda7:1696280613.020515"
access-control-allow-methods: GET,POST
expires: Thu, 10 Oct 2024 22:23:13 GMT
date: Thu, 10 Oct 2024 21:26:51 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Oct 2023 21:03:33 GMT
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: max-age=3382
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2179
server: AkamaiNetStorage

GET
H2 200 4135.bce2b8cfcd01ae4d.js Show response
pantene.com/_next/static/chunks/ 1 KB
3 KB 141ms
133ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/4135.bce2b8cfcd01ae4d.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

853077d1468f98d1e5d12cba2f510ee0dad7bb9a5f6d92f243f98000f0272caa

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 1382
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000mzx

GET
H2 200 94726e6d.76fcbc226420e165.js Show response
pantene.com/_next/static/chunks/ 50 KB
52 KB 141ms
133ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/94726e6d.76fcbc226420e165.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

64f2df3789310407afe8e9f8ff13b996f59dc636e511d5faac42469dc1fb66d5

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 51664
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000mzy

GET
H2 200 6137.b3a49bb12dd80998.js Show response
pantene.com/_next/static/chunks/ 60 KB
62 KB 168ms
160ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/6137.b3a49bb12dd80998.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b588a3e081642b85dcb14889eff8c2d1e1fd2140eda32706c7148b9cbb8e455b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 61133
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n02

GET
H2 200 6525.2b57cd5301205da3.js Show response
pantene.com/_next/static/chunks/ 12 KB
14 KB 171ms
164ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/6525.2b57cd5301205da3.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

260ee43051580c2dd5add0676d69d83b66db27c5bd108faa76d7a9164b203985

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 11981
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n03

GET
H2 200 7270.0eb7035a725ca89d.js Show response
pantene.com/_next/static/chunks/ 5 KB
7 KB 169ms
162ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/7270.0eb7035a725ca89d.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ea72253a4e21a391abb0ce1367e9777d71827de68e7bfcead89c6a2866d3b172

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 5348
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n04

GET
H2 200 1664.ffc2c229050ec894.js Show response
pantene.com/_next/static/chunks/ 8 KB
9 KB 169ms
162ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/1664.ffc2c229050ec894.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48b7498d038fe768fd98f41e753f00df018554d494b614994c70a0670286c36d

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 7817
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n05

GET
H2 200 6673.5365f74c3ebd3540.js Show response
pantene.com/_next/static/chunks/ 3 KB
5 KB 170ms
163ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/6673.5365f74c3ebd3540.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0f6effd7444089fe3e2178f0b4bb60211c33be475bff3b0a66e609ede5895357

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 2726
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n06

GET
H2 200 5829.f96f2ad11ede9970.js Show response
pantene.com/_next/static/chunks/ 15 KB
17 KB 171ms
165ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/5829.f96f2ad11ede9970.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dfdec4989a4d4aae9983bc4489dbdfee030c70f66987584db59bfd805b538bd2

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 15689
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n07

GET
H2 200 1387.0f58b6aee8451873.js Show response
pantene.com/_next/static/chunks/ 6 KB
8 KB 172ms
165ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/1387.0f58b6aee8451873.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef87fd6d6981d3da042165ccc477709f015c4004f428f0c89b4d01e72fea0579

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 6167
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n08

GET
H2 200 8982.23db601615e4a236.js Show response
pantene.com/_next/static/chunks/ 8 KB
9 KB 171ms
164ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/8982.23db601615e4a236.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c65a1a9c8ef9b745a1f3555b9d2c79ac76cebf3c88085885060c0dd85e5daea0

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 7752
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n09

GET
H2 200 2445.d10b82ea989b8245.js Show response
pantene.com/_next/static/chunks/ 2 KB
4 KB 173ms
166ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/2445.d10b82ea989b8245.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51ae00749f46e54a40e62bf7c3cbf86b924ab711f5d8650c6b38ae9966f864ca

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 2174
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0a

GET
H2 200 365.6b2c991b42705680.js Show response
pantene.com/_next/static/chunks/ 3 KB
5 KB 172ms
166ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/365.6b2c991b42705680.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22f7b655f7e3f6b399076694c057c12994c600eae7a17d4f22448069a1391be7

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 3073
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0b

GET
H2 200 9109.4c91f3e15ae57bf3.js Show response
pantene.com/_next/static/chunks/ 13 KB
14 KB 175ms
169ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/9109.4c91f3e15ae57bf3.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e70509b2a7a0c37951281236bfc36cadcec7200de3d53e94a3bceb637e40d8a7

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 12805
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0c

GET
H2 200 2239.4babb16f284e4717.js Show response
pantene.com/_next/static/chunks/ 1 KB
3 KB 176ms
170ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/2239.4babb16f284e4717.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6ff0eea60786d336ea18534099b555207d4beb4c0e8c3577d4242eed7f518dcd

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 1513
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0d

GET
H2 200 2313.d9b387b33fcad47d.js Show response
pantene.com/_next/static/chunks/ 4 KB
6 KB 176ms
170ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/2313.d9b387b33fcad47d.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

baa2ff21e347629aa0ebce5e590f11b90e9eddc4645ba610e1017bdb1c44ea51

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 4231
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0e

GET
H2 200 624.771bd73d0a6d3ef3.js Show response
pantene.com/_next/static/chunks/ 6 KB
8 KB 176ms
171ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/624.771bd73d0a6d3ef3.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ae776cbd80f1007f44d6a2cc742f8b19694edf4482c8589e7251819febf8061a

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 6024
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0f

GET
H2 200 3060.030643b9332fa73a.js Show response
pantene.com/_next/static/chunks/ 5 KB
7 KB 173ms
168ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/3060.030643b9332fa73a.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

71de7c46ab06bb12f0d9cbdc205349729db310f940c4d312dd1f67d93b167b12

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 5524
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0g

GET
H2 200 webpack-e804b1336c4a0bbb.js Show response
pantene.com/_next/static/chunks/ 5 KB
7 KB 179ms
174ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/webpack-e804b1336c4a0bbb.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

56f683c9b0f05632f11055476a64dbd0629037463b6b503f49b006213f643a1b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 5612
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0h

GET
H2 200 framework-b1eb7db524662506.js Show response
pantene.com/_next/static/chunks/ 137 KB
139 KB 173ms
168ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/framework-b1eb7db524662506.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

68e31cad7f8f06e7d9e04742ecdd5849bd86e1cd0aa6a6fd98feea1a7440f19e

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 140018
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0k

GET
H2 200 main-ce96684017152c63.js Show response
pantene.com/_next/static/chunks/ 136 KB
138 KB 173ms
169ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b2ad095af79d57f13c6705e7389495842577bebb0e809e39fdc8ba1e789dfa31

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 139579
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0m

GET
H2 200 _app-c8e1de5e76a83ca0.js Show response
pantene.com/_next/static/chunks/pages/ 172 KB
174 KB 178ms
173ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/pages/_app-c8e1de5e76a83ca0.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b09b5dd149ac89facac5fc5f978e7ecd05b7ba030049481d05b93d895c97bfe2

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 176385
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0n

GET
H2 200 9629-694f74e9468a19da.js Show response
pantene.com/_next/static/chunks/ 39 KB
41 KB 176ms
172ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/9629-694f74e9468a19da.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9d8fbc703e9ba516bbb96b08e04c01e8d31f0d41f69cdeab9c64a9dce9a8e6e6

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 40318
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0p

GET
H2 200 5652-418adefc0cb3ffb2.js Show response
pantene.com/_next/static/chunks/ 71 KB
73 KB 177ms
173ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/5652-418adefc0cb3ffb2.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ae9069be250946a596edc9a437d26fb30e2988b7ae220914a54a57d3e1f6540

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 72947
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0q

GET
H2 200 %5B...slug%5D-aaf9adffb23baa21.js Show response
pantene.com/_next/static/chunks/pages/ 7 KB
9 KB 181ms
177ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/chunks/pages/%5B...slug%5D-aaf9adffb23baa21.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3806917ae8b4050d1fa90d829d159302d4935478a7f769ff3165c58d2baf6377

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 7059
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0r

GET
H2 200 _buildManifest.js Show response
pantene.com/_next/static/U9pPbB1VXStpB71fK0OPV/ 386 B
2 KB 176ms
172ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/U9pPbB1VXStpB71fK0OPV/_buildManifest.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

564d5a0f42e9476e5aea1ef86bd670df28a94b9a5101e3eedabe7f34e5ca0a82

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 386
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0s

GET
H2 200 _ssgManifest.js Show response
pantene.com/_next/static/U9pPbB1VXStpB71fK0OPV/ 97 B
2 KB 277ms
274ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/U9pPbB1VXStpB71fK0OPV/_ssgManifest.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce19c6e7b9c91a11bd8f985a20ae1eea0176840ecf2f809cf09bb636bb177c16

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: text/javascript
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 97
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0u

GET
H2 200 dot.svg
pantene.com/static/media/ 205 B
2 KB 323ms
320ms Image
image/svg+xml 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pantene.com/static/media/dot.svg

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

23d005d815dfc4d8e6a096ec447551e969884d0a88ccacdc6d28ce6a04042750

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: image/svg+xml
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 205
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0v

GET
H2 200 dotDT.svg
pantene.com/static/media/ 209 B
2 KB 278ms
275ms Image
image/svg+xml 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pantene.com/static/media/dotDT.svg

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fbd32fde5344a83949cb6bce071350b57ec06c92ac4aebb412c308818ffedc6b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: image/svg+xml
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 209
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n0w

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edc002ce7860aa23ce79e501b92f375b5bbe9fa93ff2dd66e07dd7687fb9b292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ff54836710d28d275d53962649e1f9a2709c3c45aa68ec2adb270b478cb8866

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 kasia-serbin-UxcRjTtzLXw-unsplash_dt.jpg
images.ctfassets.net/r9udlqyetmm3/6kEXqhEuyVZdBMMq2uHAUY/684950e430ad050b4e95c36d532dc1d9/ 176 KB
177 KB 146ms
44ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/6kEXqhEuyVZdBMMq2uHAUY/684950e430ad050b4e95c36d532dc1d9/kasia-serbin-UxcRjTtzLXw-unsplash_dt.jpg?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 851ef75a9c593304bdf58689c191b8f9f3b04bcf4224a95e4815a71fe2dd3db0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "e86f8f2526668f6207904fb609201a23"
age: 39000
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 180480
x-amz-cf-id: UcRQ_t_qnV75Ns0R3SocftPtuBCilzVnQ3x0YiuYQDHm7lXhrFLgQA==
date: Thu, 10 Oct 2024 10:36:50 GMT
content-type: image/webp
last-modified: Tue, 24 Sep 2024 08:20:18 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Montserrat-Regular.woff2
pantene.com/_next/static/media/ 64 KB
66 KB 180ms
178ms Font
font/woff2 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/media/Montserrat-Regular.woff2

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3437637c88e40ab5f57b1e37129d03ebb7594a6fc8ea56061284c93f8088beb8

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pantene.com
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: font/woff2
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 65900
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n3d

GET
H2 200 Montserrat-Bold.woff2
pantene.com/_next/static/media/ 65 KB
67 KB 182ms
180ms Font
font/woff2 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/media/Montserrat-Bold.woff2

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85c38352712041c50428f57fde76da934384f91015e46878072115f04b00f531

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pantene.com
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: font/woff2
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 66856
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n3e

GET
H2 200 justlovely.woff2
pantene.com/_next/static/media/ 99 KB
101 KB 181ms
180ms Font
font/woff2 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/media/justlovely.woff2

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

564df87a45b8ff61dff55f4b124a9bd032b5b1030dd439b4be9a4d323b701e60

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pantene.com
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: font/woff2
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 101152
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n3f

GET
H2 200 BebasNeue-Regular.woff
pantene.com/_next/static/media/ 23 KB
25 KB 187ms
186ms Font
application/font-woff 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/static/media/BebasNeue-Regular.woff

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a7bccb26b671ee38a35eb23481d123e2188d50f89fdf04345f51e9968138a12

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pantene.com
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:50 GMT
content-type: application/font-woff
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 23652
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212650Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000n3g

GET
H2 200 config.js Show response
cdn.pricespider.com/1/1766/ 281 B
588 B 88ms
87ms Script
application/x-javascript 23.204.220.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pricespider.com/1/1766/config.js
Requested by: Host: cdn.pricespider.com
URL: https://cdn.pricespider.com/1/lib/ps-widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.220.139 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-220-139.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c8b9b8c101d6239ec06930b3ad8ab6a8e233e6000975ad316990e97d82552f56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=3287
etag: "84b4c5ccca7ed04e862f9e0cc4440af6:1706726704.298432"
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Thu, 10 Oct 2024 22:21:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 281
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/x-javascript
last-modified: Mon, 04 Dec 2023 16:29:44 GMT
server: AkamaiNetStorage
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 565 KB
147 KB 196ms
99ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5783b76bab3af823dca35b4da7aeff2dd9068e8351bbc2699f179465e51722d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 10 Oct 2024 21:26:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 149267
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 privacy_and_terms.json Show response
privacytermsprod.azureedge.net/privacy/ 10 KB
2 KB 141ms
30ms Fetch
application/json 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://privacytermsprod.azureedge.net/privacy/privacy_and_terms.json
Requested by: Host: pantene.com
URL: https://pantene.com/_next/static/chunks/3060.030643b9332fa73a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 96105da35ff97e065ec0f27de038720c1e75e3f74df1c38b8eb5ee7ebe1560bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

x-azure-ref: 20241010T212652Z-168d47657fdvwv6getf2gvyp6400000000qg000000008kue
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76793368
x-ms-request-id: c746b2cb-f01e-0018-2443-1abaac000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
x-ms-blob-type: BlockBlob
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 30 Sep 2024 09:36:16 GMT

GET
H2 200 Pantene_Black.svg
images.ctfassets.net/r9udlqyetmm3/3sSIW3zLBSs0nGEH0jv9ch/9178d7d2fc8ab93f667b1dc861782477/ 6 KB
2 KB 36ms
30ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/3sSIW3zLBSs0nGEH0jv9ch/9178d7d2fc8ab93f667b1dc861782477/Pantene_Black.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 280146423fe6837095c5923531ba9e7a800f004532e6502539324a613b24b52d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"2bba2f00fc25693d478067d744911533"
age: 38181
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 2uOAB1g08r6O3tvwj9SU4ZA2V6faPFd0rnu8ch_f-Q7qoeRRS_rIKQ==
date: Thu, 10 Oct 2024 10:50:32 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Nov 2021 19:06:50 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 Location_Icon.svg
images.ctfassets.net/r9udlqyetmm3/i1c36cbahh5nK12uG8Gph/702da7b478626d04c7c50ad0ee380ff6/ 1 KB
1 KB 36ms
30ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/i1c36cbahh5nK12uG8Gph/702da7b478626d04c7c50ad0ee380ff6/Location_Icon.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 42656fab3bb319d7c121ad0145f594930b9478120951dabb4b26f824fa06e650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"198deaba47ce97b948c7d8d0ccd17dde"
age: 48784
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: zWeqvIcz6n4SWnAOSi9dCmriNCGkHlyiAs5zDtAm5sDPgHrUnB66Eg==
date: Thu, 10 Oct 2024 07:53:49 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Jan 2022 23:33:25 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 00080878200139_C1N1_1.jpg
images.ctfassets.net/r9udlqyetmm3/7khdVvzW50d7F7AqcaEXF1/2c7c0afc5196dd538baa329e73d6edf8/ 30 KB
31 KB 36ms
31ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/7khdVvzW50d7F7AqcaEXF1/2c7c0afc5196dd538baa329e73d6edf8/00080878200139_C1N1_1.jpg?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a2956c433a1631d89611eea1fb8d0dce9100cb0f67b319f25ac98cdd0e3d2372

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "ac742db75c479390beddb0f4441fc6de"
age: 24997
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 31068
x-amz-cf-id: BVydzp9oBYCe5piF9Hv45ByeRWDFuJcmgBlwREvDhujsHhm-stLD9A==
date: Thu, 10 Oct 2024 14:30:15 GMT
content-type: image/webp
last-modified: Mon, 02 Sep 2024 09:47:39 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 00080878192465_C1N1_dt.jpg
images.ctfassets.net/r9udlqyetmm3/6lxUgMrpaUXJIpjgZaQbM0/98eb0d01d5941bf3e3fdcaf9bb40b3b1/ 23 KB
23 KB 34ms
29ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/6lxUgMrpaUXJIpjgZaQbM0/98eb0d01d5941bf3e3fdcaf9bb40b3b1/00080878192465_C1N1_dt.jpg?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 923961b212765557f0460771cb7fdfa6499b5d54d2708cd266d227ef99129036

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "c1048b9c447793201c78b582b2d91362"
age: 39440
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 23472
x-amz-cf-id: _23bALcyvgWKRAk2iM4KfyYjgW5z-86ei_3Wb3ED-acFfYN1fIbC2w==
date: Thu, 10 Oct 2024 10:29:32 GMT
content-type: image/webp
last-modified: Mon, 23 Sep 2024 15:08:44 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 image_b_header_image.jpg
images.ctfassets.net/r9udlqyetmm3/7a0qkNqf17qzy1Ujjcx4Dc/597f2664e26668c117246d0da31f933e/ 68 KB
68 KB 42ms
38ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/7a0qkNqf17qzy1Ujjcx4Dc/597f2664e26668c117246d0da31f933e/image_b_header_image.jpg?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 10ecf662dc07d274fbd226dc8c0bdf42969638d89143b71f6d6779857194c5a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "01191db6f28dd56a06b9359e3809c34d"
age: 34432
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 69596
x-amz-cf-id: Hm9fHPQoQXjimjuKrn_gO8WAjQHT42nzPGW-ROn6x3G8j7Z5GyugSg==
date: Thu, 10 Oct 2024 11:53:00 GMT
content-type: image/webp
last-modified: Mon, 02 Sep 2024 09:47:39 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 twitter.svg
images.ctfassets.net/r9udlqyetmm3/5lxiA7p2WJku2sy8dqxoEF/628f9a055db9c130b8ced817b4921308/ 840 B
1 KB 48ms
44ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/5lxiA7p2WJku2sy8dqxoEF/628f9a055db9c130b8ced817b4921308/twitter.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c95ee1e27799aed1c52876830a03ce600add5ff35f1adf3b0b68be5a1bb8759a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "1c33aa32bbc0c6773a2d8119ad9b9987"
age: 45427
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 840
x-amz-cf-id: vbeHoN_BcSMQd04YEY09UNZgvf2A4GU_yylVgPMvDQz6qMupy90RhA==
date: Thu, 10 Oct 2024 08:49:46 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Feb 2022 22:52:42 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 facebook-f.svg
images.ctfassets.net/r9udlqyetmm3/2a2uqPa6Som0Vd5pqLxsr4/f1a4230163476e50ef5282c3ab9623af/ 494 B
882 B 39ms
35ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/2a2uqPa6Som0Vd5pqLxsr4/f1a4230163476e50ef5282c3ab9623af/facebook-f.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2d13b30cd7e235ba2c8671b4cd1d305a17ae9da87d6e58b2d707f8a7505516f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "c12bac4dae9501e63c026c17a6e1ca2e"
age: 45428
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 494
x-amz-cf-id: NeNAToIP-nYIOXumeL_WMJU2Nn3U9NbAV2mcalMVyEXzXHczxv2BDw==
date: Thu, 10 Oct 2024 08:49:45 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Feb 2022 22:53:10 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 instagram.svg
images.ctfassets.net/r9udlqyetmm3/6b3HS3HYb1fSRwntQWDZVu/261c5498490589769e47243391e8b693/ 1 KB
1 KB 47ms
44ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/6b3HS3HYb1fSRwntQWDZVu/261c5498490589769e47243391e8b693/instagram.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2946ed24c2d5b301cbef772e01fd80c46cbe87a8e45ae997caec19723dc63814

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"35417dde0b3d03d16f1c431f5e8f6536"
age: 45428
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: kM2VzSWDN5lbAsRpq-3Fpj2Jta06rB_w-5RS3_fU9yDou6MzaT0z5Q==
date: Thu, 10 Oct 2024 08:49:45 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Feb 2022 22:53:33 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 tiktok.svg
images.ctfassets.net/r9udlqyetmm3/6VUwM9kuRw9h0TF2A5jjYL/053976da32882acc18e363ce37f03fa8/ 671 B
1 KB 46ms
43ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/6VUwM9kuRw9h0TF2A5jjYL/053976da32882acc18e363ce37f03fa8/tiktok.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f03f52a9be8e0d6e27f3b138014ed30c1cba80d36ad818113a621641427812c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "05179918ccd514f8a7ca348ac14bd009"
age: 30606
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 671
x-amz-cf-id: RD-r5ZvPuAQ0Y6cdy8vRbr3j8lX7MaFcJtI47g8ZauM6bUSDce-hEg==
date: Thu, 10 Oct 2024 12:56:47 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Feb 2022 22:54:45 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 Smartlabel_footer-pantene.svg
images.ctfassets.net/r9udlqyetmm3/2c975TM8Jt4xMT6P4foSsz/a0defc6aa1aa595b9fa466553f9133a1/ 15 KB
6 KB 45ms
42ms Image
image/svg+xml 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/2c975TM8Jt4xMT6P4foSsz/a0defc6aa1aa595b9fa466553f9133a1/Smartlabel_footer-pantene.svg
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 92f7a7857ec128d10f999a874781ff2f1d2aed7d6182332610b7bb8b24825acd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"d2dc81f30fc86bd564de0291c16a1f50"
age: 45135
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: URJJUY5qhwUFBqy8P-FMxdqmOzHHjKWravQEGDoW4BstTZlvDh-utQ==
date: Thu, 10 Oct 2024 08:54:38 GMT
content-type: image/svg+xml
last-modified: Wed, 03 Nov 2021 01:13:32 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 pantene-terracycle-footer-DT.png
images.ctfassets.net/r9udlqyetmm3/2mVwvDwfoN5C2KDA07BYAa/4fb3b29d03a122015478be57c50ae808/ 1 KB
2 KB 43ms
40ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/2mVwvDwfoN5C2KDA07BYAa/4fb3b29d03a122015478be57c50ae808/pantene-terracycle-footer-DT.png?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4045a70253969c12bda1011aaaaa51fd4d174aa31d9eeba5d98159bd584ec84c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "fb04d797b4e9594fce69ecb756a16265"
age: 30606
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1472
x-amz-cf-id: imCxo5yDn58mxGQalxVyt__p4Mdo4_1gzOrT4Mu2AxDBnikQ1rfyyg==
date: Thu, 10 Oct 2024 12:56:46 GMT
content-type: image/webp
last-modified: Mon, 02 Sep 2024 10:39:49 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 privacyoptions29x14.png
images.ctfassets.net/r9udlqyetmm3/1WCstfu3r6vFCPBHYIkut5/6752962abb2483f757797f19af8cfaab/ 384 B
769 B 44ms
41ms Image
image/webp 2600:9000:24f0:3600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/r9udlqyetmm3/1WCstfu3r6vFCPBHYIkut5/6752962abb2483f757797f19af8cfaab/privacyoptions29x14.png?fm=webp
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 267d7049c2751094aed8d9c01d796f40d6b82e3db73a14a9703c4bf15fa7054c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: max-age=31536000
etag: "3470d93e78c94cc6328a41e40e6204b4"
age: 33919
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 384
x-amz-cf-id: z6nPbNqwd2UPLOELGRseaByRDXG02Ypls7rEZpu0TKEdMzXAE_asng==
date: Thu, 10 Oct 2024 12:01:33 GMT
content-type: image/webp
last-modified: Fri, 13 Sep 2024 12:16:18 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 ps-widget.js Show response
cdn.pricespider.com/1/lib/2.18.1/ 411 KB
102 KB 455ms
452ms Script
application/x-javascript 23.204.220.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pricespider.com/1/lib/2.18.1/ps-widget.js
Requested by: Host: cdn.pricespider.com
URL: https://cdn.pricespider.com/1/lib/ps-widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.220.139 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-220-139.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 30487fd4d91c493b688fd244ff344ce92895ef6dfae3d12de9e836e77dd82021

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 86400
cache-control: max-age=2740
content-encoding: gzip
etag: "e4ef11a5ee6433772a44d39b79b7221c:1700875846.2868"
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Thu, 10 Oct 2024 22:12:32 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/x-javascript
last-modified: Sat, 25 Nov 2023 01:30:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 en-us.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/ 312 KB
314 KB 44ms
40ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us.json?slug=en-us

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

defab7d6a0a7f179347707b2f68206a5b8d1b6fd5108ba981934ad420d42dd9a

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 319328
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000na6

GET
H2 200 miracle-rescue-hair-revival-mask.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/product/ 268 KB
270 KB 45ms
41ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/product/miracle-rescue-hair-revival-mask.json?slug=en-us&slug=product&slug=miracle-rescue-hair-revival-mask

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f5db36d5ba853b82141d676b61b7b3796d39c8b3d17f9e2bec891be4aea672b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 274773
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000na7

GET
H2 200 miracle-rescue-10-in-1-multitasking-spray-leave-in-conditioner.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/product/ 264 KB
266 KB 45ms
42ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/product/miracle-rescue-10-in-1-multitasking-spray-leave-in-conditioner.json?slug=en-us&slug=product&slug=miracle-rescue-10-in-1-multitasking-spray-leave-in-conditioner

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0ceb94a42aff303e66c4477b36d2d0efc0684b5a96a952d48a537f4286e4d8b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 270163
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000na8

GET
H2 200 shop.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/ 424 KB
426 KB 134ms
132ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/shop.json?slug=en-us&slug=shop

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0677508f69ef528e134710d354658c7414849631dd02e366894d4925dfc56e1d

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 434142
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nab

GET
H2 200 pantene-story.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/ 244 KB
246 KB 135ms
132ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/pantene-story.json?slug=en-us&slug=pantene-story

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a5db4c8dae0b35c612cf310ee4815ea25bcc58b42b35b72a75303b4bfa7bdb6

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 249658
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nac

GET
H2 200 how-to-fix-frizzy-hair-when-humidity-rises.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/articles/ 230 KB
232 KB 135ms
133ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/articles/how-to-fix-frizzy-hair-when-humidity-rises.json?slug=en-us&slug=articles&slug=how-to-fix-frizzy-hair-when-humidity-rises

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

97a79cf601fb83747d9f8ed6246539258b956f4fdbf60d1d5b893a6228126cab

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 235749
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nad

GET
H2 200 money-back-guarantee.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/ 196 KB
198 KB 136ms
134ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/money-back-guarantee.json?slug=en-us&slug=money-back-guarantee

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

081b55cf81e777669d44d104f1d949a1b5c854e711a78c9b02a30cd5a1ed2acd

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 200515
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nae

GET
H2 200 aerosol-recall.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/ 214 KB
216 KB 136ms
134ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/aerosol-recall.json?slug=en-us&slug=aerosol-recall

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

37e61e6bebff96696dee1b09872608b7ef0db9c43eed234d623f4cd0fc26fbff

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 218789
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000naf

GET
H2 200 contact-us.json Show response
pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/ 194 KB
196 KB 136ms
135ms Fetch
application/json 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/_next/data/U9pPbB1VXStpB71fK0OPV/en-us/contact-us.json?slug=en-us&slug=contact-us

Requested by

Host: pantene.com
URL: https://pantene.com/_next/static/chunks/main-ce96684017152c63.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98eb16baf21605bad987f02de7a8ff3ba1eaba1c0af1cbaf5eea2e31a610ed55

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

x-nextjs-data: 1
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

etag: "03ad42de510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Fri, 27 Sep 2024 13:57:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 198602
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212652Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nag

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
94 KB 52ms
51ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-266YKCSS3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f43137734db1fc0a4064ffc1e8e10b8fa81a0337109c5eb2db0f25d2c95326ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 21:26:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96413
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 129ms
47ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCE8175C84449A
x-ms-lease-status: unlocked
age: 12
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 21:26:52 GMT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 04:03:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: a192417c-001e-006a-7e50-1acf21000000
cf-ray: 8d09b0f3cff2c443-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 169ms
53ms Fetch
text/plain 2607:f8b0:400d:c0b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-266YKCSS3D&gtm=45je4a90v879004403z8810212119za200zb810212119&_p=1728595612173&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1836062327.1728595613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=404%20-%20Content%20Not%20Found%20%7C%20Pantene&dl=https%3A%2F%2Fpantene.com%2Fen-us%2F404&cu=USD&sid=1728595612&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.global_gtm_platform=Advanced&ep.content_category=(not%20set)&ep.content_subcategory=(not%20set)&ep.content_type=404&ep.pg_category=(not%20set)&ep.pg_segment=(not%20set)&ep.pg_brand=Pantene&ep.pg_product_name=404%20-%20Content%20Not%20Found&ep.pg_gtin=(not%20set)&ep.pg_subbrand=(not%20set)&ep.pg_brand_group=(not%20set)&ep.pg_brand_group_code=(not%20set)&ep.pg_sector=(not%20set)&ep.pg_subsector=(not%20set)&ep.marketing_program_number=448&epn.dimension57=1728595612707&up.clientid=(not%20set).&up.lead_key=(not%20set)&up.user_agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&tfd=3135
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-266YKCSS3D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pantene.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 b0edc41e-3d42-477c-8180-1d78ea8e90b3.json Show response
cdn.cookielaw.org/consent/b0edc41e-3d42-477c-8180-1d78ea8e90b3/ 4 KB
2 KB 152ms
67ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b0edc41e-3d42-477c-8180-1d78ea8e90b3/b0edc41e-3d42-477c-8180-1d78ea8e90b3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c60a6fc522eaa53116913823b99d43ed6504582835832fc461dc306293003aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-md5: uNJC/DBrojNV3BSBT9iGFQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCDC50A2150B1D
age: 30678
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 11 Oct 2024 21:26:52 GMT
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/json
last-modified: Tue, 24 Sep 2024 04:23:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 97ed28c2-a01e-0001-2139-0e9277000000
cf-ray: 8d09b0f4bd648c4b-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1552
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 / Show response
wtbevents.pricespider.com/ 9 B
413 B 431ms
202ms Script
application/javascript 52.35.73.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wtbevents.pricespider.com/?key=pageImpression&iid=b902e727-268c-4e29-a780-22d1f685581f&uid=undefined&v=2.18.1&countryCode=US&languageCode=en&cid=575b28b8c6a7f86d34b9671e&url=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&_=1728595612965

Requested by

Host: cdn.pricespider.com
URL: https://cdn.pricespider.com/1/lib/2.18.1/ps-widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.35.73.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-73-124.us-west-2.compute.amazonaws.com

Software

/ Express

Resource Hash

1d4282010015ea1ecf91dbf6acfb8aa856bc094a6472157cba0825be51e1733a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
content-length: 9
date: Thu, 10 Oct 2024 21:26:53 GMT
x-xss-protection: 0
content-type: application/javascript
x-powered-by: Express
x-frame-options: SAMEORIGIN

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
109 KB 38ms
37ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-md5: FvJhOHkAv4E9FRANYIql4g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E2E4131AEC
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 39756
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:26:52 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:01:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1588e6db-901e-0002-1ccc-d79170000000
cf-ray: 8d09b0f5298bc443-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111551
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
89 KB 52ms
52ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DTHZB3

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c59a0e56b9ba16224d991ce002e0aaa3c8c7e6238c45743bc3dbc643902266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 10 Oct 2024 21:26:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90822
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 favicon.png
pantene.com/ 899 B
3 KB 29ms
28ms Other
image/png 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pantene.com/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98eedb42f50cb22cd2408c27fbda03fd5f34316f8b9baaff1166b6461df79bf6

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Response headers

etag: "0da32ce510db1:0"
x-fd-int-roxy-purgeid: 150
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 13:57:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: img-src 'self' data: wss: images.ctfassets.net *.google-analytics.com *.tapad.com *.googletagmanager.com *.fls.doubleclick.net *.facebook.com *.lytics.io *.akamaihd.net *.amazon-adsystem.com *.moatads.com *.cookielaw.org *.bazaarvoice.com *.amazonaws.com *.youtube.com *.haircode.com *.google.com *.google.ca click2cart.co click2cart.com *.click2cart.com 2cart.net haircodeassetsprod.azureedge.net *.adsrvr.org images-haircode-com-prod.azureedge.net *.contentful.com *.pricespider.com; font-src 'self' data: wss: *.haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.contentful.com; media-src 'self' wss: *.cloudinary.com *.ctfassets.net *.contentful.com; style-src 'self' wss: 'unsafe-inline' *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com *.googleapis.com maxcdn.bootstrapcdn.com *.contentful.com *.pricespider.com *.mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net *.crazyegg.com *.google-analytics.com *.doubleclick.net *.cookielaw.org api.segment.io *.adsrvr.org *.pg.com *.bazaarvoice.com *.smartcommerce.co click2cart.co click2cart.com *.click2cart.com 2cart.net *.haircode.com *.onetrust.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com *.mapbox.com; default-src 'self' wss: *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com;
cache-control: max-age=31536000,max-age=31536000
x-apg-ha-id: NA-EUS2
accept-ranges: bytes
content-length: 899
x-xss-protection: 1;mode=block
x-azure-ref: 20241010T212653Z-r154656d9bc9b22p5yc1zg6euw00000001mg000000000nbw

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b0edc41e-3d42-477c-8180-1d78ea8e90b3/01921eb2-df6e-7e76-893f-0850f5acef35/ 89 KB
21 KB 47ms
47ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b0edc41e-3d42-477c-8180-1d78ea8e90b3/01921eb2-df6e-7e76-893f-0850f5acef35/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53b6319f50fe2c33155c7afb7967b02ce5cdc9ed60cf7639a7fbb8c20dbb934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-md5: kmhS6d+dGpLR+p8eXjW4mA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCDC50A416B4B5
age: 30679
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 11 Oct 2024 21:26:53 GMT
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/json
last-modified: Tue, 24 Sep 2024 04:23:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 61ccf800-e01e-0042-4a39-0eb89e000000
cf-ray: 8d09b0f5ae5f8c4b-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20789
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 100ms
28ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=5690, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: wi1MRvs9/hbLm2NTyxm0UUOoEVARQBugWJfML3zRonD0psh/D9lSujzj60WOrM7Y8et9rP4Z0OudojaLdE9EXg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 500
Internal Server Error moatcontent.js
z.moatads.com/pgcontent5123319733/ 0
0 173ms
77ms Script
text/html 23.220.125.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pgcontent5123319733/moatcontent.js
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.125.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-125-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 10 Oct 2024 21:26:53 GMT
Content-Length: 27
Date: Thu, 10 Oct 2024 21:26:53 GMT
AK-GRN: 0.46deda17.1728595613.392f5806
Content-Type: text/html

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/ 103 KB
28 KB 192ms
40ms Script
text/javascript 13.249.86.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/analytics.min.js
Requested by: Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-86-140.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77c6198b83fa51687408b21289d682f237a6176cadb8f278949cab89a300fb6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: lObg6mNl2.3lnuyxV_K7xtCh1NG6N3n4
etag: W/"89be999a77b2c5d0147059adfb9cd5d6"
age: 106
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Dniz24i11zDHn7u4UvGq9yipQ0pgSto6GybHwtthPRXxznjOZIb2lQ==
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 30 Jul 2024 22:17:51 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 714aec87803632a2b6676117b4a6b042.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 177ms
39ms Script
application/javascript 35.241.45.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: gzip
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
etag: "47a886353056caf33a998c6041e20896"
age: 1734
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5009
date: Thu, 10 Oct 2024 20:57:59 GMT
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2TPTiAPIMchnlsnfi8LoQ_y8hV-sOLdfmqj1aw1Z24OZwy44MlF4lCH7jPgzmmdrsvTc51Js5Tww
cache-control: public,max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1685983010517890
content-length: 5009
server: UploadServer

GET
H2

200

ttdsync Show response
mediaid.pg.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=jj1jowx&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=jj1jowx&ttd_tpi=1
https://mediaid.pg.com/ttdsync?tdid=6abe6859-fed2-4d4c-a99f-fa19705a6066&ttd_puid=

35 B
692 B

196ms
78ms

XHR
image/gif

52.247.19.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mediaid.pg.com/ttdsync?tdid=6abe6859-fed2-4d4c-a99f-fa19705a6066&ttd_puid=

Protocol

Server

52.247.19.76 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-expose-headers: X-Media-Id
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET
access-control-request-method: *
access-control-allow-origin: null
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: image/gif
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-media-id: 6abe6859-fed2-4d4c-a99f-fa19705a6066
access-control-allow-headers: *

Redirect headers

access-control-allow-origin: https://pantene.com
location: https://mediaid.pg.com/ttdsync?tdid=6abe6859-fed2-4d4c-a99f-fa19705a6066&ttd_puid=
content-length: 195
date: Thu, 10 Oct 2024 21:26:53 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 24 KB
4 KB 46ms
44ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-md5: 9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 11881
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:01:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 57385398-101e-003a-291b-d8d029000000
cf-ray: 8d09b0f6bfa18c4b-EWR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756

95 B
427 B

55ms
54ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=1836062327.1728595613&gtmcb=1771412756
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Thu, 10 Oct 2024 21:26:53 GMT
server: Jetty(11.0.13)

GET
H3 200 9909.js Show response
script.crazyegg.com/pages/scripts/0025/ 7 KB
3 KB 156ms
40ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0025/9909.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DTHZB3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84bb2d71ac1964d9739abae7a190fed415f57a43e2b334533f40628bb9f78da9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-bgj: minify
cf-cache-status: HIT
age: 98
cf-polished: origSize=6996
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 21:25:15 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8d09b0f78d0e8c72-EWR
access-control-allow-origin: *
ce-version: 11.5.293
server: cloudflare

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 60ms
58ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8631039&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DTHZB3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8a26e04f028b80f5089feb55518372e58414f0a55c2bd1c6e991b2d03f95bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 10 Oct 2024 21:26:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81543
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 51 KB
13 KB 286ms
78ms Script
application/x-javascript 3.168.97.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DTHZB3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-97-94.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e4f920765a5a420a3a0dad90616221386a1c9c8f44d9044aa54916edd35ef48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: W/"85afb572f69e53f8381b98fb8db282ec"
Age: 65215
Connection: keep-alive
Via: 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Jvzjh5pe48NVa_h3Inrh3DkI_xQB4nwQSdew7cgAdHHelVstmDVGyg==
Date: Thu, 10 Oct 2024 03:19:59 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 10 Oct 2024 03:07:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P6
x-amz-server-side-encryption: AES256

GET
H2

200

activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
8631039.fls.doubleclick.net/ Frame 2A77
Redirect Chain

https://8631039.fls.doubleclick.net/activityi;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
https://8631039.fls.doubleclick.net/activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;...

0
0

59ms
58ms

Document
text/html

172.253.122.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8631039.fls.doubleclick.net/activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8631039&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pantene.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:26:53 GMT
expires: Thu, 10 Oct 2024 21:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:26:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8631039.fls.doubleclick.net/activityi;dc_pre=CLeehbzghIkDFY-LgwgdOggJrg;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activity;register_conversion=1;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 0
0

GET
H3 200 887668728575892 Show response
connect.facebook.net/signals/config/ 71 KB
14 KB 27ms
27ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/887668728575892?v=2.9.170&r=stable&domain=pantene.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86821907f8f4372d5cb003dc40f0e72b3ad392a006cd9bd95cfa07584328ca08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=74, mss=1232, tbw=68458, tp=63, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 8VREVSPkT6xxNMs6yIrbNHQjfBesWoHQEHPQ5lCtRTKKKy9vcf8i9Czfw+EhwSic4V2bHKIyxUhsuphfm7rVGw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14164
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ Frame 56FC 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 56FC 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 pantene.com.json Show response
script.crazyegg.com/pages/data-scripts/0025/9909/site/ 1 KB
722 B 129ms
57ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0025/9909/site/pantene.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/9909.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa9f38b3b648b1f24e92b48f0b7fb8b1c25e824286f76fe4cac2034d06da5e93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 24
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: application/json
last-modified: Thu, 10 Oct 2024 21:26:29 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8d09b0f89e41438a-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 474
ce-version: 11.5.293
server: cloudflare

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/ 995 B
2 KB 113ms
34ms Fetch
application/json 13.249.86.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-86-140.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f31cfe6f21e0ff40f172cf7c00fc69e09ba853c9089a868228970223e869473f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: M4MI.SabHtJIf7QIbXZk50JkbHqHiOOs
etag: "e4cd56d905a18b845e7d1a50796308ea"
age: 8626
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: dpQqD0vVzLV7L-fpgx2nfkDd5362xovEwXaumhyJI46w3eu6041bIQ==
date: Thu, 10 Oct 2024 19:03:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 26 Aug 2024 13:51:30 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 c49eddbbbee7a3b1464851f470bede1e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 995
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 133ms
43ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=887668728575892&ev=PageView&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595613479&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&eid=1728595613001_2777&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 227ms
138ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=887668728575892&ev=PageView&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595613479&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&eid=1728595613001_2777&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424261627881005145"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:53 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: O71w8xQ6/cHcIkp7iXKCSA5nghyADR4M9FXMPIOevtSW1KNnU5PHjgof0R8IwgpKE/suUo8lUcBYDT/3r02+7A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424261627881005145", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=3233, tp=-1, tpl=-1, uplat=90, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
DATA 200
OK truncated
/ Frame 6932 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6932 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 up
insight.adsrvr.org/track/ Frame 74ED 0
0 170ms
42ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vxmlb2d&ref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&upid=xsza7zo&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://pantene.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 10 Oct 2024 21:26:53 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 27ms
27ms Script
application/javascript 13.249.86.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-86-140.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age: 1931442
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: a_5GH7A-7RAh7XhtFl1Ji2H7pGhKn2dxXoA8InA53qh2I9y62MtFmg==
date: Wed, 18 Sep 2024 12:56:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 714aec87803632a2b6676117b4a6b042.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 28ms
27ms Script
application/javascript 13.249.86.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-86-140.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age: 7372896
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: zmx0yGlnqZJ6hAT-d3aCVAcASPDH6zWxfjYJ_ei10S9jXyAAQKEW9g==
date: Wed, 17 Jul 2024 13:25:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 714aec87803632a2b6676117b4a6b042.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/3818e692efb3bdd462eb2a3b03baddf3/ 66 KB
23 KB 526ms
53ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/3818e692efb3bdd462eb2a3b03baddf3/latest.min.js

Requested by

Host: pantene.com
URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

947f98a9439068f477bfa2c3d16455defc2678e2a55fc0ccf0aa04f2ae6a441c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ws%2BiHQ5hTEi1z4Ml7dx%2BZo5DgcrR%2FUYKvpvEOZQHuSkEmgohnv6fMcWtEXoLVQ%2F9O9Oemcm6NKQhrSLMoT1RjA4xyt7NexeuIJ1fstjZ3c64h5t0jdIjBNEHI4BBBUJUJzK8LGzn5ArU"}],"group":"cf-nel","max_age":604800}
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 19:59:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000;
x-lytics-trace: fa55e7a51f9354c97f03a87bef4f3062
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d09b0fc7be38c84-EWR
access-control-allow-origin: *
server: cloudflare

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 564ms
95ms Fetch
application/json 54.203.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W0z5G4i9hPF2mzsLfzKCvyp5otADyNAA/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-25-147.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://pantene.com
content-length: 21
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: application/json
vary: Origin

GET
H2 200 f527bc0c-2fc6-42dd-9caa-10a38b0a924b Show response
c.lytics.io/api/personalize/3818e692efb3bdd462eb2a3b03baddf3/user/_uid/ 119 B
560 B 86ms
85ms Script
application/json 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/3818e692efb3bdd462eb2a3b03baddf3/user/_uid/f527bc0c-2fc6-42dd-9caa-10a38b0a924b?segments=true&stream=lytics_tag_events&mergestate=true&state=%7B%22_uid%22%3A%22f527bc0c-2fc6-42dd-9caa-10a38b0a924b%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-10%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment%22%2C%22_ga%22%3A%22GA1.1.1836062327.1728595613%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1728595614227&callback=u_599521076194736800

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/3818e692efb3bdd462eb2a3b03baddf3/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecba4ff8ba26e9a1fe89c2adf98afcdc6a9423552c790d88a087357d19adb6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=63072000;
x-lytics-trace: 2f77308eaf23cb937319fce226ffccf9
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgeA7ioC%2FG6zjGyMz1%2FmeZDcj8pEuIWtnZCjVsaY%2ByH2QvpSP5C%2F%2FK2umtlRjC%2BI18jrS3jFj0WrcwhTcMpy9NG0sQxgQul3L%2Bg6xOESNAfoUbY3DlV%2F%2FZTPnhffDJyFrNKTl9vqvRox"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
via: 1.1 google
cf-ray: 8d09b0fd0c528c84-EWR
access-control-allow-origin
content-length: 126
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 lytics_tag_events
c.lytics.io/c/3818e692efb3bdd462eb2a3b03baddf3/ 35 B
526 B 121ms
120ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/3818e692efb3bdd462eb2a3b03baddf3/lytics_tag_events?_e=pv&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&_ts=1728595614218&_nmob=t&_device=desktop&url=pantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&_ga=GA1.1.1836062327.1728595613&_uid=f527bc0c-2fc6-42dd-9caa-10a38b0a924b&_v=3.0.36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDvQLpkBBNVQmIN8DkrccmuD5O8yhBvWmPdEVXLonGkRRmUpC5Zzsxuu2L92%2Bc0dqqTh4A7OI7pS%2FfVx9inVhS9d50R%2FvyqWaSRfP1xVXuOfmsvtVcisqh3ON0s5foL%2B24jArii415yD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
expires: 0
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: image/gif
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security: max-age=63072000;
x-lytics-trace: 721350facea76dac4dbf2635c44b56f3
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
via: 1.1 google
cf-ray: 8d09b0fd5c978c84-EWR
access-control-allow-origin: *
content-length: 35
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 39ms
37ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=887668728575892&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595614351&cd[external_id]=f527bc0c-2fc6-42dd-9caa-10a38b0a924b&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=6513, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
864 B 102ms
101ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=887668728575892&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595614351&cd[external_id]=f527bc0c-2fc6-42dd-9caa-10a38b0a924b&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424261631575177317"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: hem5nZ42jHAGg7kPeFJyygchfUiaEJWucpmpBL1E/U6ggs4CbMT14n3HGjJBwsfMPxIM7MlRJ6ICWPcgsAy/xA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424261631575177317", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=6890, tp=-1, tpl=-1, uplat=64, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 47ms
47ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=887668728575892&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595614352&cd[all]=true&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=6743, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 112ms
111ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=887668728575892&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&rl=&if=false&ts=1728595614352&cd[all]=true&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4126&fbp=fb.1.1728595613473.260183407346046300&ic=&ler=empty&cdl=API_unavailable&it=1728595613403&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424261631091209854"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pT42W5kz4W5MBEVOOHEP1UM7prIjhCqVHiTXe90ZbKwESSN67jIKCCpZGmFoPKpFeZh2rMZv6GuJRX3OALBeiQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424261631091209854", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=7776, tp=-1, tpl=-1, uplat=64, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 42ms
42ms Script
text/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/3818e692efb3bdd462eb2a3b03baddf3/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=63072000;
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 4983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spReevy6QMuXBrwHckTbaAyUFlYzWjV1N8DTmartcQcyh41sTNUS3rA68EGd1jIJ7%2BQwwgwQJE8vYMnUocPkm2S2Nk7crAK7A9syF18t2QuiaBdhAWAdIcXYDfisq5yBlZVcBMJb7x53"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d09b100f8ac8c84-EWR
date: Thu, 10 Oct 2024 21:26:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 10 Oct 2024 20:03:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 21 KB
4 KB 40ms
39ms Stylesheet
text/css 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

strict-transport-security: max-age=63072000;
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 6252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWsFrmG3meTRBspxLAU8O7F8fRSSW%2F0Rm4ROn7%2Fb%2F6qZSgnj9WMKDdeii4AnXgOkERcnnnKUf8ea2FT%2BDIKjhBFvykHjkuATArlR9njGyXJafd9vpObWOjN2%2Bpx2ITFczRArdikwIKuK"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d09b101e9c78c84-EWR
date: Thu, 10 Oct 2024 21:26:55 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 19:42:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/3818e692efb3bdd462eb2a3b03baddf3/ 327 B
700 B 67ms
67ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/3818e692efb3bdd462eb2a3b03baddf3/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/3818e692efb3bdd462eb2a3b03baddf3/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80982df10a5660f59d385c7773e8e0f6a4be95edd0e4b12e2051552a9ddd4d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pantene.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfVuB7%2BKNQdj%2BM6OA8W1KoLYxr6loGPZEAmg2MlG5x29XYCxfZuhWvH20KI2DP%2FWHzdC1xp%2BzCrUt6HSYoeuPwpOTGRK0tEuhGwphCpGQ6QAFxCoOkwPaLBt94f6VWGEIuJix0NwIqix"}],"group":"cf-nel","max_age":604800}
date: Thu, 10 Oct 2024 21:26:55 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 21:25:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000;
x-lytics-trace: 0e90a48370a5e46d1be2397da7f81262
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d09b10209fa8c84-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 226
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment?

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning	1969-12-31 23:59:59	Name: seerid Value: f527bc0c-2fc6-42dd-9caa-10a38b0a924b
.pantene.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 086f525d5c793c668ff3dcbc0ed5712e480c4bc0e5b67969609df742d6a70cac
.pantene.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 086f525d5c793c668ff3dcbc0ed5712e480c4bc0e5b67969609df742d6a70cac
.pantene.com/	1970-01-21 09:45:55	Name: _ga_266YKCSS3D Value: GS1.1.1728595612.1.0.1728595612.0.0.0
.pantene.com/	1970-01-21 09:45:55	Name: _ga Value: GA1.1.1836062327.1728595613
.pantene.com/	1970-01-21 02:19:31	Name: _gcl_au Value: 1.1.1989898276.1728595613
pantene.com/	1969-12-31 23:59:59	Name: page_num Value: 1
pantene.com/	1970-01-21 00:20:00	Name: er_campaigname Value: direct
.pantene.com/	1970-01-21 08:55:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+10+2024+11%3A26%3A53+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=0a472ae5-7e11-481b-b7e4-ba96518ba1e2&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment&groups=BG910%3A1%2C2%3A1%2C4%3A1%2C3%3A1%2C8%3A1%2C1%3A1
.adsrvr.org/	1970-01-21 08:55:31	Name: TDID Value: 6abe6859-fed2-4d4c-a99f-fa19705a6066
.tapad.com/	1970-01-21 01:36:19	Name: TapAd_TS Value: 1728595613342
.tapad.com/	1970-01-21 01:36:19	Name: TapAd_DID Value: a08be78b-3816-40ee-a709-a43b85d6bafe
pantene.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%22d6d858b6-e86b-4fb2-84d4-bbbeaa4e2ed9%22%7D
.tapad.com/	1970-01-21 01:36:19	Name: TapAd_3WAY_SYNCS Value:
.pantene.com/	1970-01-21 02:19:31	Name: _fbp Value: fb.1.1728595613473.260183407346046300
.doubleclick.net/	1970-01-21 04:29:07	Name: receive-cookie-deprecation Value: 1
.pg.com/	1970-01-21 00:11:22	Name: mediaid_pttd Value: 6abe6859-fed2-4d4c-a99f-fa19705a6066
.mediaid.pg.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: a47a13b1fe6845855f0deaeead29654518b93ea0e7bb8a026cdb60b80f6e3bd5
.pantene.com/	1970-01-21 00:53:07	Name: _pgusertdid Value: 6abe6859-fed2-4d4c-a99f-fa19705a6066
.pantene.com/	1970-01-21 08:55:31	Name: ajs_anonymous_id Value: f527bc0c-2fc6-42dd-9caa-10a38b0a924b
.pantene.com/	1970-01-21 00:09:57	Name: seerses Value: e
.pantene.com/	1970-01-21 09:45:55	Name: seerid Value: f527bc0c-2fc6-42dd-9caa-10a38b0a924b
.rubiconproject.com/	1970-01-21 08:55:31	Name: audit_p Value: 1\|plCO7u9sOhfpJ9ZmK8/1fzfgg+3P3YAtOb/sMhy5gZntSRNyoMFDqBUaK5+87/8MYhJwU+JJOVkwHTRO1/p4iHX0qfg68IpFQAPcN3ARK85YiXjMDOZn/DBmajGGXtll1pVKcpQI6zuMPno/EhMbMKOCErES4m/wB9QzOX4T/ujREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 08:55:31	Name: khaos Value: M23T7483-1W-DZVT
.rubiconproject.com/	1970-01-21 08:55:31	Name: khaos_p Value: M23T7483-1W-DZVT
.rubiconproject.com/	1970-01-21 08:55:31	Name: audit Value: 1\|plCO7u9sOhfpJ9ZmK8/1fzfgg+3P3YAtOb/sMhy5gZntSRNyoMFDqBUaK5+87/8MYhJwU+JJOVkwHTRO1/p4iHX0qfg68IpFQAPcN3ARK85YiXjMDOZn/DBmajGGXtll1pVKcpQI6zuMPno/EhMbMKOCErES4m/wB9QzOX4T/ujREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adnxs.com/	1970-01-21 09:45:55	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 09:45:55	Name: IDE Value: AHWqTUlHp-XQySwFZSYL7BaRTwFyR-vWjX82lZ2W2b3dqDPxCejXRnlANO8axsd3QFc
.adsrvr.org/	1970-01-21 08:55:31	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwiSybGyid-0PRAFEhUKBmdvb2dsZRILCNzYm7iJ37Q9EAUSFgoHcnViaWNvbhILCICNsrKJ37Q9EAUYBSABKAMyCwiOpbTfn9-0PRAFQg8iDQgBEgkKBXRpZXIxEAFaB3Z4bWxiMmRgAQ..
.lytics.io/	1970-01-21 09:45:55	Name: seerid Value: f527bc0c-2fc6-42dd-9caa-10a38b0a924b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://pantene.com/en/-us//product//miracle/-rescue/-deep/-conditioning/-treatment Message: Refused to load the image 'https://ad.doubleclick.net/activity;register_conversion=1;src=8631039;type=panall;cat=pante0;ord=1013785901478;npa=0;auiddc=1989898276.1728595613;ps=1;pcor=57250634;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190221948z876267592za201zb76267592;gcd=13l3l3l3l1l1;dma=0;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Fpantene.com%2Fen%2F-us%2F%2Fproduct%2F%2Fmiracle%2F-rescue%2F-deep%2F-conditioning%2F-treatment?' because it violates the following Content Security Policy directive: "img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com".
network	error	URL: https://z.moatads.com/pgcontent5123319733/moatcontent.js#l1=pantene.com&l2=404%20-%20Content%20Not%20Found%20%7C%20Pantene&l3=__page__&l4=-&zmoatab_cm=0&t=1728595613206&de=376842900363&zMoatAB_SNPT=true&vc=2 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://pghub.io/ Message: Refused to frame 'https://feed.pghub.io/' because it violates the following Content Security Policy directive: "default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' data: wss: images.ctfassets.net .google-analytics.com .tapad.com .googletagmanager.com .fls.doubleclick.net .facebook.com .lytics.io .akamaihd.net .amazon-adsystem.com .moatads.com .cookielaw.org .bazaarvoice.com .amazonaws.com .youtube.com .haircode.com .google.com .google.ca click2cart.co click2cart.com .click2cart.com 2cart.net haircodeassetsprod.azureedge.net .adsrvr.org images-haircode-com-prod.azureedge.net .contentful.com .pricespider.com; font-src 'self' data: wss: .haircode.com fonts.gstatic.com maxcdn.bootstrapcdn.com .contentful.com; media-src 'self' wss: .cloudinary.com .ctfassets.net .contentful.com; style-src 'self' wss: 'unsafe-inline' .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com .googleapis.com maxcdn.bootstrapcdn.com .contentful.com .pricespider.com .mapbox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: wss: .google.com .google-analytics.com .googletagmanager.com .moatads.com .cookielaw.org .crazyegg.com pghub.io .facebook.net .segment.com .lytics.io .bazaarvoice.com .amazonaws.com .haircode.com click2cart.co click2cart.com .click2cart.com 2cart.net .iesnare.com .adsrvr.org api.ipify.org .contentful.com .pricespider.com cdnjs.cloudflare.com .mapbox.com; connect-src 'self' wss: kardia-nonprod.azure-api.net kardia.azure-api.net .crazyegg.com .google-analytics.com .doubleclick.net .cookielaw.org api.segment.io .adsrvr.org .pg.com .bazaarvoice.com .smartcommerce.co click2cart.co click2cart.com .click2cart.com 2cart.net .haircode.com .onetrust.com .contentful.com .segment.com privacytermsprod.azureedge.net .pricespider.com .mapbox.com; default-src 'self' wss: .googletagmanager.com .fls.doubleclick.net .tapad.com .facebook.com .bazaarvoice.com click2cart.co click2cart.com .click2cart.com 2cart.net pgconsumersupport.secure.force.com .youtube.com .adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com .contentful.com .segment.com privacytermsprod.azureedge.net *.pricespider.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8631039.fls.doubleclick.net
ad.doubleclick.net
api.segment.io
c.lytics.io
cdn.cookielaw.org
cdn.pricespider.com
cdn.segment.com
connect.facebook.net
images.ctfassets.net
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mediaid.pg.com
pantene.com
pghub.io
pixel.tapad.com
privacytermsprod.azureedge.net
script.crazyegg.com
wtbevents.pricespider.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.pantene.com
z.moatads.com
ad.doubleclick.net
13.107.253.40
13.249.86.140
172.253.122.149
23.204.220.139
23.220.125.154
2600:9000:24f0:3600:12:94b3:c380:93a1
2606:4700:20::ac43:49ec
2606:4700::6812:562a
2606:4700::6813:9308
2607:f8b0:4004:c06::61
2607:f8b0:400d:c0b::71
2620:1ec:bdf::40
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.168.97.94
34.111.113.62
35.241.45.217
35.71.131.137
52.223.40.198
52.247.19.76
52.35.73.124
54.203.25.147
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0677508f69ef528e134710d354658c7414849631dd02e366894d4925dfc56e1d
081b55cf81e777669d44d104f1d949a1b5c854e711a78c9b02a30cd5a1ed2acd
0f6effd7444089fe3e2178f0b4bb60211c33be475bff3b0a66e609ede5895357
0ff54836710d28d275d53962649e1f9a2709c3c45aa68ec2adb270b478cb8866
10ecf662dc07d274fbd226dc8c0bdf42969638d89143b71f6d6779857194c5a5
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1d4282010015ea1ecf91dbf6acfb8aa856bc094a6472157cba0825be51e1733a
22f7b655f7e3f6b399076694c057c12994c600eae7a17d4f22448069a1391be7
23d005d815dfc4d8e6a096ec447551e969884d0a88ccacdc6d28ce6a04042750
260ee43051580c2dd5add0676d69d83b66db27c5bd108faa76d7a9164b203985
267d7049c2751094aed8d9c01d796f40d6b82e3db73a14a9703c4bf15fa7054c
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
280146423fe6837095c5923531ba9e7a800f004532e6502539324a613b24b52d
2946ed24c2d5b301cbef772e01fd80c46cbe87a8e45ae997caec19723dc63814
2ae9069be250946a596edc9a437d26fb30e2988b7ae220914a54a57d3e1f6540
2d13b30cd7e235ba2c8671b4cd1d305a17ae9da87d6e58b2d707f8a7505516f7
30487fd4d91c493b688fd244ff344ce92895ef6dfae3d12de9e836e77dd82021
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3437637c88e40ab5f57b1e37129d03ebb7594a6fc8ea56061284c93f8088beb8
37e61e6bebff96696dee1b09872608b7ef0db9c43eed234d623f4cd0fc26fbff
3806917ae8b4050d1fa90d829d159302d4935478a7f769ff3165c58d2baf6377
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4045a70253969c12bda1011aaaaa51fd4d174aa31d9eeba5d98159bd584ec84c
42656fab3bb319d7c121ad0145f594930b9478120951dabb4b26f824fa06e650
429472ad3959368e9e5b938fc5816f788569d8891590c6d821840990abcbb8eb
48b7498d038fe768fd98f41e753f00df018554d494b614994c70a0670286c36d
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
51ae00749f46e54a40e62bf7c3cbf86b924ab711f5d8650c6b38ae9966f864ca
564d5a0f42e9476e5aea1ef86bd670df28a94b9a5101e3eedabe7f34e5ca0a82
564df87a45b8ff61dff55f4b124a9bd032b5b1030dd439b4be9a4d323b701e60
56f683c9b0f05632f11055476a64dbd0629037463b6b503f49b006213f643a1b
5e4f920765a5a420a3a0dad90616221386a1c9c8f44d9044aa54916edd35ef48
64f2df3789310407afe8e9f8ff13b996f59dc636e511d5faac42469dc1fb66d5
68e31cad7f8f06e7d9e04742ecdd5849bd86e1cd0aa6a6fd98feea1a7440f19e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b043f50ab2fe0db32e5c39f93742bdc96fea70d40534de98dfb3e6cc34b2939
6c60a6fc522eaa53116913823b99d43ed6504582835832fc461dc306293003aa
6ff0eea60786d336ea18534099b555207d4beb4c0e8c3577d4242eed7f518dcd
71de7c46ab06bb12f0d9cbdc205349729db310f940c4d312dd1f67d93b167b12
77c6198b83fa51687408b21289d682f237a6176cadb8f278949cab89a300fb6c
7a5db4c8dae0b35c612cf310ee4815ea25bcc58b42b35b72a75303b4bfa7bdb6
7a7bccb26b671ee38a35eb23481d123e2188d50f89fdf04345f51e9968138a12
80982df10a5660f59d385c7773e8e0f6a4be95edd0e4b12e2051552a9ddd4d39
84bb2d71ac1964d9739abae7a190fed415f57a43e2b334533f40628bb9f78da9
851ef75a9c593304bdf58689c191b8f9f3b04bcf4224a95e4815a71fe2dd3db0
853077d1468f98d1e5d12cba2f510ee0dad7bb9a5f6d92f243f98000f0272caa
85c38352712041c50428f57fde76da934384f91015e46878072115f04b00f531
85c59a0e56b9ba16224d991ce002e0aaa3c8c7e6238c45743bc3dbc643902266
86821907f8f4372d5cb003dc40f0e72b3ad392a006cd9bd95cfa07584328ca08
8f5db36d5ba853b82141d676b61b7b3796d39c8b3d17f9e2bec891be4aea672b
923961b212765557f0460771cb7fdfa6499b5d54d2708cd266d227ef99129036
92f7a7857ec128d10f999a874781ff2f1d2aed7d6182332610b7bb8b24825acd
947f98a9439068f477bfa2c3d16455defc2678e2a55fc0ccf0aa04f2ae6a441c
96105da35ff97e065ec0f27de038720c1e75e3f74df1c38b8eb5ee7ebe1560bb
97a79cf601fb83747d9f8ed6246539258b956f4fdbf60d1d5b893a6228126cab
98eb16baf21605bad987f02de7a8ff3ba1eaba1c0af1cbaf5eea2e31a610ed55
98eedb42f50cb22cd2408c27fbda03fd5f34316f8b9baaff1166b6461df79bf6
9d8fbc703e9ba516bbb96b08e04c01e8d31f0d41f69cdeab9c64a9dce9a8e6e6
a2956c433a1631d89611eea1fb8d0dce9100cb0f67b319f25ac98cdd0e3d2372
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae776cbd80f1007f44d6a2cc742f8b19694edf4482c8589e7251819febf8061a
b09b5dd149ac89facac5fc5f978e7ecd05b7ba030049481d05b93d895c97bfe2
b2ad095af79d57f13c6705e7389495842577bebb0e809e39fdc8ba1e789dfa31
b588a3e081642b85dcb14889eff8c2d1e1fd2140eda32706c7148b9cbb8e455b
baa2ff21e347629aa0ebce5e590f11b90e9eddc4645ba610e1017bdb1c44ea51
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c53b6319f50fe2c33155c7afb7967b02ce5cdc9ed60cf7639a7fbb8c20dbb934
c5783b76bab3af823dca35b4da7aeff2dd9068e8351bbc2699f179465e51722d
c65a1a9c8ef9b745a1f3555b9d2c79ac76cebf3c88085885060c0dd85e5daea0
c8b9b8c101d6239ec06930b3ad8ab6a8e233e6000975ad316990e97d82552f56
c95ee1e27799aed1c52876830a03ce600add5ff35f1adf3b0b68be5a1bb8759a
ce19c6e7b9c91a11bd8f985a20ae1eea0176840ecf2f809cf09bb636bb177c16
db542359ce54f6f22c749d096ec4eb110227a1d80fe247d88ac567e94d56c772
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
defab7d6a0a7f179347707b2f68206a5b8d1b6fd5108ba981934ad420d42dd9a
dfdec4989a4d4aae9983bc4489dbdfee030c70f66987584db59bfd805b538bd2
e0ceb94a42aff303e66c4477b36d2d0efc0684b5a96a952d48a537f4286e4d8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e70509b2a7a0c37951281236bfc36cadcec7200de3d53e94a3bceb637e40d8a7
ea72253a4e21a391abb0ce1367e9777d71827de68e7bfcead89c6a2866d3b172
ecba4ff8ba26e9a1fe89c2adf98afcdc6a9423552c790d88a087357d19adb6e4
edc002ce7860aa23ce79e501b92f375b5bbe9fa93ff2dd66e07dd7687fb9b292
ef87fd6d6981d3da042165ccc477709f015c4004f428f0c89b4d01e72fea0579
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
f03f52a9be8e0d6e27f3b138014ed30c1cba80d36ad818113a621641427812c7
f31cfe6f21e0ff40f172cf7c00fc69e09ba853c9089a868228970223e869473f
f43137734db1fc0a4064ffc1e8e10b8fa81a0337109c5eb2db0f25d2c95326ae
f8a26e04f028b80f5089feb55518372e58414f0a55c2bd1c6e991b2d03f95bdc
fa9f38b3b648b1f24e92b48f0b7fb8b1c25e824286f76fe4cac2034d06da5e93
fbd32fde5344a83949cb6bce071350b57ec06c92ac4aebb412c308818ffedc6b

pantene.com Open in urlscan Pro 13.107.253.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

97 %HTTPS

41 %IPv6

19 Domains

24 Subdomains

22 IPs

1 Countries

4959 kBTransfer

7070 kBSize

30 Cookies

43 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pantene.com Open in urlscan Pro
13.107.253.40 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

97 %
HTTPS

41 %
IPv6

19
Domains

24
Subdomains

22
IPs

1
Countries

4959 kB
Transfer

7070 kB
Size

30
Cookies

101 HTTP transactions
6 data transactions