help.paulaschoice.com Open in urlscan Pro
104.16.53.111 Public Scan

URL: https://www.paulaschoice.com/shop-collections/boost
Title: Boost

URL: https://www.paulaschoice.com/shop-collections/calm-redness-relief
Title: Calm

URL: https://www.paulaschoice.com/shop-collections/clear-for-acne
Title: Clear

URL: https://www.paulaschoice.com/shop-collections/clinical
Title: Clinical

URL: https://www.paulaschoice.com/shop-collections/defense
Title: Defense

URL: https://www.paulaschoice.com/shop-collections/earth-sourced
Title: Earth Sourced

URL: https://www.paulaschoice.com/shop-collections/hydralight
Title: Hydralight

URL: https://www.paulaschoice.com/skin-care-products/kits-and-sets
Title: Kits & Sets

URL: https://www.paulaschoice.com/shop-collections/moisture-boost
Title: Moisture Boost

URL: https://www.paulaschoice.com/shop-collections/pc4men
Title: PC4Men

URL: https://www.paulaschoice.com/shop-collections/resist-anti-aging
Title: Resist

URL: https://www.paulaschoice.com/shop-collections/skin-balancing
Title: Skin Balancing

URL: https://www.paulaschoice.com/shop-collections/skin-recovery
Title: Skin Recovery

URL: https://www.paulaschoice.com/who-we-are/about-us
Title: About Us

URL: https://www.paulaschoice.com/who-we-are/about-paula
Title: Paula's Story

URL: https://www.paulaschoice.com/who-we-are/press.html?fdid=who-we-are
Title: Press Room

URL: https://www.paulaschoice.com/who-we-are/events
Title: Events

URL: https://www.paulaschoice.com/who-we-are/community
Title: Community

URL: https://www.paulaschoice.com/who-we-are/terracycle
Title: Sustainability and Recycling

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=6be1c14e-eafe-46d2-b806-493b971a8150&ccId=19000101_000001&type=MP&lang=en_US
Title: Careers

URL: https://www.paulaschoice.com/auto-replenishment
Title: Auto Replenishment

URL: https://www.paulaschoice.com/account/orders
Title: Order Status

URL: https://www.paulaschoice.com/account
Title: My Account

URL: https://paulaschoice.studentbeans.com/
Title: Student Discount

URL: https://www.paulaschoice.com/who-we-are/affiliate-program.html?fdid=who-we-are
Title: Affiliate Program

URL: https://www.facebook.com/PaulasChoice.Inc/

URL: https://twitter.com/paulaschoice

URL: https://www.youtube.com/user/PaulasChoiceBeauty

URL: https://www.pinterest.com/paulaschoice/

URL: https://www.instagram.com/paulaschoice/

URL: https://www.paulaschoice.com/who-we-are/accessibility.html?fdid=who-we-are
Title: ACCESSIBILITY

URL: https://www.paulaschoice.com/who-we-are/privacy.html?fdid=who-we-are
Title: PRIVACY/SECURITY

URL: https://www.paulaschoice.com/on/demandware.store/Sites-paulaschoice_us-Site/en_US/%2fSiteMap-Start
Title: SITE MAP

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.em.paulaschoice.com/?qs=c50c97a9a5c2586d2f67708b700c644b39d9997d18a01214cc013927e20b55b55169e365ecea5a0838c03922150ff3fbe31d6df1a426d0038285a5c2f5d2b9c8 HTTP 301
https://click.em.paulaschoice.com/?qs=c50c97a9a5c2586d2f67708b700c644b39d9997d18a01214cc013927e20b55b55169e365ecea5a0838c03922150ff3fbe31d6df1a426d0038285a5c2f5d2b9c8 HTTP 302
https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://paulaschoicesupport.zendesk.com/auth/v2/host.js HTTP 302
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en-us Show response
help.paulaschoice.com/hc/
Redirect Chain

http://click.em.paulaschoice.com/?qs=c50c97a9a5c2586d2f67708b700c644b39d9997d18a01214cc013927e20b55b55169e365ecea5a0838c03922150ff3fbe31d6df1a426d0038285a5c2f5d2b9c8
https://click.em.paulaschoice.com/?qs=c50c97a9a5c2586d2f67708b700c644b39d9997d18a01214cc013927e20b55b55169e365ecea5a0838c03922150ff3fbe31d6df1a426d0038285a5c2f5d2b9c8
https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=3262503...

21 KB
8 KB

200ms
99ms

Document
text/html

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b138aa5a653339e062f1cdcd30daf4c42a895de0bb39513e000c001c91010f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23
cache-control: max-age=0, public
cf-cache-status: HIT
cf-ray: 768cb32e4e869176-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sat, 12 Nov 2022 04:59:43 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol: HTTP/1.1 always
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TD%2FR3GqrHwxGX0QAVjf0RUNa931%2FjMorlNfQiXrRPGZGtLsPbrC8QB0s%2BS58eZai3Y%2FbIkUGLoXk%2F7J8P98OqvptSrDpf66RuBw%2BteGQdcKr0ot6j7bpnrGnsOa04iRQCN%2BMTpg70w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=259200;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-request-id: 768cb2988107912b-FRA
x-runtime: 0.099115
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-5c479cf4d4-9m2w4
x-zendesk-processed-host-header: help.paulaschoice.com

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 411
Content-Type: text/html; charset=utf-8
Date: Sat, 12 Nov 2022 04:59:43 GMT
Location: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781

GET
H2 200 application-1a1175db35230dfa282e711364a74c60.css
static.zdassets.com/hc/assets/ 47 KB
8 KB 81ms
32ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-1a1175db35230dfa282e711364a74c60.css

Requested by

Host: help.paulaschoice.com
URL: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf637b7823c9a484872231e61705b0b5f2610bde3d88b2bb7a9e602761516855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
x-amz-version-id: bL2LWgMaoBLZUSQ8q4UNTV3qIFoccLs4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KZ4EPM5KZ4KD5VH4
age: 340325
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xxWntf4YZDGfRVYWrUzWmW7eNp+NIS3PvQbos+ZqJGDFw4HpXHuTjmo8LRTZ2i3O9kVJ45NnVbDU+yvyAkypxA==
last-modified: Tue, 13 Sep 2022 05:52:40 GMT
server: cloudflare
etag: W/"9cd4c45ddf4ed0a23f0cec50ae1389ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgZo5tHU04r1WV8xQpQHilhliS1q90uVG3fbSFCgRdth%2Fqz5nQMsPEfqM7l439VLlG5S6z5uUiF6yGPnjx7Mj31boAMivQoF5Qb%2BsqsBf6pYYovHOya%2BjrMhbYxUwWkrRYVHFY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 768cb32f39d69c07-FRA

GET
H2 200 theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
static.zdassets.com/hc/assets/ 9 KB
3 KB 82ms
34ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836316444e9cede5ce83cfe98734b9c8ab27192a9634a59b82c118a8e6792037

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
x-amz-version-id: oybSA9g.I0t7wOLbp6s55PJKwmeyFhJk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XER69CM16YEBJ262
age: 242172
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: at9fF4qG+bPlbsSyhBuwIF3Hs5St1P7zB/r16I2Tdf/U0SblWi+SjXIpjRr+zscnjeDC5L1R4Kc=
last-modified: Wed, 31 Aug 2022 09:40:23 GMT
server: cloudflare
etag: W/"359c3fce9769020f14763e4e3615597d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEMuaGCbcMtQZFeH%2BmGkH4oTJQkz6688JBnmrXjrFkphXkheQkh6YkpCRhfammZcKMtgiecM6XhkrTjIvs4ZqWD8FdeO6jtqlx7H5knNs8%2FpuinIjLc7A2YgV2eanMu7kKVCm0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 768cb32f39d89c07-FRA

GET
H2 200 style.css
p19.zdassets.com/hc/theming_assets/9229104/360002280113/ 89 KB
16 KB 89ms
34ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fab03b53d8c150c3de91c22d7790207c60fe3c0f6fc7e8c1b2f8c2fdb16eebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
x-zendesk-origin-server: help-center-unicorn-5c479cf4d4-n24s7
protocol: HTTP/1.1 always
x-request-id: 768cb29bcdd3695e-IAD
x-ua-compatible: IE=edge
x-runtime: 0.013838
server: cloudflare
etag: W/"3fab03b53d8c150c3de91c22d7790207"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BXTyj3DH%2FXSeokf5uAS3dlyLCYb66feSe%2BUWlm9lWXYU1zNlNNskIJH5hEn3G5V%2Bm5gFeA89RXFRQ%2BoZpPRgN%2F2AAmk93bIXwD1CWcJhHOgj%2FsOCKwQgnlFUVDR7Vt9kzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: p19.zdassets.com
cf-ray: 768cb32f3d459a11-FRA

GET
H2 200 jquery-09d07e20ce042ef10e301661ad1f316c.js Show response
static.zdassets.com/hc/assets/ 90 KB
33 KB 83ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1fc56c5af917b653be54d619245c4079c1afec0991321f0d358679b1ef529a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
x-amz-version-id: rpSxj.WLn2z7XAModSczuGOT2.c4K6Jx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MS121TA0983YJRSP
age: 323683
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: p/FkQBmmeSs8QNkpGXvGQIs1yKbKGWiJCwI5FYd7Vmc0Kskfv04jcJYK6LXpBsGYpNjjkHZ2qiI=
last-modified: Tue, 30 Aug 2022 11:01:39 GMT
server: cloudflare
etag: W/"06821d0f1e25137c2297502c6ced525d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbNREgHuiWTmBZiJTAGNqMw5J%2FUke05vcCEGfwaDiOsDjZlHIJ7F5Fq%2BMSfnHig9HYdsOU%2B9Anub4oSKq1B4PASFmkBB%2BKzZne1zBjWABVqMF%2BpHHhFo8xa%2FcUAkBoe6C7H8C4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb32f39da9c07-FRA

GET
H2 200 inject-sage Show response
app.tombot.ai/api/ 4 KB
2 KB 816ms
189ms Script
text/javascript 52.52.252.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tombot.ai/api/inject-sage?lang=en&accountId=5fbc4b76e08bcf001998b069

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.52.252.88 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.23.1 / Express

Resource Hash

70807453a979c66591870d265aa85e621edba1af757fc65cead56b60499d110a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.23.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *

GET
H2 200 script.js Show response
p19.zdassets.com/hc/theming_assets/9229104/360002280113/ 10 KB
3 KB 91ms
36ms Script
text/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/script.js?digest=9886624480019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7ae62da67ab91b2ae48889b679f91e27e647dea238fde11727ab37b7b9cf0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
x-zendesk-origin-server: help-center-unicorn-5c479cf4d4-8gn62
protocol: HTTP/1.1 always
x-request-id: 768cb29bcdd4695e-FRA
x-ua-compatible: IE=edge
x-runtime: 0.011000
server: cloudflare
etag: W/"c7ae62da67ab91b2ae48889b679f91e2"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY4wy8coUynzTqc2Zarlgbk4FizITpvMNREo1W8nJ5fo1otTAhY6piLSX5fbUWYVfunmRzm7iAffvKGG6vE7i3zEpDJAhdmPqE9N8E%2FE%2FdnZSAVkuJhqdHnEqrqNCmQzB94%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: p19.zdassets.com
cf-ray: 768cb32f4d489a11-FRA

GET
H2 200 86bb1847231793a5f57158d619bf8fe517d8931b.svg
theme.zdassets.com/theme_assets/9229104/ 3 KB
2 KB 53ms
33ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/9229104/86bb1847231793a5f57158d619bf8fe517d8931b.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

202687d15f3cd90dda4a84b124242f14449185b98cad002e04cb9b7ae6e6efa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: RKcvLuHIyypmdQBo722J35Kfn.1a44AY
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 77712
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 07 Sep 2019 20:33:07 GMT
server: cloudflare
etag: W/"d2631e224099c64dcdfe571bda6090cd"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQQhNmkAl51908D6f9sFY5W7wdHJTn%2BohPAusTB0y8e3Kgrst1tXclJU8bflZJyB4E2R6P%2BOun8OJ4l8p50KtCE0RtnxJlj30jzH4fGm%2Fr%2FMpvlNcybLp%2B9q121No2FjlkAIFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 768cb3317d469c07-FRA
x-amz-cf-id: DkfcV1z3dQZ7JX1lo0pOeLMD5ZvV1hPsvghn1W9zZbZee_VslWsMXA==

GET
H2 200 facebook.png
www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw495e098c/images/footer-new/ 112 B
504 B 116ms
52ms Image
image/webp 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw495e098c/images/footer-new/facebook.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b38cbe66d4b4445c69ad01306f8a17d49428579a0ddf963965053ed0c30a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 12 Nov 2022 04:59:44 GMT
cf-cache-status: HIT
akamai-cache-status: Miss from child, Miss from parent
cf-polished: origFmt=png, origSize=189
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="facebook.webp"
content-length: 112
last-modified: Mon, 17 Dec 2018 18:16:59 GMT
cf-bgj: imgq:100,h2pri
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2425321
accept-ranges: bytes
cf-ray: 768cb3322b21908e-FRA
x-dw-request-base-id: WXQ3GvonbGMBAAB_

GET
H2 200 twitter.png
www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5ca917f3/images/footer-new/ 180 B
571 B 42ms
42ms Image
image/webp 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5ca917f3/images/footer-new/twitter.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3168ae1fd8b347b0d4c649afbc456fda1f2e7f114736545fce2abf126ec161b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 12 Nov 2022 04:59:44 GMT
cf-cache-status: HIT
akamai-cache-status: Miss from child, Miss from parent
cf-polished: origFmt=png, origSize=314
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="twitter.webp"
content-length: 180
last-modified: Mon, 17 Dec 2018 18:16:59 GMT
cf-bgj: imgq:100,h2pri
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2556703
accept-ranges: bytes
cf-ray: 768cb3327d619010-FRA
x-dw-request-base-id: WXQDbk0pbmMBAAB_

GET
H2 200 youtube.png
www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5daf9210/images/footer-new/ 132 B
523 B 40ms
40ms Image
image/webp 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5daf9210/images/footer-new/youtube.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

16e73e67a5a89e8299a2e1cd471ddeeaf07de291bc01194dcad3aaa58d6581de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 12 Nov 2022 04:59:44 GMT
cf-cache-status: HIT
akamai-cache-status: Miss from child, Miss from parent
cf-polished: origFmt=png, origSize=232
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="youtube.webp"
content-length: 132
last-modified: Mon, 17 Dec 2018 18:16:59 GMT
cf-bgj: imgq:100,h2pri
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2551505
accept-ranges: bytes
cf-ray: 768cb332cd679a15-FRA
x-dw-request-base-id: -WAWagAVbmMBAAB_

GET
H2 200 pinterest.png
www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dwd9afd335/images/footer-new/ 218 B
611 B 44ms
44ms Image
image/webp 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dwd9afd335/images/footer-new/pinterest.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cb21b4d4ad8f8e64f2c9f29e98776f08dc29ebf53de6f9bb1c33ae80e1a28ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 12 Nov 2022 04:59:44 GMT
cf-cache-status: HIT
akamai-cache-status: Miss from child, Miss from parent
cf-polished: origFmt=png, origSize=389
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="pinterest.webp"
content-length: 218
last-modified: Mon, 17 Dec 2018 18:16:59 GMT
cf-bgj: imgq:100,h2pri
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2562214
accept-ranges: bytes
cf-ray: 768cb333098b5be5-FRA
x-dw-request-base-id: -WC4CFFNbmMBAAB_

GET
H2 200 instagram.png
www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5fa15a3e/images/footer-new/ 146 B
540 B 43ms
43ms Image
image/webp 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paulaschoice.com/on/demandware.static/-/Library-Sites-paulachoice/default/dw5fa15a3e/images/footer-new/instagram.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e91d493dab96865cc3f4662c39cb64f6130d55a0a4841899f586a7c5b293cec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 12 Nov 2022 04:59:44 GMT
cf-cache-status: HIT
akamai-cache-status: Miss from child, Miss from parent
cf-polished: origFmt=png, origSize=289
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="instagram.webp"
content-length: 146
last-modified: Mon, 17 Dec 2018 18:16:59 GMT
cf-bgj: imgq:100,h2pri
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2536846
accept-ranges: bytes
cf-ray: 768cb3335acd5c14-FRA
x-dw-request-base-id: -WC7RWJHbmMBAAB_

GET
H2 200 en-us.1aa110d50fb14b022739.js Show response
static.zdassets.com/hc/assets/ 202 KB
36 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.1aa110d50fb14b022739.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372074b34b354c7360be23a5684b8e9dcf89f810b24637e601473f01985da169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:43 GMT
x-amz-version-id: BnXEgOIw.XDwPTs4asChxczkA2hA1WKR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HPMMS5SYK3M87BYD
age: 312364
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jWCwmZJmpyPulsnNPscw4QV2nwukTA+qKp1kjhvJD/LYmvRWqh921tmC5eXZyPs2bUxYt56B/Ak=
last-modified: Tue, 08 Nov 2022 14:09:45 GMT
server: cloudflare
etag: W/"1aa110d50fb14b022739063fc27e8f94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeTvJmWfQ%2B%2BwBcGyQEEGhYp8IOONjyiUyir6LEkJtWiv5cc5kcPpDHNtroKQVjKpXbJ6VRKxRWQNkkz8eGkLRFp%2BFyurrlrrlyxzebv7gdpIxfn%2FgGBi1KyRrLwEfWzukMBJaDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb32f9a5f9c07-FRA

GET
H2

200

host.js Show response
static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/
Redirect Chain

https://paulaschoicesupport.zendesk.com/auth/v2/host.js
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

27 KB
10 KB

34ms
34ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

Requested by

Protocol

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6b3acac84ed57a0c82d2a51fc92a787bd9ae1cf49fef6dda4488ee74e1aef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: GGpmZXneYaIIkD9RpNG_UVNXWFJk4gcQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 2RW6FRVF4PZMQFC0
age: 2419
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0dV/UkncFvbJc0Kme5UmusuynCkPAcLRQmdt3PaP3ZUmPtH6MgG+pD1EeIRuSiIHbbFP2zBHROY=
last-modified: Mon, 31 Oct 2022 19:00:02 GMT
server: cloudflare
etag: W/"529f256a5f626ab8428b8c9566e4b53f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HC2PTxIdyHfkKvq9B8voYPZQgTl%2BuZfmNsOAvYS07yCYD93iUycAfxb5GUYMVUbyocSjwRyi61aEhoqkwNOkrt8gL%2BWgCkHy%2FPUK8aCQhKIwYOctSZe9n%2FOgiwRi6vpFlXvMhYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 768cb3307bb79c07-FRA

Redirect headers

date: Sat, 12 Nov 2022 04:59:44 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14899
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-65959b4456-7gzrl
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: 768b47738e336921-IAD, 768b47738e336921-IAD
x-runtime: 0.058813
server: cloudflare
x-zendesk-zorg: yes
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiuLcr2auWV3%2BjdBrCHes43GqA4B2dBrRa1tkw7o6rmx6E9m74sJYRXkX9lWZym7xMqbZPQZhhDonOtHiB%2BOShjLpKCjYcM%2BHcKH%2FvJL7uYhLgNiewr9veo5wb1HGErd3p6n2sH751lEwmouUhEdDN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js
cache-control: max-age=86400, public
cf-ray: 768cb3302fe468fd-FRA

GET
H2 200 moment-4ef0d82f9fc65c8a28f659aa3430955f.js Show response
static.zdassets.com/hc/assets/ 24 KB
10 KB 38ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd03b0b6236cb66eb345ef4921d76c8d9be436ea7cc7c89f9e62163c3e0a4a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: 9EHJuP6fqVNwSkZbbvJutaoduKlOMdBE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: GX1T4ZGBNSJCSVPB
age: 135339
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: CGo69AEWVO8LDp/pyOAJ7jCkNUzH2GYL++ptDmlBC2qBRKlrtbSWVQ441hAODXzuJCk5tAJfzNA=
last-modified: Thu, 08 Sep 2022 12:08:14 GMT
server: cloudflare
etag: W/"e1ae1e8e526e50ac4d8ce91396726097"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTVVrr%2BbZzQzVjnr4rn0rwg%2FJyIVwRsPhhoYVX625%2FDcNCA7zlsim28Y%2BQ%2BCJrJTFY6K3lWm8kyJQaDn9lbHiSrRyeVFF9pQDjJaO%2FnQAnbgMMKNl6GvBZh%2FQj80uHee%2FM99M2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb330ac069c07-FRA

GET
H2 200 hc_enduser-2aded2cadda95032bc1257577390856e.js Show response
static.zdassets.com/hc/assets/ 557 KB
176 KB 43ms
43ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-2aded2cadda95032bc1257577390856e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

529293fe5376eff83aff71ec13e964c85f9a9e67272dda1368a6940dda96b060

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: HgktXyny3SE.blDUzaPiOlpbKh9cIYLJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7MWTDEXEYS4CTH4B
age: 312375
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: g1qav09R5AVD+lMVW3GlUc4RznI6q18Ge45J9AR9IGHEKFZ0igHSeYJoEH7lkRRd3cRjVolWAZ8=
last-modified: Tue, 08 Nov 2022 14:09:57 GMT
server: cloudflare
etag: W/"008a78189dae008b3f789823328458ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrAam9G1CE%2Fl0W3r%2BRixKzUNaT%2Fa6zDD7JdfW%2FGrTDDnllO0XuG57nYsIU8ZLNxyebmLRcJBZK5CsYj%2F%2FU0celNQytYjT%2F%2BxNO%2Ba1soS5rgkCRQxRfp%2FiUMphH4uNw7kfP3AKQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb330ec579c07-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 03:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6230
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 12 Nov 2022 05:15:54 GMT

GET
H2 200 inject-sage.js Show response
app.tombot.ai/shell/widget/ 2 KB
1 KB 186ms
185ms Script
application/javascript 52.52.252.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tombot.ai/shell/widget/inject-sage.js

Requested by

Host: app.tombot.ai
URL: https://app.tombot.ai/api/inject-sage?lang=en&accountId=5fbc4b76e08bcf001998b069

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.52.252.88 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.23.1 / Express

Resource Hash

959648d38fb87da58e547cfa1dc646e15aca2a8c50dddaaafe58b417065ddc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 08 Nov 2022 07:19:24 GMT
server: nginx/1.23.1
x-powered-by: Express
etag: W/"69d-184561ba860"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 302b7f08aad1ad59b52c42374d7f1f7795c223ab.jpg
theme.zdassets.com/theme_assets/9229104/ 29 KB
30 KB 34ms
34ms Image
image/jpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/9229104/302b7f08aad1ad59b52c42374d7f1f7795c223ab.jpg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67339980494132bd05f95dbdf1e4996c89fc2bf257b52d4e8f6f74189ad9ec72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-version-id: l8TyT.2SV4wb6Tx.b77pYWLQeJ2P3wg.
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
age: 8
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 30202
cf-bgj: h2pri
last-modified: Sat, 07 Sep 2019 20:35:41 GMT
server: cloudflare
etag: "3a75036d61a495c086bbba3c7b50d5ef"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LPOJwKwrWN5iuOQV0SN06KRHHlv3DHYGobyJFabmbrY1Qu5JsFwv7yrLjvJWLULdiAYdKl5gjG7TQ69PHQu5e4x8GCM2LEgCbQB5sMCO73Judh0Lr%2BULsgx7WFxui9W0i%2FJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 768cb33409199c07-FRA
x-amz-cf-id: lENbuKo0qEgwbHqHxpEs7qr4vpcQ-yMquZ5hxXtZ60pqmFO759g51Q==

GET
H2 200 43cb09888ffe58d44d4b001f106e2dee99d923e4.woff
theme.zdassets.com/theme_assets/9229104/ 25 KB
26 KB 108ms
60ms Font
application/font-woff 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/9229104/43cb09888ffe58d44d4b001f106e2dee99d923e4.woff

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4d14ae35b140c6964fc7521bd497d3a14f5aaa1fce3173abdccab17bde60b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://help.paulaschoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: uG0JR95w_awywdJXXOUDIDsOpqD6uHBJ
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: DUS51-P1
age: 23
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 07 Sep 2019 20:48:40 GMT
server: cloudflare
etag: W/"3d356e041336b873d26fb3c4318a7a5d"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbK0o9hEfc3y4sD58kEZgpBSnI4bKfaDWfvkXNOQNpeBUV0AMBBh1kjA0AtdWxOpC13%2FIg6Q4q1gFfhARoDuVjFuKQbrHmlQIPfrrR5W4AIvgB04jG4mygI8%2BpdVygeKk9cGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 768cb3345a099232-FRA
x-amz-cf-id: amRndb331pHs4brtNkv6qjGQGu-A8ZN85siGf5gD2S0WNfouxhtCGQ==

GET
H2 200 a0180976f75770c699e50dad84d21e05adfc6519.svg
theme.zdassets.com/theme_assets/9229104/ 942 B
1 KB 34ms
34ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/9229104/a0180976f75770c699e50dad84d21e05adfc6519.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc85a2a4c683c8f4ea566f25c1cb6ae9f115ec62383c16cf77d96b488c1ce0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: uZO6ktEEOmbShcLCqcb5IEbaV9SAGmGN
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
age: 14899
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 08 Sep 2019 15:39:40 GMT
server: cloudflare
etag: W/"55f44e66c9bdcbe0433810b3dffb513f"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BS8BIwY4XuwCRAmb%2FQDMnTqkYRdroVm0L%2B3iP31ulH3PPGsW38ku09NpYYBzcQwkSJoeQ7VS8rkF7k7vStUlbw6mxepp6dImx0mhQ83AUfW0%2B%2FFdphZzCbASLYoBhp9W58Bvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 768cb33419219c07-FRA
x-amz-cf-id: rrdBxo_J7pXJ62SDu8DFqXvLj4Do5gFBFzGIk-5LUYh9LouLSMj_JQ==

GET
H2 200 f79bb887ea29e4dd64dddc32ac35ec28dbd3b674.svg
theme.zdassets.com/theme_assets/9229104/ 949 B
1 KB 35ms
34ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/9229104/f79bb887ea29e4dd64dddc32ac35ec28dbd3b674.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ef63090d49fd47862261033bc943afbfbf578a69b958c52529f725003aab86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: eThqHKlbP6PFembU..y2U9eCrQzhVKXy
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
age: 14899
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 08 Sep 2019 15:39:41 GMT
server: cloudflare
etag: W/"1ac482de44d9e9a537fad21b4f0380b9"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNYiLPZtcc30OTRSaqfpHICKbAK0o7gBxLExGO9L8LE1MwlnRrTnCfRT5sN1D2OWq0iCR8llICe1HgkM4iTZmLtbWAhi7RuDUf%2FTD6b%2Fiu6nrzi85hazk8clQrSE4jNYuooWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 768cb33419249c07-FRA
x-amz-cf-id: nzHkXvfa3apAygqO6ic5R2E8pERST2ujjrCD4TmlY3Twkju9vBQIYQ==

GET
H2 200 8cf5cb0bb5fa1a96a14cdf67df2ce3e043985494.svg
theme.zdassets.com/theme_assets/9229104/ 1 KB
1 KB 32ms
31ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/9229104/8cf5cb0bb5fa1a96a14cdf67df2ce3e043985494.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97cbcac4dd04ffbbe8f9fb55e4651e2c3bff75a955499d7abea7bd7bcb414fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: KXo_pOxUHiI25sjbWp0hO8T.e6ejQqvY
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
age: 14899
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 08 Sep 2019 15:39:39 GMT
server: cloudflare
etag: W/"10283ad975037dec996c482f4779f032"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm8%2FHiHanVPj8GySmZAcTw6UrmJx1o1LZ8tKuSbGGCmogUo%2FBwLZM6Y2ee3WCmjMaxYg4PcjowhgzledY62YbaTD6hiV%2Fee%2BxFaPYkqYTJz4kyblToFc3DAcTVC08WoOUgINIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 768cb33419259c07-FRA
x-amz-cf-id: 1zpZNE67D_0cg-1gFM3Tb0Zi7INxpXN_HrmlyVEEuMv3cLzRO4WcoQ==

GET
H2 200 7962a705862a2eb81e700ad0cda6b1e0827a6cca.woff
theme.zdassets.com/theme_assets/9229104/ 26 KB
26 KB 105ms
60ms Font
application/font-woff 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/9229104/7962a705862a2eb81e700ad0cda6b1e0827a6cca.woff

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4160c3d00829a5a75fe8bb0da04779655254aa705f0ec3d96e9b49a72d0854

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://help.paulaschoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: 2Ye7291YNVcIdBFR9NvhHEAbT51DD6nm
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: DUS51-P1
age: 23
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 07 Sep 2019 20:48:30 GMT
server: cloudflare
etag: W/"c6820c31759aff2f730eb0f64fff4cdd"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcqA8wsbhpZDs2xVeqsI6A0smXq%2BSB2WdRIWzj3pEIFYuF1AKgZVO8PKWG0H2QrqZgNWYbC2L4I7Za64SjQ9kJWdFgKeKQ4lqL267cFlmPt80MBdC7nZUi8nFYrZeyTv8E2E9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 768cb3345a0a9232-FRA
x-amz-cf-id: ohi6s4oeh-ZoXpheaxkJaMINgd3QiRWOUjLm39so3uusZZUE9NaIJQ==

GET
H2 200 copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff
static.zdassets.com/hc/assets/ 4 KB
5 KB 128ms
85ms Font
application/font-woff 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Origin: https://help.paulaschoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: YDC.EJZcSJiMI7WdQ00Ms9JAyf4lCkeA
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PGYPE57X6PMQ7P9Y
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0ZOjzQ7RvpxnCUOhtTsTCAg+HZbfU/dRVXftIY73DVcefPrcRn7MXSbC+TBQ0PQNNqTWWYAVVVg=
last-modified: Thu, 10 Nov 2022 13:15:54 GMT
server: cloudflare
etag: W/"74ee60bf509aab9976dd0c4358b7bd5c"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2VAoN3yFBidvPynVUPnJ8QHknUDNvs5wM%2BSuSVsi8nRw8xpBxI4mlSKwp4Mv9bsFwZYYSkzjbeH4CxT4kgTQXh4TPIASx3xB%2FAcl4048PizyjVrZq76WBZtsiLx6RspURjk%2FyE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Type, Content-Length, ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=604800
cf-ray: 768cb33459ac694c-FRA

GET
H2 200 526aab06f34b2516c51cd18f6b4969f080394282.woff
theme.zdassets.com/theme_assets/9229104/ 82 KB
83 KB 80ms
35ms Font
application/font-woff 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/9229104/526aab06f34b2516c51cd18f6b4969f080394282.woff

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/9229104/360002280113/style.css?digest=9886624480019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84de2318fa085c0645268451ed526dbb9a80e54d15b836d4af3d35b57444681

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://help.paulaschoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: gO4v5j0NG15wysGpqtZqJKwh7S6SrFHS
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: DUS51-P1
age: 63751
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 07 Sep 2019 20:48:35 GMT
server: cloudflare
etag: W/"fd5a09aa15a9db8169c2c79513d50966"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etp8bjmbm%2Fano393sbWXY%2B37AT8Pe%2FcIwZk8PE6NNWUV78zr5jhoQLo%2BK1A8TKxDrY0sIq%2F4U1Zmu9dTitZvkX0jOYCu0mN4roMNbfDlP%2BsqrWVMvB1AYjm6Ovs7vWTNOjzMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 768cb3345a0b9232-FRA
x-amz-cf-id: xWaaLdoFps3NVNNpR17drdEa-_F2UGMjx6NwdjiJjEkyRoZ7ZkYBRg==

GET
H2 200 react-56493a1793e64505e8e4058de58a1cef.js Show response
static.zdassets.com/hc/assets/ 135 KB
43 KB 37ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-56493a1793e64505e8e4058de58a1cef.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-2aded2cadda95032bc1257577390856e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: XJZIUpZcPvLSeMXjb7myDJm7ihoZt0VA
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XER4TXDAP6YPGB5F
age: 242172
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nSpRiaIBCzdsH967EpPhB/ekMA7ww1gnkom8FS0wOex0fAn+JJhppxS4wBOXK9XTp25rzTBhHp0=
last-modified: Wed, 31 Aug 2022 09:40:22 GMT
server: cloudflare
etag: W/"ef0668e9329c77e1544e80d861258de8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnARrmLvh4fB8Yjz17pbd7hQsQiaLlZYHnmX3Vu8VbJ8ziuvN6Z681BlIWFEJ8OorKsYhHR7MgROfcm219KCIkj%2Br%2BLdIjYPlt%2B4G1wolcywCXjKfZcaNK9uj7UQ5JFnvZsE5xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb33479be9c07-FRA

GET
H2 200 Notifications-c3ead3acc6739af34739b80cf1366af1.js Show response
static.zdassets.com/hc/assets/ 7 KB
4 KB 34ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-c3ead3acc6739af34739b80cf1366af1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-2aded2cadda95032bc1257577390856e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

630289b7c03bdb6e89d7361bd639497353f88d29f28327f0dc8ad668eb3c3304

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: cSIBtRaOL3ZS5mXWYmtPHYGrv50cmNf_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XER2010V0STTH088
age: 242173
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uG2kUxdwn7d8Gk14QTVIvCkP4iAnZtI/1MmSGQrr93OYMEHbr42U6HLWlyYRF/GDvQl9D7yt6wI=
last-modified: Wed, 31 Aug 2022 09:40:05 GMT
server: cloudflare
etag: W/"f236403223cbdfa3292dec411b19d4d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6mYUYzc6X5ogwGi78EYAKR59VEVtel0RT7%2BCTKkqYizbmBEvmWB0QOrFMWuQcxAzYVElwz3mQZwXJTdjubWD4sALns%2BNHlYp9B%2BLFeh7tBA0Y1nj9PSNcVXZv2QXCLOS1Bs7rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 768cb33479c09c07-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=web_widget/paulaschoicesupport.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-2aded2cadda95032bc1257577390856e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5T7ZA9XYG7XEHQ54
age: 0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: U4KAtjA3NNqoTZsycBx86bx6wM5hqPwTudIyTU/0EKOT+YTXkUMFgVdcHYZSOliVoTOXF0QRtto=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9B0XsvnYesL032RK1V%2FayZ3vyNAzDAGQ2arjOxIhXYpugOaqSMlZzExLVW5ptniJGYfW2A75jzI7S0kQzDPn6veeURleM7yOb9vYI16R1J%2FeCC9vsU7ETSwjtKs%2BZelRm%2BSiuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 768cb33489c59c07-FRA

POST
H2 200 activity
help.paulaschoice.com/hc/ 0
0 150ms
149ms Fetch
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://help.paulaschoice.com/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-2aded2cadda95032bc1257577390856e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 768cb334a4329176-IAD, 768cb334a4329176-IAD
x-runtime: 0.001750
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T0IPRDgeKTY2w6yNxg%2BlsYxnkHVpZsLdHfKRg0HSuOM0xrqfi90Aen5Lq0o5ZPABRKnXZPmC3xyi3EU7sC04g3ZFj6vJsHwdshsoGzV5SEcyhPFrd88zfIHHy0jR75fPF49hcpLqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
vary: Accept-Encoding
x-zendesk-zorg: yes
cf-ray: 768cb3348f2c9176-FRA

GET
BLOB 200
OK 0f51b4c5-592f-43fc-9956-2b1ecb28269d
https://help.paulaschoice.com/ 819 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://help.paulaschoice.com/0f51b4c5-592f-43fc-9956-2b1ecb28269d
Requested by: Host: help.paulaschoice.com
URL: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 819

OPTIONS
H2 200 users.json
paulaschoicesupport.zendesk.com/api/v2/groups/360005729094/ Frame 0
0 497ms
447ms Preflight
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulaschoicesupport.zendesk.com/api/v2/groups/360005729094/users.json

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://help.paulaschoice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,X-Requested-With,X-Prototype-Version,X-Zendesk-API,Content-Type,X-CSRF-Token,X-Zendesk-Renew-Session
access-control-allow-methods: GET,HEAD,POST,PATCH,PUT,DELETE
access-control-allow-origin: https://help.paulaschoice.com
access-control-expose-headers: X-Zendesk-API-Warn,X-Zendesk-User-Id,X-Zendesk-User-Session-Expires-At
access-control-max-age: 86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 768cb334fe06bb61-FRA
content-length: 0
content-type: text/plain
date: Sat, 12 Nov 2022 04:59:45 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQmpGvuNOMZqGCuzeSSvH9CTUMbrBOvlZmBdSZ1waQytYStZZ2EiJAr6KGgQdyYg4pqKYOIp10YbM2O9w2KeIpgXuRHl%2FU71YDZRf825cppgS3NvtidYIoIYzflQ4h%2FvOhGP96M7FoalZI3RhpswyA4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
x-rate-limit: 700
x-rate-limit-remaining: 425
x-request-id: 768cb334fe06bb61-FRA 768cb334fe06bb61-FRA
x-runtime: 0.087186
x-zendesk-origin-server: classic-app-server-65959b4456-mj9hw
x-zendesk-zorg: yes

GET
H2 200 users.json Show response
paulaschoicesupport.zendesk.com/api/v2/groups/360005729094/ 26 KB
4 KB 350ms
350ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulaschoicesupport.zendesk.com/api/v2/groups/360005729094/users.json

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887c9fd42931097c0325ed5e0d97752ce5bc311bc39282a08ccc021c802d2814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://help.paulaschoice.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer 665e29ba5e68387ae7ab2bc2414f11093e9c53346f98df784155dd1eea9b7a22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-rate-limit-remaining: 420
x-rate-limit: 700
x-zendesk-origin-server: classic-app-server-65959b4456-5wxqs
x-request-id: 768cb337c959bb61-IAD, 768cb337c959bb61-IAD
x-runtime: 0.216541
server: cloudflare
x-zendesk-api-version: v2
etag: W/"77dac46b6618a35a38e6f50d558f4fdb"
x-zendesk-zorg: yes
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyXyhdTIuhhpLtnK8QzohZlQrSYW5aEvmfVrH6%2BJBUIK0kAjgY27p0l3JhREXS8ExjB9oFhu5cv2WjwH4lBeozq5Y2mKXcN4EECcXkRzzGW%2B9G%2FMJTBUhea8UfxPOWWpYVVKrnXJGCLtkkhSxs4wiy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn,X-Zendesk-User-Id,X-Zendesk-User-Session-Expires-At
cache-control: max-age=0, private, must-revalidate
x-zendesk-application-version: v14495
cf-ray: 768cb337c959bb61-FRA

GET
H2 200 invisible.js Show response
help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame CD12 33 KB
14 KB 28ms
27ms Script
application/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668225600
Requested by: Host: help.paulaschoice.com
URL: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad686278e0a82adf716c6820abb4242c55c91f44f3439591f532ed7279f0c452

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7g%2BAYgegSkN66p67WEtXcugrjthtLNvOS%2BQNYCYBt35ySjCr2Dml8FpItdef2Ysk0g%2BGfDRNZxuw%2FTD05Hh3iOVCOfGZClQHvN9I9oELoO8ntkXaLRGMvGiBS7d%2Brz3Gjh%2Bg7anOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 768cb334af5e9176-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 40ms
39ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1166885009&t=pageview&_s=1&dl=https%3A%2F%2Fhelp.paulaschoice.com%2Fhc%2Fen-us%3Fp%3DGLOWDUO%26utm_source%3Dsfmc%26utm_term%3D%26utm_medium%3Demail_trigger%26utm_campaign%3DUS_ACCOUNTCREATED%26utm_id%3D71326%26sfmc_id%3D32625039%26sfmc_conv%3D1%26j%3D71326%26sfmc_sub%3D32625039%26l%3D598_HTML%26u%3D1806538%26mid%3D534000930%26jb%3D17781&ul=en-us&de=UTF-8&dt=Paula%27s%20Choice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=453661712&gjid=2083164228&cid=1472568238.1668229185&tid=UA-152623676-1&_gid=1524458924.1668229185&_r=1&_slc=1&z=211366025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.paulaschoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 04:59:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://help.paulaschoice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 paulaschoicesupport.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ 417 B
909 B 201ms
200ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/paulaschoicesupport.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=web_widget/paulaschoicesupport.zendesk.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbad823b2d3f6c638997df33737a8770b56e7a4ff48e1e65b143f42243d8fb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 768cb334da64694c-SEA, 768cb334da64694c-SEA
x-runtime: 0.005465
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"bbad823b2d3f6c638997df33737a8770"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85U5DN4K4GSLGrTLlWKABMHrrG%2Bxd6J8KX3pt93IKzfXfm0aH5Rto9MDRkaInDWZIIgskg491CjR2aaRbjY7CFGqpfnBuyMzplkGO8s33HFkJqbJDnsnMVZ3PByFUgDZ7SI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 768cb334da64694c-FRA

GET
H2 200 pica.js
help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame CD12 20 KB
8 KB 28ms
28ms Other
application/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: help.paulaschoice.com
URL: https://help.paulaschoice.com/hc/en-us?p=GLOWDUO&utm_source=sfmc&utm_term=&utm_medium=email_trigger&utm_campaign=US_ACCOUNTCREATED&utm_id=71326&sfmc_id=32625039&sfmc_conv=1&j=71326&sfmc_sub=32625039&l=598_HTML&u=1806538&mid=534000930&jb=17781
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8218437fc3d105dd6c97712fe3eed91734ee37848dfb923b2d2352d3119c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MgFEci9O42NO5SPhfNMWfubKNn9%2Bv7dRzPQ%2Fgu2qdVv%2BvTttgXCx7V3yar%2BNZduVKfxeDCPIKTu5HHIXydbF6ThKBabyeeKfmfXrZ1p2C2hb5Zllf76clnURlfwm9oLE79p6qGhiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 768cb334ffc09176-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-152623676-1&cid=1472568238.1668229185&jid=453661712&gjid=2083164228&_gid=1524458924.1668229185&_u=IEBAAEAAAAAAACAAI~&z=4640975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.paulaschoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Nov 2022 04:59:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://help.paulaschoice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.js Show response
app.tombot.ai/shell/dist/ 1 MB
303 KB 188ms
188ms Script
application/javascript 52.52.252.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tombot.ai/shell/dist/app.js

Requested by

Host: app.tombot.ai
URL: https://app.tombot.ai/shell/widget/inject-sage.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.52.252.88 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.23.1 / Express

Resource Hash

0056c25d811fc32a232d45741888c08614b787c50504a17f6e83fef0a14cde8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 08 Nov 2022 07:23:26 GMT
server: nginx/1.23.1
x-powered-by: Express
etag: W/"1070a7-184561f59b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 web-widget-framework-3d118a1c2798bf0a2233.js Show response
static.zdassets.com/web_widget/latest/ Frame 86CA 151 KB
49 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=web_widget/paulaschoicesupport.zendesk.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105b453329e522f9faa0bf7215519311897b9162a38da61c75448cefb841663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: DGABZmS_HLmr0OkIATNtJHXvAYbWspsE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XX70QT06E4D6RW
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 3eg/uTEK8wHFx57XI1omdj4ivNxr6j61rgH1rqpLjgz3enS5vjpojquM+BkUFj9ZVhtMOoKPWsM=
last-modified: Thu, 03 Nov 2022 03:30:25 GMT
server: cloudflare
etag: W/"4e0ec768e1b5323b0c06d0cc3a5c9c2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ey9vQ4kE%2FNUOCzI4TrsbqQIQLjbqdeGkFQ%2FdyctLVHMcMtXteItNRqtHwx60wvG5Z1i8lfV7bmhqrQbg%2BLaqsbSFJwnsGai%2BWZYEY9NP2ZR0kgkhX5IgN%2FnBRKj4l54ykrZqBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb3362cb09c07-FRA
expires: Fri, 03 Nov 2023 03:30:23 GMT

POST
H2 200 768cb32e4e869176 Show response
help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame CD12 2 B
563 B 54ms
54ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/cv/result/768cb32e4e869176
Requested by: Host: help.paulaschoice.com
URL: https://help.paulaschoice.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668225600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768cb3371acf9176-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTH7Wcg%2F8icuWOKlUpMT85rXWy%2FYfSGzKhTxTvTw5BH%2FW5m8r%2FvfgJKZfJleJAVtfk9mH0RRix8LxZqvvpTUec5UyboacVSJfiADlqsX41eBMzXyTRGDnGn40kA1RqBsBumCvTCrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 config Show response
paulaschoicesupport.zendesk.com/embeddable/ Frame 86CA 833 B
1 KB 30ms
30ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paulaschoicesupport.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d37b69929a61392b4f124662ab5b1e0bcecfa826f33ac7666ce965c302a0b1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34
x-zendesk-origin-server: embeddable-app-server-796dfdcf7-f78zr
x-cached: MISS
x-request-id: 768cb2622ff49219-FRA
x-runtime: 0.001417
last-modified: Sat, 12 Nov 2022 04:59:11 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcqH%2FTmjbdw3tUmokQCvnykvvsOs5p5Bn4i%2FGwml%2B05sgxpVM3%2BOkQxpIkvh1nHZNHL43Zg4XH%2BsrBTaxF5nHbG1lu8tE1zSy73ith4s24z0nyeXbfCMnJTr8AzADeszGlKuMCJUX0XyLvXXzI9rrXw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 768cb33738c1bb61-FRA

GET
H2 200 web-widget-classic-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 86CA 13 KB
4 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3009b30d51d54d2f38352767edb81dff2d8cebb959a8113f2971a7cec854241d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: wz6a7iiHMeoOhXK5vZ7qzIQEBvhPmp5x
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XHQAA79HKX5JP0
age: 775091
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 64uxvCzXUYno7javZea2zX4CBHmirt+WlKxmoQFVihirNpapgog9xBfICtKyMYn07yTbiayB7BY=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"240f4301c065057931ce34a2ad6eafa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjHYe2w9UPePzkNMHGeV3%2BK7Hct49Gzcuc%2BG3%2FDuuv1NaB3xMST9II4%2FI72fNS6H%2FjPQCXvM9IwM%2BfBdIRc4dFM57BAKqaWktNFJReNMjOGmRQPmQ4FuNsLZliU6OHaxw6z9CLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb3377e8a9c07-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-8165-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 86CA 663 KB
190 KB 66ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: Ro8yaqRoD_ED3I6ZLseZpT754cZzZ9s2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQG1N9QZ77F72CG
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: siD1GB5YDO7WglSOE+XMBYHZneM6QfqjDYddSYDAyD81d+E4pKTxcKADc27v/14dRO2EDQTq0O4=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFqedLsHRqjcXftzNvoVsm%2Fk%2B1eZ0503lJJwk%2FybeNHs19dhHo4wkXb8Lb9l%2B8CY1JifrM8cBhCL3FgaSlXXflENuojJInkaJN1xlsQjeZXVB7vV9F36kCxdxqXI90AC9uB25mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb337cf1f9c07-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-5324-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 86CA 491 KB
108 KB 39ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59ea8d16def715d959d234bd4b6e301d965e714a368043765b198b76be96c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: SmCuQ7cpSlPaLvzm_2eFEkDHi0Xn0HqF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQQD3YCK0Q3NFZ0
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XghI8mxWpZxrbo5m1hZUYLkyieKJuECDTHw0stUwq3rot4auBSQunzZTiF2unV0kVDBLPfAO4h4=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"04170b70b619ed47f6e24aa6c907159f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Fpk%2F5FJCv2kpkT5oQV00G6TtYLPAVNwC%2BPvy7TGqoTgB1ptTO12d5p7JK7%2FmMIFngrb8BpvaqR3kBVuaxzVdwN7IviWjSRT3445VwYybu9abtyQCXtVfueCx4jMC%2Fn12eH4HWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb337cf209c07-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 embeddable_blip Show response
paulaschoicesupport.zendesk.com/ Frame 86CA 0
317 B 132ms
131ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paulaschoicesupport.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6Ijc2Yzk3ZjhiNjBiZjQ4MGM4YzI5M2FjOTQzYjU0OGU3Iiwic3VpZCI6IjFkYjkxZTY5OTAzYTRlOWVhMDg2YzhlNzhlODk5MzkwIiwidmVyc2lvbiI6IjgyNjJkODUiLCJ0aW1lc3RhbXAiOiIyMDIyLTExLTEyVDA0OjU5OjQ1LjM4NFoiLCJ1cmwiOiJodHRwczovL2hlbHAucGF1bGFzY2hvaWNlLmNvbS9oYy9lbi11cz9wPUdMT1dEVU8mdXRtX3NvdXJjZT1zZm1jJnV0bV90ZXJtPSZ1dG1fbWVkaXVtPWVtYWlsX3RyaWdnZXImdXRtX2NhbXBhaWduPVVTX0FDQ09VTlRDUkVBVEVEJnV0bV9pZD03MTMyNiZzZm1jX2lkPTMyNjI1MDM5JnNmbWNfY29udj0xJmo9NzEzMjYmc2ZtY19zdWI9MzI2MjUwMzkmbD01OThfSFRNTCZ1PTE4MDY1MzgmbWlkPTUzNDAwMDkzMCZqYj0xNzc4MSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Nov 2022 04:59:45 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6mPeCU2TVo2ZIJPMHvSAzfbjyKBrIoGfsRLGfN2PEOvl6k%2F6Ng%2BY8G9sOuIdtdrUeLpIZbgxQudzZrKr4JPYvey9lM0N77653%2BsLmzwJ56ceGUtIbF3hsuZqtYgpk5sP5sagaMSlC5u3lgtgNHlOHc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 768cb338baa1bb61-FRA
content-length: 0
x-request-id: 768cb338baa1bb61-IAD

GET
H2 200 de-de-json-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 86CA 27 KB
7 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: K6MXFhDGxd04ZLdVYGYriUFmHOXARvvN
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQJGJ2VF39S6HP8
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lSvsA/XcIsPqutTknvpV2pBceEg2XcCiFZSIbfh74v6Cnkc+ZU9IYyUdh9XQV7hcQon3/4CaBWk=
last-modified: Thu, 03 Nov 2022 03:33:09 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i17PhNpH6C3mnf%2BpSI1W8erbVUQKh5kIn%2BIff7H15JDXEfCcigmU%2F%2B%2FwNhhRbhhCfQDSsEDbRgoGYHpH%2F4x3erLJ6VKDB8m%2BjsNhYTHgYuYit30sQdxW1JFrZ8TKBC1ra5RDw4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb338b8b39c07-FRA
expires: Fri, 03 Nov 2023 03:33:08 GMT

GET
H2 200 Josh_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360886232973/ 4 KB
5 KB 263ms
259ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360886232973/Josh_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e27a49d5c59cc987e20be0f3e27fe41a7ba37b47cd9796a238758a9baeee642

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: Kcnsg7.Fbxpv3apHp3swXs9h9WcniQuG
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4300
last-modified: Thu, 10 Mar 2022 19:46:48 GMT
server: cloudflare
etag: "32720cde028bdce097c6d3cb23e0cda5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv%2BMOesfbri1eUnCchcv5jARR9z996L3Ps2pfxmQauI3CIjKvKIHtg6d5rKCbj31l0krsMcnHx5QODbxGaXiGu2cL8CVmaBPHEsvRbjnKpUADiAqao1aHlwiSIoPM8w0f8iSJzfC86eZE%2FU8R1ZMnzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d7868fd-FRA

GET
H2 200 Isabelle_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360887702734/ 4 KB
5 KB 247ms
243ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360887702734/Isabelle_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5bbb1c6f42645d377f4f240ac3accf0b713ba25e1eb3f76d8a8310deb2051a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: 8qNPjcjpEKcuPvT7r5UDbcS2F8rYtr1u
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4326
last-modified: Thu, 10 Mar 2022 19:46:49 GMT
server: cloudflare
etag: "28b0b16835f4e9011ae087fd69168f9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX6hhNvAX6rVf2ViPyVgZ9Padq0GmCQaNDJwvMfvbq2myAj1dLku5VeOLEXKspmXwHPVER0QnSnDY6TMcBJ%2FzNga3czLdbY9QKZKMfEPrqIwBJGw8DkxMxJNLzrEpqDy4unqyqXp6yZrN97Xgs7Fqmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d7a68fd-FRA

GET
H2 200 Holly_new.tif.jpg
paulaschoicesupport.zendesk.com/system/photos/361153426694/ 2 KB
3 KB 212ms
208ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/361153426694/Holly_new.tif.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970b6fc14765f135e44a6a632a7cdce0f65cb6629abeabcf9812454ad6028d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: NFJD6ZSdMLn2HpAR3KVaO_y00YJtEayr
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2188
last-modified: Thu, 10 Mar 2022 19:46:48 GMT
server: cloudflare
etag: "992fc1fc9967d7c3305c56c8496d7040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFJUwTeR3QR87%2BE1MFRuZ2Y7wJ%2B3WFFd8twcFuQcUw8E3imLet44%2FFRedhwS1ozb4U39yaRkdc90VGXHx42f9WMAtWCl6yMxcMBg%2F2tEKvKF8Ps2PCiLpSfqTvBH9saN2Q936v9GAobPW6NVV8Wljck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d7c68fd-FRA

GET
H2 200 Patty_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360887720674/ 4 KB
5 KB 263ms
260ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360887720674/Patty_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc49db6d59b15fbefc1183f7298a0d4573875b77b1b11969bc0f4d01c6d341d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: .p8AK245N_KvTn07Ht5wQfcIft4EQMZa
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4338
last-modified: Thu, 10 Mar 2022 19:46:48 GMT
server: cloudflare
etag: "8e978a7e2eece8d67d95cb5c022755e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml9LzNAOJGA29QAp280j%2F4jSqV1r2h7L79sdOrLgGfZEa89Y6Y9J5MCM94QKfhkzSMEDAdM2iTN5NsKDGNOt1Qd2qC%2B2EkWEt3AkLcqvnB7HGkb4CTtpKV2zDaDWywuQKIGiFFmXFvxXYHhi91z2y78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d7e68fd-FRA

GET
H2 200 Alison_new.tif.jpg
paulaschoicesupport.zendesk.com/system/photos/361153391134/ 2 KB
3 KB 269ms
265ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/361153391134/Alison_new.tif.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a0570b4186213f96d2064d6f6ec649fab3537902d5a7808ca747ffc76c9de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: 7SMKUZQfbae9aUUGHfP8aCwBPtayvQpD
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2319
last-modified: Thu, 10 Mar 2022 19:46:48 GMT
server: cloudflare
etag: "bb401f1c824b44317083d3563eb0e67d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTlBHN3bokU5yAaSxO1h%2BGJfdiwyHy3JWoN2OGEOe4FeabjlqJQlCiv3WwOR0WldddyWmGk1pGwJHXL1V4NimdBP1PAyXycDqvxmNfeqhriIszih29r4fj5JQKlQkVvIdMuff6Wcd7kwI0bQBTQHp%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d7f68fd-FRA

GET
H2 200 Vania_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360887733234/ 5 KB
5 KB 213ms
210ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360887733234/Vania_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d88643bf1181b9bacefba8fc8b5eb0313279f27e146af967312047c85427989

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: IYugBdLAgp2HD4oAwP9NI1IwK6a.0y5M
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4627
last-modified: Thu, 10 Mar 2022 19:46:49 GMT
server: cloudflare
etag: "53e460cbc76796cbeadd9b39930250da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03F79z3MTOzdtWinJ9TiqAZZyaHEwqqE%2BU9deW67GhzkdP0yvkd9o2QfKcQk6hCEht3CoE6MtwY%2BBV5nLAlzMnxikOMRw6Cp%2B3d4MeftPJjS5HfMsskMjDd8%2BbvmaYPbfAwOEZPL56gNjKZzO7YVucs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d8168fd-FRA

GET
H2 200 David_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360887032553/ 4 KB
5 KB 243ms
240ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360887032553/David_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2607900db976ae1fe5387e49d34046e9f688007fef21c3ddf4fc90bba2d37066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: 32BT222AqBEq1XTLVFNT7T.Ke1B_Vk0c
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4412
last-modified: Thu, 10 Mar 2022 19:46:49 GMT
server: cloudflare
etag: "b727a1074f76fb220baa97e5be5f95fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LnGIixSeC2nX4EfxYl9RxGnmwVM4s4RZtebbw3cNyYvXPRMoxqstZGId%2BaP%2FgENrBlGOKK9brvrFaxLZnxv6F9MwWhY4A9my63bAe6HxIebh1MqMEfAoGOKuRekIprSwkkkMEYYXJFGnqktfUz%2Frp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d8268fd-FRA

GET
H2 200 Destiny_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/360886118693/ 4 KB
4 KB 254ms
251ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/360886118693/Destiny_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ecc1d041e8c73de7d6a4c52ce6f4248946b402999ae7e38427b820bd0aa0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: kQIYZd96eAsECXMZHxpL4bxo4Y0sbHgf
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 4078
last-modified: Thu, 10 Mar 2022 19:46:49 GMT
server: cloudflare
etag: "1cb2a226fa18a75a0ecb08e894cc578e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuegJhaVNzPCIsT3Zf819Sz61sLHaiftFoxK%2Bytqm9cmn8sJWUjrS1Yw7mufg9X3oHVGDZ%2BwaNtqKhUrTD5rtVQA7%2BV8VcYIWAZb1qW4d8M8T6nYi8T%2BFgnDFhnDE1GO4Gv6E00P27yxBBJQl5%2FD%2Fqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d8368fd-FRA

GET
H2 200 Lexi.tif.jpg
paulaschoicesupport.zendesk.com/system/photos/361153396374/ 2 KB
2 KB 228ms
225ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/361153396374/Lexi.tif.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8034660159814ec4e51a39b92c5dcaf9c81e14b41d43147daa1cd9729a1e1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: apC9Fl9Q9emjL9ERAc5cK9bKTd2mdFEf
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2053
last-modified: Thu, 10 Mar 2022 19:46:49 GMT
server: cloudflare
etag: "8f9add13e4a37e1f0ccd9090340b306c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y2gbMwQK2I23GbB518z1%2FTZSG7wtOZfp5TICMQN5nQkNutxtiuC%2BLLNaozzliIeZk3F4srxjrat82zYnapDBCWlSpBzmTULanGLihDCpLylpLNZU%2Bpc3KykBOexAt3Tx23HVJGo4Q6HFBiKAN3feQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d8468fd-FRA

GET
H2 200 ThuyVi_BW_JPG.jpg
paulaschoicesupport.zendesk.com/system/photos/1500677547001/ 5 KB
6 KB 213ms
211ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/1500677547001/ThuyVi_BW_JPG.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ce9808c96761af8a84c8dcbdf4d0e625d926eec7f55a7831caaaf95cc7912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: zlFB6kbWj.QSl8mGKBbfI9JEtkay2Y7l
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 5509
last-modified: Wed, 14 Jul 2021 14:31:25 GMT
server: cloudflare
etag: "8ff45acbbffdf13fcd4794d88ea8a62e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esfYBoZDKx0zK3GS7Rl2Ca4gSvsb3Z61hoIyW0AAo9VyRPoMQN1EVHq5cwRiZNC4pYQTgrZ%2FL1ds1lzXYjbkf62wqfBebruexwVesU1eZ60LMVAn%2BUgZZZmIkon%2F8evFuvrgDYy4Q2SuA9FWrKsHwIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a0d8568fd-FRA

GET
H2 200 Kim.jpg
paulaschoicesupport.zendesk.com/system/photos/1501267600482/ 2 KB
3 KB 228ms
226ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/1501267600482/Kim.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01f18644448daddb9eac13735670c0db2498879d7022020f464085fee0760cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: .wakm4G3SYWMPdZk7kY8gsO.GRf1YAGk
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2359
last-modified: Thu, 20 Jan 2022 20:49:55 GMT
server: cloudflare
etag: "aa499800627a246f8c1de9abd7d4b420"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU0LykL7HODVzhcssQ0E%2FO%2FuJmVmI%2BvBYEyKE1Zx6kJO%2BJDZaY16zBckQUgKdis7iAAIxAGQUh2gz715rzLrR%2BrcklVX7Bx023uoET0Flf%2B8m03dC2PMCZFspJFPD9FyStYK0ln3rpeJylw9kLv09c8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a2db668fd-FRA

GET
H2 200 Lydia.jpg
paulaschoicesupport.zendesk.com/system/photos/1501267604082/ 2 KB
3 KB 231ms
229ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/1501267604082/Lydia.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2d60039d93c0a445534a73f84fd228ff6defb70e8aedaf805c7059f30025dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: 8gZ_VZws7VqYn6S9t0ZEpaj9.en056xM
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2425
last-modified: Thu, 20 Jan 2022 20:51:37 GMT
server: cloudflare
etag: "42ec05e191aaedc1bcb773c81a5eefe7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BqsxygFFvXlF0%2BvACiG3%2FwWFZ0TzCjl0N3uisplgq14J0GehwRp8VgTK5nM4E5GAAnK8tSzCRYpd%2FMnJp%2BSAV2MQ27m4iOyRxn0FMv9n1HaxkG0BvtI11rZSMiIIzD08zsuMwtxwZ4YjqierJc4I3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a2db768fd-FRA

GET
H2 200 Katelyn.jpg
paulaschoicesupport.zendesk.com/system/photos/8818619571475/ 2 KB
3 KB 234ms
233ms Image
image/jpeg 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulaschoicesupport.zendesk.com/system/photos/8818619571475/Katelyn.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6201c2aaaa0495febd4f09015434a8de5b7c007ed7d69b9fc7bfd5ff2e247bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: AZwUGYIryoatSZFQpb9nyX7_thCn.fEw
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
content-length: 2183
last-modified: Fri, 19 Aug 2022 20:30:11 GMT
server: cloudflare
etag: "f85af24b694021ede5b01c92be8ca414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtpuOdAnxeFymXCQs%2F%2BuPte0cEn1KeT42pIxSIK1uddgv%2Bcm5X%2FeLerqrVvIlybc%2FpaJGTp87BCzna8GEgnmx1LSuHRt84%2BtcJvBoqSeTqkVcrWswtu6xH%2Bh38zlSxr6tqSu1N4XacVwrb7p9FAorro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-robots-tag: none, noarchive
cf-ray: 768cb33a2db868fd-FRA

GET
H2 200 en-us-json-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 86CA 25 KB
6 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e4c3b6896b0a02d7f59fec061ad80600f4487a0003effb51ac476ab964f0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: 8FQPvulK6DzUBNxir5aUMEE.5IR3EWZT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQQGDDT7E7FYZWY
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w4ytidK74XcIeGjL1612pO4Fnvhulh6UPJuOY4plw2iw1awZ3mS3CJUMuef6yJ39+r8697Zpssk=
last-modified: Thu, 03 Nov 2022 03:33:10 GMT
server: cloudflare
etag: W/"10d9a30eac6ed106c66673278428cd9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eslFMi8Oa7yMT9xunlymfHxv2igFqtU9QipcPTXFIg%2BZWdytgQqJmkwH7Pdt06eLXDT0mnBQQv626fbWhwB8v3%2BJN%2F8ThUlWgmzwl11IOUIYFWuP9Ewfv2n8SRs8X6G0LlC4U%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb33a7b379c07-FRA
expires: Fri, 03 Nov 2023 03:33:09 GMT

GET
H2 200 web-widget-chat-sdk-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 86CA 202 KB
51 KB 37ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
x-amz-version-id: sayXs7zOVVM6rMl6ls8GCrOd3aQu0RSc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQSQ50NHBNZ6MTM
age: 775090
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: EpOUXHv+brTTbTgLxu5EMeQND9CxJRGW2BvT9Kc4H/JndCo7Ldm54t68OQPfj2ITyPY7u+KDC8SbO9c0m4jNfw==
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByVkqC6wbHJDPgGdADmNJzgBAgcM%2Bof%2BUY1K3eZ2QE7gL%2B6HVgnE6U%2FJxdwSoGV3MVglGtCWYn%2FjXmsFjmtLNhu3Golr5VdXdBFeJChkWM8s8L3EAkjKjMqqDvQGDVngrX%2BGOM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 768cb33a7b3b9c07-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 embeddable_blip
paulaschoicesupport.zendesk.com/ Frame 86CA 0
0 129ms
129ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paulaschoicesupport.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjk3NCwiY29uZmlnTG9hZFRpbWUiOjMzfSwiYnVpZCI6Ijc2Yzk3ZjhiNjBiZjQ4MGM4YzI5M2FjOTQzYjU0OGU3Iiwic3VpZCI6IjFkYjkxZTY5OTAzYTRlOWVhMDg2YzhlNzhlODk5MzkwIiwidmVyc2lvbiI6IjgyNjJkODUiLCJ0aW1lc3RhbXAiOiIyMDIyLTExLTEyVDA0OjU5OjQ1LjY4N1oiLCJ1cmwiOiJodHRwczovL2hlbHAucGF1bGFzY2hvaWNlLmNvbS9oYy9lbi11cz9wPUdMT1dEVU8mdXRtX3NvdXJjZT1zZm1jJnV0bV90ZXJtPSZ1dG1fbWVkaXVtPWVtYWlsX3RyaWdnZXImdXRtX2NhbXBhaWduPVVTX0FDQ09VTlRDUkVBVEVEJnV0bV9pZD03MTMyNiZzZm1jX2lkPTMyNjI1MDM5JnNmbWNfY29udj0xJmo9NzEzMjYmc2ZtY19zdWI9MzI2MjUwMzkmbD01OThfSFRNTCZ1PTE4MDY1MzgmbWlkPTUzNDAwMDkzMCZqYj0xNzc4MSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 04:59:45 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Nov 2022 04:59:45 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZUnzwV58dQVdLWHKjp2ZhfwaM2x85jSUYTuh7VwitVnIBU4OnnfzaUMxiCoPyy9dAZfTRl0%2FNEz0r9W1WHxVcfJp8ocqHY%2FF6waKG%2FyJW2VPLquT9yeeFcO9hqf4eDoeRSTH6NESecPkeTt1%2FWWnUI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 768cb33a9dd3bb61-FRA
content-length: 0
x-request-id: 768cb33a9dd3bb61-IAD

GET
H2 200 css
fonts.googleapis.com/ 1003 B
922 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.paulaschoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Nov 2022 04:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 03:29:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Nov 2022 04:59:45 GMT

POST
H2 200 initialize-session Show response
app.tombot.ai/api/ 969 B
1 KB 579ms
221ms XHR
text/html 52.52.252.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tombot.ai/api/initialize-session

Requested by

Host: app.tombot.ai
URL: https://app.tombot.ai/shell/dist/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.52.252.88 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.23.1 / Express

Resource Hash

dfdb3d7c7032b39b30da76569f126a61bb3eca24973e43dfdbce7011faaf4b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://help.paulaschoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 12 Nov 2022 04:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.23.1
x-powered-by: Express
etag: W/"3c9-Pcq2Wn5dJT3PePHavfDil67f0Gk"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-length: 969

GET
H2 200 get-initial-text Show response
app.tombot.ai/api/ 135 B
701 B 563ms
206ms XHR
text/html 52.52.252.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tombot.ai/api/get-initial-text?path=/hc/en-us&accountId=5fbc4b76e08bcf001998b069&lang=en

Requested by

Host: app.tombot.ai
URL: https://app.tombot.ai/shell/dist/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.52.252.88 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS