verify.provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://verify.provenskincare.com/
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2023, 7:49:18 pm UTC) — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 18 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::6816:1b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is verify.provenskincare.com.
TLS certificate: Issued by GTS CA 1P5 on July 28th 2023. Valid for: 3 months.

This is the only time verify.provenskincare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:10:... 2606:4700:10::6816:1b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	18.155.129.14 18.155.129.14	16509 (AMAZON-02) (AMAZON-02)
1	108.156.2.33 108.156.2.33	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:59f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.12.47.65 52.12.47.65	16509 (AMAZON-02) (AMAZON-02)
2	54.224.232.90 54.224.232.90	14618 (AMAZON-AES) (AMAZON-AES)
7	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.71.7.117 52.71.7.117	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	54.156.2.105 54.156.2.105	14618 (AMAZON-AES) (AMAZON-AES)
1	52.89.99.220 52.89.99.220	16509 (AMAZON-02) (AMAZON-02)
1	35.81.162.201 35.81.162.201	() ()
91	27

14 2606:4700:10::6816:1b5c (United States)

ASN13335 (CLOUDFLARENET, US)

verify.provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-14.cdg52.r.cloudfront.net

static.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-33.mxp63.r.cloudfront.net

campaign.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:59f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.12.47.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.224.232.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-232-90.compute-1.amazonaws.com

public.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.7.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-7-117.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.2.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-2-105.compute-1.amazonaws.com

54.156.2.105	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.99.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-99-220.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (None, )

ASN- ()

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	provenskincare.com verify.provenskincare.com	273 KB
13	segment.com cdn.segment.com — Cisco Umbrella Rank: 1557	154 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	153 KB
7	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 809	3 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5772	883 B
5	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2693	975 B
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 383	13 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	312 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2205 rs.fullstory.com — Cisco Umbrella Rank: 2061	71 KB
4	fbot.me static.fbot.me — Cisco Umbrella Rank: 25376 campaign.fbot.me — Cisco Umbrella Rank: 25778 public.fbot.me — Cisco Umbrella Rank: 34590	106 KB
3	mountain.com dx.mountain.com — Cisco Umbrella Rank: 6340 px.mountain.com — Cisco Umbrella Rank: 6412 gs.mountain.com	9 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	270 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2167	1 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1132	361 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 878	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	155 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3959	14 KB
91	18

	Domain	Requested by
14	verify.provenskincare.com	verify.provenskincare.com
13	cdn.segment.com	verify.provenskincare.com cdn.segment.com
10	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.googletagmanager.com edge.fullstory.com
7	ct.pinterest.com	s.pinimg.com
5	www.google.de
4	bat.bing.com	verify.provenskincare.com bat.bing.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com edge.fullstory.com
4	www.googletagmanager.com	cdn.segment.com www.googletagmanager.com
3	www.google.com
3	www.facebook.com
2	region1.analytics.google.com	www.googletagmanager.com
2	trkn.us	1 redirects
2	rs.fullstory.com	edge.fullstory.com
2	public.fbot.me	cdn.segment.com
2	api.segment.io	cdn.segment.com
2	s.pinimg.com	cdn.segment.com s.pinimg.com
2	edge.fullstory.com	cdn.segment.com edge.fullstory.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
1	gs.mountain.com	verify.provenskincare.com
1	px.mountain.com	dx.mountain.com verify.provenskincare.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	d.impactradius-event.com	verify.provenskincare.com
1	dx.mountain.com	verify.provenskincare.com
1	campaign.fbot.me	cdn.segment.com
1	static.fbot.me	cdn.segment.com
91	25

This site contains no links.

Subject Issuer	Validity	Valid
verify.provenskincare.com GTS CA 1P5	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.fbot.me Amazon RSA 2048 M02	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-07` - `2023-08-05`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
54.156.2.105 Sectigo RSA Domain Validation Secure Server CA	`2023-02-14` - `2024-02-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://verify.provenskincare.com/
Frame ID: 51CE4C864CB4EE80B114A3D6562305BC
Requests: 89 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 7E3584E838F8F4F9BD40113AB85BDE07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invest in Proven

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

91
Requests

98 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

27
IPs

3
Countries

1290 kB
Transfer

4267 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=193.32.248.227;cuidchk=1

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
verify.provenskincare.com/ 4 KB
3 KB 132ms
57ms Document
text/html 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3d18175bb2a9fd657510f859b7d9e817e6ecddf75758b1c3a44404599e2491

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7edfa4e2dc3b5c2c-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Jul 2023 19:49:12 GMT
expires: Fri, 28 Jul 2023 20:49:12 GMT
last-modified: Fri, 29 Oct 2021 23:28:43 GMT
server: cloudflare
x-goog-generation: 1635550122966319
x-goog-hash: crc32c=wWoX7g== md5=LfoIh4Si9by7l70MAr/GGA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4198
x-guploader-uploadid: ADPycdtpkug34HRTQQK8yCpGYQNZT2RTljAbb675_mpUCKe37oXs6vQlZftcIkewdHLt4Wi0KsfHPtWQ2rEOptG7Daizcw

GET
H2 200 main.91af2c87.chunk.css
verify.provenskincare.com/static/css/ 46 KB
9 KB 440ms
439ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fae23d69016209bf00c2f0fa6cc02f873ad612e0f19deee78b9fe28935a19f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:13 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdstktfXR2lM1O-cEWBNc91I4RyvWT5W4Bl82Xug4YqJ5Tw9AI4BqCZLIf7rpVxTo3qHlz_YTE51JwWXwY5m3-A9vCzwRIAs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:48 GMT
server: cloudflare
etag: W/"ae57ec5a3c2f1fda1557fca73a84d0b6"
vary: Accept-Encoding
x-goog-generation: 1635550128786962
content-type: text/css
x-goog-hash: crc32c=MLRZ+A==, md5=rlfsWjwvH9oVV/ynOoTQtg==
cache-control: public, max-age=14400
x-goog-stored-content-length: 47144
cf-ray: 7edfa4e34cba5c2c-FRA
expires: Fri, 28 Jul 2023 20:49:12 GMT

GET
H2 200 rocket-loader.min.js Show response
verify.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://verify.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 12:04:41 GMT
server: cloudflare
etag: W/"64c3aed9-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7edfa4e34cbb5c2c-FRA
expires: Sun, 30 Jul 2023 19:49:12 GMT

GET
H3 200 main.224b75cd.chunk.js Show response
verify.provenskincare.com/static/js/ 2 KB
1 KB 388ms
388ms Script
application/x-javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/js/main.224b75cd.chunk.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dade4f7d1b63f660d3a8e679b72f78e09a1ef8cf95df6a159300eaf67cb2ee3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:13 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycds9AnTD_2sld2Mj9Pfr4TRfVYPGJE5toH0PmyYKO2Om2lm58k74XDDOL-G5X-1P340Bhy-5ldVSSjHC7fXPHz2aZ_pfx4cH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:50 GMT
server: cloudflare
etag: W/"584e3f232d36be2f94097e74dcc84b55"
vary: Accept-Encoding
x-goog-generation: 1635550130052119
content-type: application/x-javascript
x-goog-hash: crc32c=vjWShQ==, md5=WE4/Iy02vi+UCX503MhLVQ==
cache-control: public, max-age=14400
x-goog-stored-content-length: 1646
cf-ray: 7edfa4e62fb09256-FRA
expires: Fri, 28 Jul 2023 20:49:13 GMT

GET
H3 200 2.e564dd95.chunk.js Show response
verify.provenskincare.com/static/js/ 228 KB
74 KB 418ms
418ms Script
application/x-javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/js/2.e564dd95.chunk.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f02670cc3b7d28eb06a52fe81b13fb6a8b9a992ac3bf6c48db8e5eebd75482d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:13 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtPI_MkjzMzSx8fPalAuub6VyUgFGj_FyEna4R3LZM6KCal0gUgnsbcwGD_6BRmXASvCFuufyrI8WxZqQojcXwAjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:50 GMT
server: cloudflare
etag: W/"80591e1438c66da512805f3ea024bc88"
vary: Accept-Encoding
x-goog-generation: 1635550130098770
content-type: application/x-javascript
x-goog-hash: crc32c=gbMy9A==, md5=gFkeFDjGbaUSgF8+oCS8iA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 233282
cf-ray: 7edfa4e62fb19256-FRA
expires: Fri, 28 Jul 2023 20:49:13 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/ 105 KB
28 KB 759ms
670ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11be2c7f03143f7d74ed816383cae969a5ab762b2782f24adc810f319e881bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
x-amz-version-id: tUI27KiRSYKUx2jpFW9PyquKgyjwyelC
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Jun 2023 03:34:05 GMT
server: AmazonS3
etag: W/"8e08126a04920329a0015833883d2177"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: EhxjPfiTMp67iMgZR4OUDs1FLAOAGnHpras6zaB7EiRLMHrzhvzlPQ==

GET
H3 200 3.63938043.chunk.js Show response
verify.provenskincare.com/static/js/ 112 KB
42 KB 387ms
387ms Script
application/x-javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/js/3.63938043.chunk.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0cc430416a611dc4df40c997bcaf58c07d57dfa990e0b936a2cd5c6674d588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdta7yiGemfLkuQ8AcESOodAm2Ox9_Rg_r2BDXkrWb1zH47GzURDIfSLNi205CLSysshZhIiWwEQaqDyBiy2QwycAMe7Cr5i
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:51 GMT
server: cloudflare
etag: W/"5dfd48707c2a1230c4a7d0067e1e008e"
vary: Accept-Encoding
x-goog-generation: 1635550131406200
content-type: application/x-javascript
x-goog-hash: crc32c=hsxX+Q==, md5=Xf1IcHwqEjDEp9AGfh4Ajg==
cache-control: public, max-age=14400
x-goog-stored-content-length: 114352
cf-ray: 7edfa4e96b5d9256-FRA
expires: Fri, 28 Jul 2023 20:49:13 GMT

GET
H3 200 4.a76ae52e.chunk.js Show response
verify.provenskincare.com/static/js/ 293 KB
59 KB 415ms
415ms Script
application/x-javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/js/4.a76ae52e.chunk.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed567972199ceea1274ab437a48ec7f64bb72b78f093dfe67d633ec876b47981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdustS5tZhIMc60KtSOVnZm5hDmlhmuj1AGbD-3NNzY9tGM5LSzaQrp9rp3XSyPLN9E4ZGkVD-yLvAJpw6L2x8n0EMWSceJ2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:47 GMT
server: cloudflare
etag: W/"0fc69ac0637c05523860f8b4a231c49d"
vary: Accept-Encoding
x-goog-generation: 1635550127249761
content-type: application/x-javascript
x-goog-hash: crc32c=nR3y7A==, md5=D8aawGN8BVI4YPi0ojHEnQ==
cache-control: public, max-age=14400
x-goog-stored-content-length: 299862
cf-ray: 7edfa4e96b5f9256-FRA
expires: Fri, 28 Jul 2023 20:49:13 GMT

GET
H3 200 Lexend-Regular.fd2d8ea0.ttf
verify.provenskincare.com/static/media/ 96 KB
48 KB 378ms
377ms Font
font/ttf 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/media/Lexend-Regular.fd2d8ea0.ttf
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147f0e478e4341e1e672e5ac97f2717ff1e4663879e0aa0180d3f032a1d6de1e

Request headers

Referer: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Origin: https://verify.provenskincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdt1pkP5RaxNidUxW3HkQ9ZGR2ehwmh1ara0zDj2bzqgtaXE51Z_jPCbX1JgcHufis4iXV2IdIlAf2854nYjeBdC6RLn8du9
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:55 GMT
server: cloudflare
etag: W/"fd2d8ea04e25585558f2396e4fa56c06"
vary: Accept-Encoding
x-goog-generation: 1635550135437064
content-type: font/ttf
x-goog-hash: crc32c=DtiyqQ==, md5=/S2OoE4lWFVY8jluT6VsBg==
cache-control: public, max-age=14400
x-goog-stored-content-length: 98700
cf-ray: 7edfa4e96b679256-FRA
expires: Fri, 28 Jul 2023 20:49:13 GMT

GET
H3 200 logo-horizontal.aa0b555c.svg
verify.provenskincare.com/static/media/ 2 KB
1 KB 421ms
421ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.provenskincare.com/static/media/logo-horizontal.aa0b555c.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1856b8056e8ee3cdb276ab7312950c665ca5fb0c76e7649a5de044af8d9c0d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsByZ5kJ0hzVkdCghxunn0ljq0FH7ia-a7jbATh9nU_PAOqRU7dpifPgJgx8mo3Bwa45kXLIaUx8NWVE2mgriCvEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:56 GMT
server: cloudflare
etag: W/"aa0b555c5db10d003bf03bce9e5e05b7"
vary: Accept-Encoding
x-goog-generation: 1635550136648750
content-type: image/svg+xml
x-goog-hash: crc32c=8WKfQA==, md5=qgtVXF2xDQA78DvOnl4Ftw==
cache-control: public, max-age=14400
x-goog-stored-content-length: 1980
cf-ray: 7edfa4ec7e4c9256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H3 200 hatches-gold.b5707eb6.svg
verify.provenskincare.com/static/media/ 390 B
705 B 402ms
401ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.provenskincare.com/static/media/hatches-gold.b5707eb6.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a34e432c75fbb6e16dd181c57f49de311198c94f55de9a3d3bd0f5d1b365dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvxwrxhZoC00pbxPPKzHUcSI6YMz-A_d3csecfX8FB0DrV-zpKa8J_ucJCL-JVDpp9n3ZiR7UVVFfq5fqaos_buGLF7FxEu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:57 GMT
server: cloudflare
etag: W/"b5707eb63893cad879036b02fcc59833"
vary: Accept-Encoding
x-goog-generation: 1635550137254226
content-type: image/svg+xml
x-goog-hash: crc32c=e+AAMg==, md5=tXB+tjiTyth5A2sC/MWYMw==
cache-control: public, max-age=14400
x-goog-stored-content-length: 390
cf-ray: 7edfa4ec7e4e9256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H3 200 icon-shield.4f09504f.svg
verify.provenskincare.com/static/media/ 2 KB
1 KB 414ms
413ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.provenskincare.com/static/media/icon-shield.4f09504f.svg
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb57632d2fe0c7bdfa6df229faeb43b914a7504ba1929e017bc16ee019f7be38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtw3TD1TtHmkORHTe8iLx9myBvA_-ns_bTIvUSPYU5lQ04EKK2IUTTyOP-KZlxl1uuEV2XeRRpqumbfwywsG8U5JnND6LS8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:52 GMT
server: cloudflare
etag: W/"4f09504f68e05f7adefff4ab43fbbd3b"
vary: Accept-Encoding
x-goog-generation: 1635550132700261
content-type: image/svg+xml
x-goog-hash: crc32c=cfAGLQ==, md5=TwlQT2jgX3re//SrQ/u9Ow==
cache-control: public, max-age=14400
x-goog-stored-content-length: 2120
cf-ray: 7edfa4ec7e4f9256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H3 200 icon-chevron-down.956e7c3f.svg
verify.provenskincare.com/static/media/ 196 B
669 B 393ms
392ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.provenskincare.com/static/media/icon-chevron-down.956e7c3f.svg
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aad208ff65a2a3a68b142842958144d89a85c5068ffa4ead39457313c6ac2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtbHEEUKwvua3k7Z4F-dooVW2YCn-A99UjQXgvo8w5l5NFSdIQF6qEB-vimIDyeQ4FJ4oDNMKq1Cr2ZYW7vRuzaNRRindgB
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:57 GMT
server: cloudflare
etag: W/"956e7c3f04af846d7bb56857b8fc0854"
vary: Accept-Encoding
x-goog-generation: 1635550137850222
content-type: image/svg+xml
x-goog-hash: crc32c=FNJ96Q==, md5=lW58PwSvhG17tWhXuPwIVA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 196
cf-ray: 7edfa4ec7e519256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H3 200 icon-arrow-right.94938fa6.svg
verify.provenskincare.com/static/media/ 361 B
705 B 382ms
382ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.provenskincare.com/static/media/icon-arrow-right.94938fa6.svg
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176dcaf2abf68661d380b648ab082a8cdfb3d17e29ed8d09fa4fe3cb184173ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvD5ytVC-b15eOiIJmLFvUw_6DU7CWa_CTkdBA0drzQSjvmFGYO4kwTmjSfEOyq8vOUY4PnQV2qMof5efevlXLQNKTjhaSc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:56 GMT
server: cloudflare
etag: W/"94938fa649fb8be541f2a5c67b2a7023"
vary: Accept-Encoding
x-goog-generation: 1635550136077904
content-type: image/svg+xml
x-goog-hash: crc32c=6zflLA==, md5=lJOPpkn7i+VB8qXGeypwIw==
cache-control: public, max-age=14400
x-goog-stored-content-length: 361
cf-ray: 7edfa4ec7e539256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H3 200 Freight-Disp-Book-Italic.4bedecc3.otf
verify.provenskincare.com/static/media/ 68 KB
29 KB 429ms
429ms Font
font/otf 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.provenskincare.com/static/media/Freight-Disp-Book-Italic.4bedecc3.otf
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff55a8c3e7f7f42e15688cbe1b2414b8456c44ba840333a760710fb080a41c96

Request headers

Referer: https://verify.provenskincare.com/static/css/main.91af2c87.chunk.css
Origin: https://verify.provenskincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:14 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdthgY4M-ult61WAlZWhMdkW5_yrrxABb_CyaWEfWRovI8E5DedfQPRfyIs0jzQdZPhywkSkxvf2otlwqpK9NZ1L7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 23:28:56 GMT
server: cloudflare
etag: W/"4bedecc3da94c3c9f5fb7e4b79a5969e"
vary: Accept-Encoding
x-goog-generation: 1635550136042941
content-type: font/otf
x-goog-hash: crc32c=MF7K/Q==, md5=S+3sw9qUw8n1+35LeaWWng==
cache-control: public, max-age=14400
x-goog-stored-content-length: 69548
cf-ray: 7edfa4ec7e549256-FRA
expires: Fri, 28 Jul 2023 20:49:14 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/ 13 KB
4 KB 701ms
640ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c652156c288d59e248630d14d4c81803c66b62b312709e9993c4eb14fed2c1cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
x-amz-version-id: SFSuNKMXd.aWmCkeOWwlSgkrbIu_DAn7
content-encoding: br
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jul 2023 16:21:09 GMT
server: AmazonS3
etag: W/"81e20f406302d1d89453563462edd0d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: eWlYfzDhRFaow92GQEiJVt0QKd0M4UxgNu22JxTLLpJsqvqqMUkbhg==

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 29ms
29ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id: _H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1534539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 00:08:20 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: FQVY-FkIbsCIxMUe_0-5GTAzwCHKsENP3uRwOPmFF0xUHNoq1OX3Uw==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 29ms
29ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 9833919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Wj6sE4X2E2IqSvkqLzGwK4ImZavQj16_Bxb85Lqyor7kN1CKnC3cwA==

GET
H2 200 d39d3769e0e83010b174.js Show response
cdn.segment.com/next-integrations/actions/friendbuy/ 242 KB
69 KB 38ms
38ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/friendbuy/d39d3769e0e83010b174.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c616e846336f4a2e4e7a9d960d2605c11c6e2d879f5bb4965a4814b472912c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: qr9SANI4b3XvmFgewzWeH.zx9DCa.XeY
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 10:38:04 GMT
x-amz-cf-pop: FRA6-C1
age: 33072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 22 Jun 2023 15:56:01 GMT
server: AmazonS3
etag: W/"1d0b22c8ebf29e6fc54c87110551d50c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 0dbkHGMUFxBthai1kwwq1bnmOPvjLh4Zvdepe6eyocfQU2sqz9NXxQ==

GET
H2 200 795cf88a1abbce9de7f9.js Show response
cdn.segment.com/next-integrations/actions/688/ 24 KB
8 KB 31ms
31ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/688/795cf88a1abbce9de7f9.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/friendbuy/d39d3769e0e83010b174.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 235b7db57047efef11350cffb9b1819af916e5b1f3a384e7f5589d96acae8cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: xhjM19LoacK6T.h12k0A2prr.ofR_omw
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 16:09:56 GMT
x-amz-cf-pop: FRA6-C1
age: 27862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 22 Jun 2023 15:56:00 GMT
server: AmazonS3
etag: W/"6a4b83bea31c54ae35cf744d3010dd5b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: bd5jgv5VEiwaIqoVgsQiFEBk0xK0-k1t6l2OoXfrzLkEhBdQ5U9W8A==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 31ms
30ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 23:44:46 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: 7_7PNZUD2yJMe93eR9qYeokPyapGnySW
x-amz-cf-pop: FRA6-C1
age: 1713870
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: ywzzHLgqIczsY2ZW5-e_ZmrocFUO6sW0F1sHFMy3iYr4Opb-XUPjdA==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 32ms
31ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:43:12 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: qdXzfb4GnmqZ9jlUvDFRxsDuV9F80jxN
x-amz-cf-pop: FRA6-C1
age: 1969564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: HclXZ2LTfiedmSCJw1dRNKKSjQs_rwe-enlTwYBb8_-D4foY6R4XTQ==

GET
H2 200 fullstory.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/ 5 KB
3 KB 33ms
32ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 12:58:49 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: sB6mXjBYIM352AzqutOyLB9B8Ya4D9ag
x-amz-cf-pop: FRA6-C1
age: 11775027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2166
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "e99e99fffc341f6a85e129a73956e837"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: NU1T_j0saceR8___fsL8y1v8Z_AVLbixE9W3kwB_TVmRkviFKvdjJA==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 33ms
32ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:24:26 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: 3YoxClGPUeaJcz3KPcc1UsBg_7.n3yrY
x-amz-cf-pop: FRA6-C1
age: 2694290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: fNvCIxg6uONxl-yoqw6kg8oRcvemnmrhSSvYiKRtwJ9Spi5mjI8M6w==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 34ms
33ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 18:39:37 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: zNRC80H2kxdAbqtBIWc3PZwcOt8P5vE_
x-amz-cf-pop: FRA6-C1
age: 1645779
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1656
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "76e6caac3528e83f1b3e2a920d4ec781"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: UEBpBQjOLQPU8zk9Q6k5ixZKmocUk-nPZeLkj3j-CgVqqWZcBBZjhA==

GET
H2 200 pinterest-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.3/ 5 KB
2 KB 34ms
33ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.3/pinterest-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6994b0a610e5bf8198ea8b590a6c9a3be7547213a66038eeed49fd792d20d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:07:01 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: lLvlOEvpylHiMbfAG.U2pDgSnovAm6yR
x-amz-cf-pop: FRA6-C1
age: 11558535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1894
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "2b34939053248ad0a80e088569dafdae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: SuZOxMwRKdSRRYzr_QptAvqE26S9z6L8L5-qGj92UvvjtEngbWR3Xw==

GET
H2 200 friendbuy.js Show response
static.fbot.me/ 362 KB
83 KB 136ms
42ms Script
application/javascript 18.155.129.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fbot.me/friendbuy.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/688/795cf88a1abbce9de7f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-14.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7bbcde1da9666ff54873a8771bf051b8a252c9e4e32e65c35f23839cbe0897a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: Fr8CBLG99jHsIWNK5JOjb5i6y9YDlPx3
content-encoding: gzip
via: 1.1 6bbb2da0f4f203dadcd8f0ae1073d674.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 19:48:40 GMT
last-modified: Tue, 25 Jul 2023 20:32:18 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 36
x-amz-server-side-encryption: AES256
etag: W/"bb7175fc92b700ba6d04ab3933f7428f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: swDJp_rOuzLhwoIJXZF-D4jPKpf7aANKmDvsd-IbRG0mC5_2L2sprQ==

GET
H2 200 campaigns.js Show response
campaign.fbot.me/f98255ba-3c70-4132-b5e4-0b9e6975af4b/ 222 KB
22 KB 618ms
504ms Script
application/javascript 108.156.2.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.fbot.me/f98255ba-3c70-4132-b5e4-0b9e6975af4b/campaigns.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/688/795cf88a1abbce9de7f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-33.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d656e91ef505ab48cea9edbb9997c8d2d9a02b0e5dbea58fb792cb42d8d100a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: wSqollJbg8OgaF8uoxYHkKss_Gi3Il4W
content-encoding: gzip
via: 1.1 31af63d94a35c7f951da97c47fa229aa.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 19:49:16 GMT
last-modified: Wed, 24 May 2023 19:16:41 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
x-amz-server-side-encryption: AES256
etag: W/"90d0968b22b499031f7f38c13190bd64"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=30
x-amz-cf-id: bIMesghRYtnS7tIt4dVfdI8Xx_9Um2ZLH4fHOUqo_S57BMddeBwJAA==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 33ms
31ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/qkgaHXokdOIUnI7hVSJOkKvZSnqGbvR1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 03:34:22 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: 1x6q_MsAdAkmPosImHjKsztmTTUAb2Vd
x-amz-cf-pop: FRA6-C1
age: 4464894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 03 May 2023 11:04:43 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Vqd9Um2j4Y-pNuYkjf2qsbbEaAv81Q8ghbPHdXbWs88gP8OIE5X2hQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 180ms
57ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 19:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jul 2023 21:04:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 90ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0594e6481c2266364eccea8d513a02218d6c85f540035d78f2aeed3d32ecaa25

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jul 2023 19:49:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47007
x-xss-protection: 0
pragma: public
x-fb-debug: CqDV8fakKGvrTWu0TfTd4i+MlOW2fNhp5Nep4JiKQo7zF/klCChWVRChoUXw2JcTnseWoThpfDi7UoWnVqL9vw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 99ms
31ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 005b5900b7c883605a51064c4d229f497c8ba63718c411f74a071316b33d2e1f

Request headers

Referer: https://verify.provenskincare.com/
Origin: https://verify.provenskincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:37:41 GMT
content-encoding: br
age: 694
x-guploader-uploadid: ADPycdsJwqvwMp9v55I1FxofqM-DamjoLKXFNW-BpwH2zvRi3vmsJVScJNUJJiHdEKI60I48kfA1d1LgplvpiZS8Yia2OA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68503
last-modified: Thu, 27 Jul 2023 16:51:00 GMT
server: UploadServer
etag: "c431892ce89bbd56f16f65946a7f758f"
vary: Accept-Encoding
x-goog-generation: 1690476659914961
x-goog-hash: crc32c=2Iq53w==, md5=xDGJLOibvVbxb2WUan91jw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68503
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Jul 2023 20:37:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
80 KB 208ms
85ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

346ba740a0e944b13585279bfc861649ba2d62366a63798c1971535132af5f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81653
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
77 KB 304ms
180ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-813896931

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4054cc480347d58654d4b436b3883b5d176e023257b6214a26783e90138b1ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78727
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 140ms
43ms Script
application/javascript 2a02:26f0:480:59f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:59f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1466

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
181 B 593ms
193ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://verify.provenskincare.com
date: Fri, 28 Jul 2023 19:49:15 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
180 B 591ms
194ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://verify.provenskincare.com
date: Fri, 28 Jul 2023 19:49:15 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

OPTIONS
H2 200 xhr
public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/ Frame 0
0 383ms
117ms Preflight 54.224.232.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/xhr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.232.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-232-90.compute-1.amazonaws.com
Software: nginx/1.25.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://verify.provenskincare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://verify.provenskincare.com
content-length: 2
date: Fri, 28 Jul 2023 19:49:15 GMT
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"193.32.248.227","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-64c41bbb-0aa31e7f6bb9842e092b0573","pragma":"no-cache","cache-control":"no-cache","accept":"*/*","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","origin":"https://verify.provenskincare.com","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36","sec-fetch-mode":"cors","sec-fetch-site":"cross-site","sec-fetch-dest":"empty","referer":"https://verify.provenskincare.com/","accept-encoding":"gzip, deflate, br"}
server: nginx/1.25.1

POST
H2 200 xhr Show response
public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/ 533 B
794 B 659ms
426ms Fetch
application/json 54.224.232.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/xhr
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.232.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-232-90.compute-1.amazonaws.com
Software: nginx/1.25.1 /
Resource Hash: fc85410d12ae6d5130f3016adb6213ce4f29ff1285e1ca381895dab06a98cf03

Request headers

Accept: application/json
Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://verify.provenskincare.com
date: Fri, 28 Jul 2023 19:49:16 GMT
access-control-allow-credentials: true
server: nginx/1.25.1
content-length: 533
content-type: application/json

GET
H2 200 main.bd3e0b05.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 39ms
38ms Script
application/javascript 2a02:26f0:480:59f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:59f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18133

GET
H2 200 101684010396000 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/101684010396000?v=2.9.119&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1aea2e9fdd3d71f9febfc5be5df322ce0e3b79fd8117a9cb2dc2b130c511dddb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jul 2023 19:49:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110333
x-xss-protection: 0
pragma: public
x-fb-debug: VHozJfVxhnPYFS2LocfYWoFTzPc8xi3tFsU3gJFkYGNPQdRA8z5IYOSAGsoIowMk3foGfOHX+eWUI4tU1uB5UQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/F2508/v1/ 5 KB
2 KB 139ms
138ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/F2508/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: be0e28129fa49988033b11d539bba2d7e958d34b710b726f156982551d6ad9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvcH5_UjHlvkG4ImZsK4lYV4GzzYaovJXVGdLU8jyuuR_SM9u0h5JLkHbEOU4d9mDFmu5S0aus4NCXTy8yEkzfuEcN5vbGs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
last-modified: Fri, 28 Jul 2023 19:43:56 GMT
server: UploadServer
etag: "3654880f9000674e8a0dc5779a17e9ed"
x-goog-generation: 1690476836120832
x-goog-hash: crc32c=HW785g==, md5=NlSID5AAZ06KDcV3mhfp7Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1354
accept-ranges: bytes
content-type: application/json
expires: Fri, 28 Jul 2023 20:04:15 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 567 B
505 B 118ms
55ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613287502723&cb=1690573755615&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pin-unauth: dWlkPVpEUXhaVFF3TURFdE1EUTNaaTAwTldaa0xUZzFZMll0TkRBME5XTTBZMkprTUdRNQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 28 Jul 2023 19:49:15 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://verify.provenskincare.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1674358760997433
content-length: 389
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 567 B
501 B 118ms
56ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22name%22%3A%22%22%7D&tid=2613287502723&cb=1690573755617&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pin-unauth: dWlkPU5XUTVZbUUwTm1RdE16azFaUzAwWm1OakxXRmxNakl0WW1JeU56bGxOemN4TXpsaA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 28 Jul 2023 19:49:15 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://verify.provenskincare.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-pinterest-rid: 5523151173185499
content-length: 389
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 567 B
775 B 116ms
54ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22name%22%3A%22%2F%22%7D&tid=2613287502723&cb=1690573755617&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pin-unauth: dWlkPVpXVmtOalF5WlRjdE1XWmlaUzAwTVRkbExUa3pPVFl0TnpKbE56STNOamMzT0RGaQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 28 Jul 2023 19:49:15 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://verify.provenskincare.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1021681615279851
content-length: 389
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 120ms
60ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613287502723&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fverify.provenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1690573755618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1974406889749382
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Jul 2023 20:35:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 88ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=101684010396000&ev=PageView&dl=https%3A%2F%2Fverify.provenskincare.com%2F&rl=&if=false&ts=1690573755646&sw=1600&sh=1200&ud[external_id]=8a2a1404d305311e62377faa1b1cde57619acba12e0bc15ed72bd15e98c6d944&v=2.9.119&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1690573755643.1427874835&cs_est=true&it=1690573755561&coo=false&dpo=&eid=ajs-next-8307b15090bfdbe08924b1f0e43ce7d5&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 19:49:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 89ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=101684010396000&ev=PageView&dl=https%3A%2F%2Fverify.provenskincare.com%2F&rl=&if=false&ts=1690573755648&sw=1600&sh=1200&ud[external_id]=8a2a1404d305311e62377faa1b1cde57619acba12e0bc15ed72bd15e98c6d944&v=2.9.119&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1690573755643.1427874835&cs_est=true&it=1690573755561&coo=false&dpo=&eid=ajs-next-baec3ff4a9823352587a538fe2bb941e&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 19:49:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
153 B 64ms
64ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2108478489&t=pageview&_s=1&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Invest%20in%20Proven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=1858421769&gjid=1974595678&cid=1365278786.1690573756&tid=UA-109841154-1&_gid=568424347.1690573756&_slc=1&z=621580766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 105ms
35ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109841154-1&cid=1365278786.1690573756&jid=1858421769&gjid=1974595678&_gid=568424347.1690573756&_u=aGBAgEAjAAAAAGgCIAD~&z=267571241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2108478489&t=pageview&_s=2&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=1365278786.1690573756&tid=UA-109841154-1&_gid=568424347.1690573756&z=1948291750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 06:03:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2108478489&t=event&ni=1&_s=3&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20%2F%20Page&ev=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=1365278786.1690573756&tid=UA-109841154-1&_gid=568424347.1690573756&z=933146260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 06:03:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 7E35 565 B
400 B 62ms
62ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://verify.provenskincare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 19:49:15 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6173438031483887

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
325 B 61ms
61ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22%2F%22%7D&tid=2613287502723&cb=1690573755743&dep=5%2CEVENT_TAGS_ABSENT&ad=%7B%22loc%22%3A%22https%3A%2F%2Fverify.provenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1531392663363550
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
331 B 60ms
60ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22%22%7D&tid=2613287502723&cb=1690573755744&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPVpEUXhaVFF3TURFdE1EUTNaaTAwTldaa0xUZzFZMll0TkRBME5XTTBZMkprTUdRNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fverify.provenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 3821395956835659
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 207ms
143ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c6821e0d41dde1b966830ec6d2a04bd8149e47ffea9cae16f6764be8b144f3e5

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://verify.provenskincare.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1499

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 26 KB
7 KB 510ms
126ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32549&tdr=&plh=https%3A%2F%2Fverify.provenskincare.com%2F&cb=19819053976155864term=value
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4e74ceb39d503932a81a63d2fc9daa41ee4f289cf4f7942cc1f141efb9298ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:16 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-burnin
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9b93a162b6bbb4a729c7c073b922214626f4ad025393adf0aabc57c8283d1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
75 KB 97ms
96ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e835e033b07d7f3ac6fb557992bbffaa7f70ac9062a9785be37082d9aee8e5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 122 KB
47 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-5XVH5PH

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f4196aa7068a52fd4565db60d99f1273bddd75b5e07887a8f1da26b55806a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48484
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H2 200 A2241056-177d-4088-9b22-3c908eaca2c61.js Show response
d.impactradius-event.com/ 43 KB
14 KB 204ms
139ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2241056-177d-4088-9b22-3c908eaca2c61.js
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3524520082f0fb98d997a12add5031765b7cea6dbfe7396009332fac191a796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdsBckBvxbEIVC6Z1uDEUlAP6Klk5UEUfRhwi_gaX9wdzrTpjNRfDV-hPpT95gIbfaPyizZ_lLbdAx1gKSbDRQR5YGvFZk6S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13924
last-modified: Mon, 15 May 2023 21:55:46 GMT
server: UploadServer
etag: "82fa1f81b6726efc034a5d10dab25b5a"
vary: Accept-Encoding
x-goog-generation: 1684187746168045
x-goog-hash: crc32c=1AUAMA==, md5=gvofgbZybvwDSl0Q2rJbWg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13924
accept-ranges: bytes
expires: Fri, 28 Jul 2023 19:54:15 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 118ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 28 Jul 2023 19:49:15 GMT
last-modified: Mon, 17 Jul 2023 22:20:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DF6F8D917A348C19A7E2139B9161264 Ref B: FRAEDGE1815 Ref C: 2023-07-28T19:49:15Z
etag: "060e2effcb8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12438

GET
H/1.1

200
OK

ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=193.32.248.227;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=193.32.248.227;cuidchk=1

42 B
780 B

360ms
360ms

Image
image/gif

52.71.7.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=193.32.248.227;cuidchk=1

Protocol

HTTP/1.1

Server

52.71.7.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-7-117.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jul 2023 19:49:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 28 Jul 2023 19:49:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=193.32.248.227;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 206ms
82ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-1&cid=1365278786.1690573756&jid=1858421769&_u=aGBAgEAjAAAAAGgCIAD~&z=614243517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 205ms
82ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-1&cid=1365278786.1690573756&jid=1858421769&_u=aGBAgEAjAAAAAGgCIAD~&z=614243517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/813896931/ 3 KB
2 KB 226ms
102ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/813896931/?random=1690573755826&cv=11&fst=1690573755826&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fverify.provenskincare.com%2F&hn=www.googleadservices.com&frm=0&tiba=Invest%20in%20Proven&auid=1372259311.1690573756&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-813896931

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cc127756b3a684e297fcf5d1017be7216014ef6f275768f270c4026b4e74a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 99ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91WG9T9YM4&gtm=45je37q0&_p=2108478489&_gaz=1&cid=1365278786.1690573756&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dp=%2F&dt=Invest%20in%20Proven&sid=1690573755&sct=1&seg=0&dl=https%3A%2F%2Fverify.provenskincare.com%2F&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 36ms
36ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91WG9T9YM4&cid=1365278786.1690573756&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 92ms
81ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91WG9T9YM4&cid=1365278786.1690573756&gtm=45je37q0&aip=1&z=1948873509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 173 KB
63 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NKCFSP3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

822d8b37cfdf08445bbf36da23584d1ce0e54330e5dd2d7411fdc5eae3178a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 19:49:15 GMT

GET
H2 204 17424522.js Show response
bat.bing.com/p/action/ 0
117 B 125ms
125ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17424522.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Jul 2023 19:49:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6BCB125078C240BE9CD0A4D183382380 Ref B: FRAEDGE1815 Ref C: 2023-07-28T19:49:15Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 52ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17424522&Ver=2&mid=53b90872-e65c-40a4-9a07-2ec9da48dd75&sid=d56622c02d7f11eeb242e5089b61ccfa&vid=d5662a502d7f11eea643cba7f9ab0122&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Invest%20in%20Proven&p=https%3A%2F%2Fverify.provenskincare.com%2F&r=&lt=605&evt=pageLoad&sv=1&rn=274536

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:49:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD1A55E842124900BBB21E957E31FE7B Ref B: FRAEDGE1815 Ref C: 2023-07-28T19:49:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
229 B 121ms
121ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=17424522&Ver=2&mid=53b90872-e65c-40a4-9a07-2ec9da48dd75&sid=d56622c02d7f11eeb242e5089b61ccfa&vid=d5662a502d7f11eea643cba7f9ab0122&vids=1&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:49:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7A29A942CAB466C9CC8370A29111FA2 Ref B: FRAEDGE1815 Ref C: 2023-07-28T19:49:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 51ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WG031FR1CX&gtm=45je37q0&_p=2108478489&_gaz=1&cid=1365278786.1690573756&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1690573755&sct=1&seg=0&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dt=Invest%20in%20Proven&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 36ms
35ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WG031FR1CX&cid=1365278786.1690573756&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 82ms
82ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG031FR1CX&cid=1365278786.1690573756&gtm=45je37q0&aip=1&z=373316276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 65ms
65ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2108478489&t=pageview&_s=1&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dp=%2F&dh=verify.provenskincare.com&ul=en-us&de=UTF-8&dt=Invest%20in%20Proven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjRAAAAGgGKCD~&jid=335111504&gjid=1226751311&cid=1365278786.1690573756&tid=UA-109841154-3&_gid=568424347.1690573756&_slc=1&gtm=45He37q0n81KBQ57K4&cd5=&cd6=https%3A%2F%2Fverify.provenskincare.com%2F&cd2=1365278786.1690573756&cd3=20230728%7C06707190&cd4=19%3A49%3A16&z=157748138

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 35ms
35ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109841154-3&cid=1365278786.1690573756&jid=335111504&gjid=1226751311&_gid=568424347.1690573756&_u=aGDAiEAjRAAAAGgGKCD~&z=1485337348

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://verify.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 19:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2677
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jul 2023 21:04:39 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2108478489&t=pageview&_s=1&dl=https%3A%2F%2Fverify.provenskincare.com%2F&dp=%2F&dh=verify.provenskincare.com&ul=en-us&de=UTF-8&dt=Invest%20in%20Proven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjRAAAAGgGKCD~&jid=&gjid=&cid=1365278786.1690573756&tid=UA-109841154-3&_gid=568424347.1690573756&gtm=45He37q0n81KBQ57K4&cd5=&cd6=https%3A%2F%2Fverify.provenskincare.com%2F&cd2=1365278786.1690573756&cd3=20230728%7C06707190&cd4=19%3A49%3A16&z=104374649

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 03:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59736
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/813896931/ 42 B
154 B 71ms
70ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/813896931/?random=1690573755826&cv=11&fst=1690570800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fverify.provenskincare.com%2F&frm=0&tiba=Invest%20in%20Proven&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=585846608&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/813896931/ 42 B
154 B 71ms
71ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/813896931/?random=1690573755826&cv=11&fst=1690570800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fverify.provenskincare.com%2F&frm=0&tiba=Invest%20in%20Proven&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=585846608&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 82ms
82ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-3&cid=1365278786.1690573756&jid=335111504&_u=aGDAiEAjRAAAAGgGKCD~&z=1075395747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 83ms
82ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-3&cid=1365278786.1690573756&jid=335111504&_u=aGDAiEAjRAAAAGgGKCD~&z=1075395747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 19:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK is Show response
54.156.2.105/ 32 B
437 B 493ms
125ms Fetch
text/plain 54.156.2.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://54.156.2.105/is
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.2.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-2-105.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 992b514f77d65baf6afd8ad4f392e57f5b17dfa32de39eb13c8215f4404171bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:16 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 860ms
202ms Script
application/javascript 52.89.99.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-109841154-1%3BUA-109841154-3%3BG-WG031FR1CX%3BG-91WG9T9YM4&ga_client_id=1365278786.1690573756&shpt=Invest%20in%20Proven&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-109841154-1%3BUA-109841154-3%3BG-WG031FR1CX%3BG-91WG9T9YM4%22%2C%22ga_client_id%22%3A%221365278786.1690573756%22%2C%22shpt%22%3A%22Invest%20in%20Proven%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%22568424347.1690573756%22%2C%22mntnis%22%3A%22dioEWOH0JW8YnMfBaJNPO011RfuDZq2w%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=568424347.1690573756&available_ga=%5B%7B%22id%22%3A%22UA-109841154-1%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-109841154-3%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-WG031FR1CX%22%2C%22sess_id%22%3A%221690573755%22%7D%2C%7B%22id%22%3A%22G-91WG9T9YM4%22%2C%22sess_id%22%3A%221690573755%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32549&plh=https%3A%2F%2Fverify.provenskincare.com%2F&cb=19819053976155864term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cmultiple_conv_types%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32549&tdr=&plh=https%3A%2F%2Fverify.provenskincare.com%2F&cb=19819053976155864term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.89.99.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-99-220.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 2b95e9ca2c3ac4b148d2bbb4c114f54025b5ebaab9846325f6f69991236b3aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:17 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 2
connection: close

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 187ms
186ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=F2508&UserId=eb89bc5d-b97a-4ce5-b445-60a10cb92e56&SessionId=bf2ada26-3890-4d3f-8c4b-8a74b64c3b01&PageId=723928a8-9385-42ca-badd-9eabb44d8a71&Seq=1&PageStart=1690573755981&PrevBundleTime=0&LastActivity=860&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8a97a7bde9058ab1100ee9bf2f213ef852b6bb936f24bd885506e817c7317afd

Request headers

Referer: https://verify.provenskincare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://verify.provenskincare.com
date: Fri, 28 Jul 2023 19:49:17 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 29ms
28ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=101684010396000&ev=Microdata&dl=https%3A%2F%2Fverify.provenskincare.com%2F&rl=&if=false&ts=1690573757149&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Invest%20in%20Proven%22%2C%22meta%3Adescription%22%3A%22Reaching%20a%20%2424M%2B%20revenue%20run%20rate%20in%20less%20than%202%20years%2C%20PROVEN%20is%20preparing%20to%20launch%20a%20new%20wave%20of%20game-changing%20products.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=8a2a1404d305311e62377faa1b1cde57619acba12e0bc15ed72bd15e98c6d944&v=2.9.119&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1690573755643.1427874835&it=1690573755561&coo=false&dpo=&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 19:49:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 821ms
205ms Script
application/javascript 35.81.162.201

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: verify.provenskincare.com
URL: https://verify.provenskincare.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: a4245bed2413ec151fa3bc74af87f3e1f4a2de6af715a225de221e44e125aa2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://verify.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:49:18 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET st
px.mountain.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=UA-109841154-1%3BUA-109841154-3%3BG-WG031FR1CX%3BG-91WG9T9YM4&ga_client_id=1365278786.1690573756&shpt=Invest%20in%20Proven&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-109841154-1%3BUA-109841154-3%3BG-WG031FR1CX%3BG-91WG9T9YM4%22%2C%22ga_client_id%22%3A%221365278786.1690573756%22%2C%22shpt%22%3A%22Invest%20in%20Proven%22%2C%22dcm_cid%22%3A%22%22%2C%22dcm_gid%22%3A%22568424347.1690573756%22%2C%22mntnis%22%3A%22dioEWOH0JW8YnMfBaJNPO011RfuDZq2w%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=&dcm_gid=568424347.1690573756&available_ga=%5B%7B%22id%22%3A%22UA-109841154-1%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-109841154-3%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-WG031FR1CX%22%2C%22sess_id%22%3A%221690573755%22%7D%2C%7B%22id%22%3A%22G-91WG9T9YM4%22%2C%22sess_id%22%3A%221690573755%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32549&plh=https%3A%2F%2Fverify.provenskincare.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cmultiple_conv_types%3Dtrue&cb=1690573757559288&shguid=487a54ab-e1f0-3afb-afac-7f492be50d63&shgts=1690573758381

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.provenskincare.com/	1970-01-20 22:21:49	Name: ajs_anonymous_id Value: 64aa22e3-e68a-480c-a91d-b5d63c894ec3
.provenskincare.com/	1970-01-20 13:36:20	Name: _gid Value: GA1.2.568424347.1690573756
.provenskincare.com/	1970-01-20 15:45:49	Name: _fbp Value: fb.1.1690573755643.1427874835
.provenskincare.com/	1970-01-20 13:36:13	Name: _gat Value: 1
.verify.provenskincare.com/	1970-01-20 22:21:49	Name: _pin_unauth Value: dWlkPVpEUXhaVFF3TURFdE1EUTNaaTAwTldaa0xUZzFZMll0TkRBME5XTTBZMkprTUdRNQ
.provenskincare.com/	1970-01-20 15:45:49	Name: _gcl_au Value: 1.1.1372259311.1690573756
.ct.pinterest.com/	1970-01-20 22:21:49	Name: _pinterest_ct_ua Value: "TWc9PSZlTDFGamdMTHlYb2xMcktCUjErd1NacmZ1RjUwL085Y3FsaERDWVByenZxQ0Y3dmora0FsL0o2QStYV2dvVHY1UEJ0LzM2WFpFOHZNcDFWN0t3S0NIS0xhVWxRaXZTSm9Pczg4UUZXNWoyZz0mbFVkZklPa0lKVktwUjdrbzNDenZIaXNJM0tJPQ=="
.provenskincare.com/	1970-01-20 23:12:13	Name: _ga_91WG9T9YM4 Value: GS1.1.1690573755.1.0.1690573755.60.0.0
.provenskincare.com/	1970-01-20 13:37:40	Name: _uetsid Value: d56622c02d7f11eeb242e5089b61ccfa
.provenskincare.com/	1970-01-20 22:57:49	Name: _uetvid Value: d5662a502d7f11eea643cba7f9ab0122
.provenskincare.com/	1970-01-20 23:12:13	Name: _ga_WG031FR1CX Value: GS1.1.1690573755.1.0.1690573755.60.0.0
.provenskincare.com/	1970-01-20 13:36:15	Name: fs_lua Value: 1.1690573755974
.provenskincare.com/	1970-01-20 22:21:49	Name: fs_uid Value: #F2508#eb89bc5d-b97a-4ce5-b445-60a10cb92e56:bf2ada26-3890-4d3f-8c4b-8a74b64c3b01:1690573755974::1#/1722109755
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_gbd Value: provenskincare.com
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_11470 Value: 1690573756005%7C0%7C1690573756005%7C%7C
.provenskincare.com/	1970-01-20 13:36:20	Name: _ga Value: GA1.2.1365278786.1690573756
.verify.provenskincare.com/	1970-01-20 13:36:15	Name: _gaclientid Value: 1365278786.1690573756
.verify.provenskincare.com/	1970-01-20 13:36:15	Name: _gasessionid Value: 20230728\|06707190
.verify.provenskincare.com/	1970-01-20 13:36:15	Name: _gahitid Value: 19:49:16
.provenskincare.com/	1970-01-20 13:36:20	Name: _dc_gtm_UA-109841154-3 Value: 1
.bing.com/	1970-01-20 22:57:49	Name: MUID Value: 287F6724A9CF6D6C3D627478A8CF6C4A
.doubleclick.net/	1970-01-20 13:36:14	Name: test_cookie Value: CheckForPermission
.trkn.us/	1970-01-20 22:21:49	Name: barometric[cuid] Value: cuid_d3ec0367-82a2-43ce-a991-ed278a83b9fe
.fbot.me/	1970-01-20 23:12:13	Name: globalId Value: 1d769525-d62e-48ab-9a11-613cacc59ea1
.mountain.com/	1970-01-20 23:12:13	Name: guid Value: d65d28ca-2d7f-11ee-86e4-a970e40222ac

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
bat.bing.com
campaign.fbot.me
cdn.segment.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
dx.mountain.com
edge.fullstory.com
googleads.g.doubleclick.net
gs.mountain.com
public.fbot.me
px.mountain.com
region1.analytics.google.com
rs.fullstory.com
s.pinimg.com
static.fbot.me
stats.g.doubleclick.net
trkn.us
verify.provenskincare.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
px.mountain.com
108.156.2.33
151.101.128.84
18.155.129.14
2001:4860:4802:32::36
2606:4700:10::6816:1b5c
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c0d::9b
2a02:26f0:480:59f::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.186.194.58
35.186.249.72
35.201.112.186
35.81.162.201
52.12.47.65
52.7.151.245
52.71.7.117
52.89.99.220
54.156.2.105
54.224.232.90
99.86.8.175
005b5900b7c883605a51064c4d229f497c8ba63718c411f74a071316b33d2e1f
0594e6481c2266364eccea8d513a02218d6c85f540035d78f2aeed3d32ecaa25
11be2c7f03143f7d74ed816383cae969a5ab762b2782f24adc810f319e881bdf
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
147f0e478e4341e1e672e5ac97f2717ff1e4663879e0aa0180d3f032a1d6de1e
176dcaf2abf68661d380b648ab082a8cdfb3d17e29ed8d09fa4fe3cb184173ed
1856b8056e8ee3cdb276ab7312950c665ca5fb0c76e7649a5de044af8d9c0d78
1aea2e9fdd3d71f9febfc5be5df322ce0e3b79fd8117a9cb2dc2b130c511dddb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f4196aa7068a52fd4565db60d99f1273bddd75b5e07887a8f1da26b55806a7f
235b7db57047efef11350cffb9b1819af916e5b1f3a384e7f5589d96acae8cee
2b95e9ca2c3ac4b148d2bbb4c114f54025b5ebaab9846325f6f69991236b3aa8
2fae23d69016209bf00c2f0fa6cc02f873ad612e0f19deee78b9fe28935a19f8
346ba740a0e944b13585279bfc861649ba2d62366a63798c1971535132af5f4a
3524520082f0fb98d997a12add5031765b7cea6dbfe7396009332fac191a796b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c3d18175bb2a9fd657510f859b7d9e817e6ecddf75758b1c3a44404599e2491
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
4054cc480347d58654d4b436b3883b5d176e023257b6214a26783e90138b1ff2
4e74ceb39d503932a81a63d2fc9daa41ee4f289cf4f7942cc1f141efb9298ff9
5a34e432c75fbb6e16dd181c57f49de311198c94f55de9a3d3bd0f5d1b365dbc
5c616e846336f4a2e4e7a9d960d2605c11c6e2d879f5bb4965a4814b472912c0
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c
7cc127756b3a684e297fcf5d1017be7216014ef6f275768f270c4026b4e74a5b
822d8b37cfdf08445bbf36da23584d1ce0e54330e5dd2d7411fdc5eae3178a4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a97a7bde9058ab1100ee9bf2f213ef852b6bb936f24bd885506e817c7317afd
905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
992b514f77d65baf6afd8ad4f392e57f5b17dfa32de39eb13c8215f4404171bf
9aad208ff65a2a3a68b142842958144d89a85c5068ffa4ead39457313c6ac2bd
9d656e91ef505ab48cea9edbb9997c8d2d9a02b0e5dbea58fb792cb42d8d100a
a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612
a4245bed2413ec151fa3bc74af87f3e1f4a2de6af715a225de221e44e125aa2b
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
be0e28129fa49988033b11d539bba2d7e958d34b710b726f156982551d6ad9bc
c652156c288d59e248630d14d4c81803c66b62b312709e9993c4eb14fed2c1cc
c6821e0d41dde1b966830ec6d2a04bd8149e47ffea9cae16f6764be8b144f3e5
ca0cc430416a611dc4df40c997bcaf58c07d57dfa990e0b936a2cd5c6674d588
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6994b0a610e5bf8198ea8b590a6c9a3be7547213a66038eeed49fd792d20d64
d7bbcde1da9666ff54873a8771bf051b8a252c9e4e32e65c35f23839cbe0897a
d9b93a162b6bbb4a729c7c073b922214626f4ad025393adf0aabc57c8283d1e4
dade4f7d1b63f660d3a8e679b72f78e09a1ef8cf95df6a159300eaf67cb2ee3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e835e033b07d7f3ac6fb557992bbffaa7f70ac9062a9785be37082d9aee8e5a2
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ed567972199ceea1274ab437a48ec7f64bb72b78f093dfe67d633ec876b47981
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02670cc3b7d28eb06a52fe81b13fb6a8b9a992ac3bf6c48db8e5eebd75482d1
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb57632d2fe0c7bdfa6df229faeb43b914a7504ba1929e017bc16ee019f7be38
fc85410d12ae6d5130f3016adb6213ce4f29ff1285e1ca381895dab06a98cf03
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb
ff55a8c3e7f7f42e15688cbe1b2414b8456c44ba840333a760710fb080a41c96

verify.provenskincare.com Open in urlscan Pro 2606:4700:10::6816:1b5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

98 %HTTPS

46 %IPv6

18 Domains

25 Subdomains

27 IPs

3 Countries

1290 kBTransfer

4267 kBSize

25 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

verify.provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

98 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

27
IPs

3
Countries

1290 kB
Transfer

4267 kB
Size

25
Cookies

91 HTTP transactions
0 data transactions