URL: https://www.paintedearthskincare.com/
Submission: On November 25 via api from CA — Scanned from CA

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 103 HTTP transactions. The main IP is 172.66.0.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.paintedearthskincare.com.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.
This is the only time www.paintedearthskincare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 66 172.66.0.114 13335 (CLOUDFLAR...)
2 142.251.179.95 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 142.251.16.97 15169 (GOOGLE)
1 142.250.31.139 15169 (GOOGLE)
1 13.226.94.78 16509 (AMAZON-02)
5 192.229.210.155 15133 (EDGECAST)
1 52.216.49.24 16509 (AMAZON-02)
1 104.16.79.73 13335 (CLOUDFLAR...)
5 142.251.16.102 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 23.49.183.223 16625 (AKAMAI-AS)
2 31.13.66.35 32934 (FACEBOOK)
1 151.101.3.1 54113 (FASTLY)
6 151.101.67.1 54113 (FASTLY)
6 13.226.94.47 16509 (AMAZON-02)
1 34.96.122.219 396982 (GOOGLE-CL...)
1 44.215.147.229 14618 (AMAZON-AES)
103 18
Apex Domain
Subdomains
Transfer
66 paintedearthskincare.com
www.paintedearthskincare.com
1 MB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3003
t.paypal.com — Cisco Umbrella Rank: 3701
158 KB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 18607
gallery.mailchimp.com — Cisco Umbrella Rank: 15198
86 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
71 KB
2 dynatrace.com
js-cdn.dynatrace.com — Cisco Umbrella Rank: 4198
bf64226adg.bf.dynatrace.com — Cisco Umbrella Rank: 93077
89 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
55 KB
1 list-manage.com
mc.us6.list-manage.com — Cisco Umbrella Rank: 175196
9 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 amazonaws.com
s3.amazonaws.com
225 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3827
70 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
76 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
103 15
Domain Requested by
66 www.paintedearthskincare.com 1 redirects www.paintedearthskincare.com
js-cdn.dynatrace.com
6 downloads.mailchimp.com s3.amazonaws.com
5 www.google-analytics.com www.googletagmanager.com
js-cdn.dynatrace.com
5 www.paypal.com www.paintedearthskincare.com
www.paypal.com
js-cdn.dynatrace.com
4 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 t.paypal.com www.paintedearthskincare.com
2 www.facebook.com www.paintedearthskincare.com
2 connect.facebook.net www.paintedearthskincare.com
connect.facebook.net
2 ajax.googleapis.com www.paintedearthskincare.com
1 bf64226adg.bf.dynatrace.com js-cdn.dynatrace.com
1 gallery.mailchimp.com www.paintedearthskincare.com
1 mc.us6.list-manage.com s3.amazonaws.com
1 static.cloudflareinsights.com www.paintedearthskincare.com
1 s3.amazonaws.com www.paintedearthskincare.com
1 js-cdn.dynatrace.com www.paintedearthskincare.com
1 www.googleoptimize.com www.paintedearthskincare.com
1 www.googletagmanager.com www.paintedearthskincare.com
1 code.jquery.com www.paintedearthskincare.com
103 18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
instagram.com
www.volusion.com
Subject Issuer Validity Valid
paintedearthskincare.com
WE1
2024-11-05 -
2025-02-03
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
js-cdn.dynatrace.com
Amazon RSA 2048 M02
2024-01-03 -
2025-01-31
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-06-13 -
2025-06-12
a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2024-09-18 -
2025-09-16
a year crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-03 -
2024-12-02
3 months crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2024-08-26 -
2025-08-25
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-06-21 -
2025-06-20
a year crt.sh
downloads.mailchimp.com
Amazon RSA 2048 M03
2024-06-24 -
2025-07-22
a year crt.sh
gallery.mailchimp.com
WR3
2024-11-02 -
2025-01-31
3 months crt.sh
*.bf.dynatrace.com
Amazon RSA 2048 M02
2024-11-18 -
2025-12-16
a year crt.sh

This page contains 8 frames:

Primary Page: https://www.paintedearthskincare.com/
Frame ID: E10BA10435A0F4B8A8C0EF90C01EA73C
Requests: 91 HTTP requests in this frame

Frame: https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: E943264896C102B8A48793989E2C0B4D
Requests: 2 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zbnppqsblqqeuqkisuesqvxaegutly&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWVEV0ZzNVJGSDMzcEIzc2t1UDFNNTdqVFdnTUhTdUtGTXhKdGtNZGRwWXNSN1NTRUJhbmZxSTFSTjdMbFJhUV9KbWp4YjgtTF8xZGJJSlcmbWVyY2hhbnQtaWQ9VlVZVEtGWlpFQjZCRSZjdXJyZW5jeT1VU0QmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJmRpc2FibGUtZnVuZGluZz1jYXJkJmNvbXBvbmVudHM9YnV0dG9ucyxtZXNzYWdlcyxob3N0ZWQtZmllbGRzJmVuYWJsZS1mdW5kaW5nPXZlbm1vLHBheWxhdGVyIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfemJucHBxc2JscXFldXFraXN1ZXNxdnhhZWd1dGx5In19&env=production&scriptUID=uid_zbnppqsblqqeuqkisuesqvxaegutly&version=1.65.2&integrationType=SDK
Frame ID: 1C808B1724C4C67AF5B74C943FDDFD01
Requests: 1 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: E154CCE74C598E8DAF9D9D53F815C2D7
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: A0163E0F8427893452FFBC487B88335A
Requests: 3 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/store-cash-lite/index.html
Frame ID: EC9CBFF497D676AFF59BBD247E63D4F9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/promotions/index.html
Frame ID: D088A2823DB7EE159739A2CA97E1B392
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: DBF640F99865E4E94899BB3A0587FD3C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Painted Earth Skin Care Store

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]*/vspfiles/
  • /volusion\.js(?:\?([\d.]*))?

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

103
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

18
IPs

2
Countries

2139 kB
Transfer

4159 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

103 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.paintedearthskincare.com/
97 KB
19 KB
Document
General
Full URL
https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
f1149e7d0e98b03039bf0074c38010a49c2893cae227b9820fee4a97d8ddc2d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8e7fff455af9ab39-YYZ
content-encoding
br
content-type
text/html; Charset=UTF-8
date
Mon, 25 Nov 2024 07:41:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-powered-by
Volusion
x-xss-protection
1; mode=block
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/themes/base/
34 KB
6 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/themes/base/jquery-ui.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f95.1e100.net
Software
sffe /
Resource Hash
16869435503592c76ba1f3991daffec46cb0b9f713f02bebaca356a8db63019a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
age
334634
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 10:44:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 10:44:21 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5913
x-xss-protection
0
server
sffe
default.css
www.paintedearthskincare.com/a/c/
1 KB
518 B
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/c/default.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
6e8e658b4f356ad02a636d20805dc0e5072affc656eaaf224ca04c67094ec19d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66f6218fc72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0cedab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
jquery-3.7.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-155ed"
age
1700645
x-cache
HIT, HIT
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
105094, 62297
x-served-by
cache-lga21978-LGA, cache-yyz4532-YYZ
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732520496.777829,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30336
server
nginx
jquery-migrate-merged.js
www.paintedearthskincare.com/a/j/
47 KB
15 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/jquery-migrate-merged.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
11befc7786638fc1ebe5a5b24405a0355f48f0ae607d07088be637d7594bc17c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"2fc94d96c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0cefab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/
190 KB
49 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/jquery-ui.min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f95.1e100.net
Software
sffe /
Resource Hash
6a700bb2a9bebc84a5ec198bfade1559fa6ce736ccdc015f463fa90468592cd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
age
313572
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 16:35:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:35:23 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
50116
x-xss-protection
0
server
sffe
volusion.js
www.paintedearthskincare.com/a/j/
1 KB
471 B
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/volusion.js?7.227.0
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
36be86cc09358061168a149c711bf3bfb1df1b6300a3267ec905aad2a4c77fde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"a8507696c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0cf1ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
content.css
www.paintedearthskincare.com/a/contentbuilder/assets/default/
32 KB
5 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/contentbuilder/assets/default/content.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
90f84788420523bd920c13a28709334613be3b406dbf31b2c4ed0ff0cbb74dad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"d29cb90c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0ceeab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
paypal-rest-default-buttons.js
www.paintedearthskincare.com/a/j/
570 B
315 B
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/paypal-rest-default-buttons.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
77f9abe5b2c4ec02ca8811166ca6a84d4601d762cb500b5cab914f02ecc0524c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"87525796c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0cf2ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
soft_add.js
www.paintedearthskincare.com/a/j/
40 KB
9 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/soft_add.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
f03502452aa5d504fe7ab95ee1ee5d9f29a097ec85ca4fc5f043cbff03436fac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2446896c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a0cf3ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
soft_add_mult.js
www.paintedearthskincare.com/a/j/
2 KB
679 B
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/soft_add_mult.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
69853df007a78a5525fcc07ae01f9ea7422a8d70a7af5d322a85d9acab8bf4ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2446896c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a1cf7ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
soft_add.css
www.paintedearthskincare.com/a/c/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/c/soft_add.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
5948b4e0165dca45a96f5204495bb04563f3d457995f4c05d4d19c551f5ba39e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"d443308fc72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a1cf4ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
javascripts.js
www.paintedearthskincare.com/a/j/
28 KB
8 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/javascripts.js?6_5_7.227.0
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
5ab3c1b1af74e40cc038400407a765ad663cea49c1258fa57cf0fd5ce000c8b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"8aa14696c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a1cf9ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
js
www.googletagmanager.com/gtag/
210 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1399167-37
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
66ebeded87c9b586c7dc141806818a3d7c8f3882b4391ba47ac0b02af4aa1291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 07:41:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77403
x-xss-protection
0
server
Google Tag Manager
optimize.js
www.googleoptimize.com/
196 KB
70 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WDZXWGG
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f139.1e100.net
Software
Google Tag Manager /
Resource Hash
d7e07e7cbbe28ef37686fff25c25334f906bc4a072a7db3a35afae405293ad4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1169:0"}],}
expires
Mon, 25 Nov 2024 07:41:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1169:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71458
x-xss-protection
0
server
Google Tag Manager
f2c8c7e93216e073_complete.js
js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/
230 KB
87 KB
Script
General
Full URL
https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-78.jfk52.r.cloudfront.net
Software
/
Resource Hash
a38437a7a20dd66be71640acbd9fbbf45635cf5935ff3011ac7212fdb5146e83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

dynatrace-response-id
WYJGENI622SR
content-encoding
gzip
age
1839
expires
Mon, 25 Nov 2024 08:10:56 GMT
x-oneagent-js-injection
true
x-cache
Hit from cloudfront
x-amz-cf-id
arBTEVz_1-_DgAn3lhMK2bwlAVchsRDnjd_UvrRrqwCQtal3VyI1TA==
date
Mon, 25 Nov 2024 07:10:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
dynatrace-response-source
Cluster
traffic-source
UNKNOWN
via
1.1 1d09c1b75a19bca5156cd91feff6b48c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P10
js
www.paypal.com/sdk/
535 KB
150 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AeDWFs5RFH33pB3skuP1M57jTWgMHSuKFMxJtkMddpYsR7SSEBanfqI1RN7LlRaQ_Jmjxb8-L_1dbIJW&merchant-id=VUYTKFZZEB6BE&currency=USD&commit=false&intent=capture&disable-funding=card&components=buttons,messages,hosted-fields&enable-funding=venmo,paylater
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D52) /
Resource Hash
40bfcd156536dcb3949ae6bc1b9615a1c4cc797529d279346207530a050faa4c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-1o5tKbYvfadp8A7tj4uOf2pKEoiEg8PRVEgbqXHNyNbYe6rd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-1o5tKbYvfadp8A7tj4uOf2pKEoiEg8PRVEgbqXHNyNbYe6rd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
08874aa109a8a
content-encoding
gzip
etag
W/"24fff-+8qO/jFNogBazTU+y9veG6MGwFI"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-000000000000000000008874aa109a8a-0b358c35d49e8529-01
server-timing
traceparent;desc="00-000000000000000000008874aa109a8a-023d3e883cdd76e7-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-1o5tKbYvfadp8A7tj4uOf2pKEoiEg8PRVEgbqXHNyNbYe6rd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-1o5tKbYvfadp8A7tj4uOf2pKEoiEg8PRVEgbqXHNyNbYe6rd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin
*
content-length
151551
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D52)
main.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/main.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
fd3a1f11797b072b594843ec61de60740bec9bb67ca4f1dcb85e196f9aa3ca0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3296627861f3cf1:0"
cf-bgj
minify
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=148203
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a2d0dab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
imports.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
72 B
169 B
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
e7b7e4dae55392650c81fb2ffa31239f58a4d2bf82f0469635d7085f5b2d4b37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3296627861f3cf1:0"
cf-bgj
minify
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=84
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d16ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
component.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/push-menu/
2 KB
798 B
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/push-menu/component.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
4e54473cd6fa072f4f7928d368787459f8098494cbdf9bb1b83e790d32c53b4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3296627861f3cf1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d17ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
homepage.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
2 KB
617 B
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/homepage.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
af974fbb54aaae81bc3eb5422caa97f5b91198e34924be8a845abf855eccf192
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3296627861f3cf1:0"
cf-bgj
minify
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=2822
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d18ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
design-toolkit_min.js
www.paintedearthskincare.com/v/vspfiles/templates/253/js/
7 KB
2 KB
Script
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/js/design-toolkit_min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
e242b4149924ae5bf22b5e6ef39b93bb6ca909c3b1f3d7c76cc666b4f3b25e42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"52d07c7861f3cf1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d1bab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
embed.js
s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/
225 KB
225 KB
Script
General
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.49.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3c329793a287091ec808c0bf484203f8d3269754511c99bc771779511a8d79ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

x-amz-id-2
fLIbEw5/VVoM8d0h0ie9B4m7RkHRpCSAbBO0jN5xUSyoy54PZTK+FiLP1zIIINGiOsv80sPqkmk=
ETag
"a4d9d8cf435be0699c83055c93229407"
x-amz-request-id
Z6TX4Q8HCKZ3F92M
Accept-Ranges
bytes
Content-Length
229975
Date
Mon, 25 Nov 2024 07:41:36 GMT
Last-Modified
Tue, 27 Aug 2024 23:38:22 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
vnav.css
www.paintedearthskincare.com/a/c/
1 KB
467 B
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/c/vnav.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
b456d1f6bc100d67b8913f8228a6f903029fea1b2d1ccf4dcdede6edd9535c2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"8b8358fc72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d19ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
vnav.js
www.paintedearthskincare.com/a/j/
12 KB
4 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/vnav.js?1
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
06a07d347f7a9480ab5c34ed716d232c207ee3bf3362a757ae518b0cf2ab7086
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"a8507696c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d1cab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
search-bg.png
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
378 B
506 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/search-bg.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
ab6237703c70ca1255a467b5c45d00a0306393f2ec1f544933b9571e88e02015
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"f26d7a7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=399
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d23ab39-YYZ
accept-ranges
bytes
content-length
378
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
icon-star.jpg
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
490 B
599 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/icon-star.jpg
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
f0960af5750248e9aed431935a56341d58bb3f2fc605019ebc283d21b33e8c81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"92b787861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=1293
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/jpeg
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d25ab39-YYZ
accept-ranges
bytes
content-length
490
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
icon-cart.jpg
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
591 B
823 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/icon-cart.jpg
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
27dcdd3103baf93156df6210d16a0f11973117067bcd4694bc80508ff7e8d999
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"92b787861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=1391
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/jpeg
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d26ab39-YYZ
accept-ranges
bytes
content-length
591
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
clear1x1.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/
43 B
128 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/clear1x1.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"52bd697861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d27ab39-YYZ
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
owl.carousel.css
www.paintedearthskincare.com/a/j/slider/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/j/slider/owl.carousel.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
3770d8e814f0c29bbc745ea845fd8eb614f404e797c5833479116d17b5a7ad6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"65ae7597c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d1eab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
volusion-owl.css
www.paintedearthskincare.com/a/j/slider/
57 KB
5 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/j/slider/volusion-owl.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
8013c0d20eea098bdae6987d44b1818822ac2ecefed0cc662eae5493e5b17e97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"20317a97c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d1fab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
owl.carousel.js
www.paintedearthskincare.com/a/j/slider/
87 KB
20 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/slider/owl.carousel.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
5a1271c842095ed7ec27fa5caed7d5584c905f9c31ddc8b1065d49813c6fdf3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"27cf7797c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d20ab39-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
FeaturedProducts.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/
5 KB
5 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/FeaturedProducts.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
70abb026739d27832cf52fa63d0cd9841fb9ac8300dfec556e8ae318b208c6af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"72e4707861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=5227
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d21ab39-YYZ
accept-ranges
bytes
content-length
5219
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
3006S-1.jpg
www.paintedearthskincare.com/v/vspfiles/photos/
11 KB
11 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/photos/3006S-1.jpg?v-cache=1707480696
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
40ffe0c57a316204c92e2b4df0da49840b9ff2e283d1c7924204ea546332014b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"24336e2e945bda1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=12865
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/jpeg
last-modified
Fri, 09 Feb 2024 20:11:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a3d22ab39-YYZ
accept-ranges
bytes
content-length
11158
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
3001EO-1.jpg
www.paintedearthskincare.com/v/vspfiles/photos/
6 KB
6 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/photos/3001EO-1.jpg?v-cache=1447960105
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
1643db58c5b1395e87f840e6edd98bd648d5f1d3fb6a3024a2f6367cc0bdd00a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"ef3fafb74023d11:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=7460
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/jpeg
last-modified
Fri, 20 Nov 2015 03:08:23 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a4d28ab39-YYZ
accept-ranges
bytes
content-length
6426
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
1201W-1.jpg
www.paintedearthskincare.com/v/vspfiles/photos/
6 KB
6 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/photos/1201W-1.jpg?v-cache=1453400401
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
a70895d3dd7830c1a053b00aff06431559dba78bba2d593bd7f134e621dd7c10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"5d12ba65bb54d11:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=7133
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/jpeg
last-modified
Fri, 22 Jan 2016 02:20:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a4d29ab39-YYZ
accept-ranges
bytes
content-length
6088
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
star5.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/
2 KB
2 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/star5.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
3570d64fe001a57491a977cf8b6a48597a1c53290fe2a3f42f8d4c9315528cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"92b787861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a4d2aab39-YYZ
accept-ranges
bytes
content-length
1924
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
FBox_Border_Bottom.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/
1 KB
1 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/FBox_Border_Bottom.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
7166fe14a59116d3d845f1e42f65df5b8cc4f54d78f8ba3c4d4d512ba81082a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"72e4707861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=1919
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a5a9a36a0-YYZ
accept-ranges
bytes
content-length
1129
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
facebook.png
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
668 B
1016 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/facebook.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
2a9bcef7a4c59ad7d0b35d1b0ebf65fbfeb8eceea6b73f55499a6d396e53f40d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"92b787861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=716
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6a9c36a0-YYZ
accept-ranges
bytes
content-length
668
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
twitter.png
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
729 B
1 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/twitter.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
32728f119be1ebcf725b6e9780d313e48086d94ce84adc75eb79de3751a9fff9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"f26d7a7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=740
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6a9d36a0-YYZ
accept-ranges
bytes
content-length
729
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
pinterest.png
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
483 B
832 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/pinterest.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
068a3c08349836c312187ea8c37cb5b491abebd11b1540c5bbfbdda9a48b118c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"f26d7a7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=498
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6a9e36a0-YYZ
accept-ranges
bytes
content-length
483
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
paintedinsta.png
www.paintedearthskincare.com/v/
688 B
1 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/paintedinsta.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
7d3ff4f0682321fd931041a9ee1e0bf60c8b183d4c89163d0910bc66f75b1430
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"7765ac69f393d01:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=859
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Thu, 21 May 2015 18:24:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6a9f36a0-YYZ
accept-ranges
bytes
content-length
688
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
vsecure.png
www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/
4 KB
5 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/template/vsecure.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
4c5d7de05c1bb57ccfee71035b2ad900f0eef99f3ba238daf9665311ebf644f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"f26d7a7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=7482
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
image/png
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6aa036a0-YYZ
accept-ranges
bytes
content-length
4340
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
email-decode.min.js
www.paintedearthskincare.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
872 B
Script
General
Full URL
https://www.paintedearthskincare.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673dd3d6-4d7"
x-content-type-options
nosniff
cf-ray
8e7fff4a6aa136a0-YYZ
expires
Wed, 27 Nov 2024 07:41:35 GMT
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 12:19:34 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
jquery-1.11.1.min.js
www.paintedearthskincare.com/v/vspfiles/templates/253/js/
94 KB
34 KB
Script
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/js/jquery-1.11.1.min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"52d07c7861f3cf1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6aa236a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
bootstrap.min.js
www.paintedearthskincare.com/v/vspfiles/templates/253/js/
29 KB
8 KB
Script
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/js/bootstrap.min.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
60681750effde3e864f99408541fd324f29f9faf93230fcce7653ec6b76a1ffb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"52d07c7861f3cf1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6aa336a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
classie.js
www.paintedearthskincare.com/v/vspfiles/templates/253/js/push-menu/
1 KB
773 B
Script
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/js/push-menu/classie.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
d0d0e8d8b1307641f0374b8a22dff4034d5d25ac36505331dbb2236d7e687fa5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"52d07c7861f3cf1:0"
cf-bgj
minify
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
cf-polished
origSize=1656
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a6aa436a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
class-name-watcher.js
www.paintedearthskincare.com/a/j/
1 KB
703 B
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/class-name-watcher.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
d97b31435eb82982caeb22292a31a521c1c8f8690c849d8a7540bd225902a362
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"36d83f96c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a7aad36a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
paypal-push-cart.js
www.paintedearthskincare.com/a/j/
10 KB
3 KB
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/paypal-push-cart.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
dd3db65c2cae7f4cd265b2f175807436dee012a4f1af5fa22e16ffa5b31b7cf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"87525796c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a7aae36a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
push-cart.js
www.paintedearthskincare.com/a/j/
2 KB
996 B
Script
General
Full URL
https://www.paintedearthskincare.com/a/j/push-cart.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
f4cc8a0b9798ca8ff981e12bd05996952b13cefa7462769b4b31350493e1024c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"92db6096c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:35 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 21:13:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4a7aaf36a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e7fff4adca9abc7-YYZ
access-control-allow-origin
*
date
Mon, 25 Nov 2024 07:41:35 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
fontello.css
www.paintedearthskincare.com/a/contentbuilder/assets/icons/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/contentbuilder/assets/icons/css/fontello.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/a/contentbuilder/assets/default/content.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
bb318052aac79bd4a4a5332b043cba5841117c6e3ded6c83977380e97d12e063
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/a/contentbuilder/assets/default/content.css

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"69ff5993c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4b8b0736a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
ionicons.min.css
www.paintedearthskincare.com/a/contentbuilder/assets/ionicons/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/a/contentbuilder/assets/ionicons/css/ionicons.min.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/a/contentbuilder/assets/default/content.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
77d332fac16a1e8c80df4f42b9f22c4c738f46234d5f962377d327cd9d7dd9fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/a/contentbuilder/assets/default/content.css

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"5b676d93c72fdb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 21:13:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4b8b0836a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1399167-37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
age
4020
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:34:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 06:34:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/
1 B
428 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1056770718&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&ul=en-ca&de=UTF-8&dt=Painted%20Earth%20Skin%20Care%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1363816228&gjid=1709062676&cid=73093264.1732520496&tid=UA-1399167-37&_gid=1974409802.1732520496&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=252656740
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.paintedearthskincare.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:41:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.paintedearthskincare.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
pptm.js
www.paypal.com/tagmanager/
17 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.paintedearthskincare.com&t=xo&v=5.0.465&source=payments_sdk&mrid=VUYTKFZZEB6BE&client_id=AeDWFs5RFH33pB3skuP1M57jTWgMHSuKFMxJtkMddpYsR7SSEBanfqI1RN7LlRaQ_Jmjxb8-L_1dbIJW&comp=buttons,messages,hosted-fields&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AeDWFs5RFH33pB3skuP1M57jTWgMHSuKFMxJtkMddpYsR7SSEBanfqI1RN7LlRaQ_Jmjxb8-L_1dbIJW&merchant-id=VUYTKFZZEB6BE&currency=USD&commit=false&intent=capture&disable-funding=card&components=buttons,messages,hosted-fields&enable-funding=venmo,paylater
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D65) /
Resource Hash
2f132c839a66495bff644afbe36632077f265bd1a905e3f2802e5d52e1639045
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-CTXkfGX1D0T5gYxOagu5pos/rVMbTHncbyQYhO80hOBhSceF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

paypal-debug-id
0313931452619
content-encoding
gzip
etag
W/"4500-dMk8EWJuxnR++9LaDxXfWCpeJNA"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-00000000000000000000313931452619-7b3bcee519e93b6d-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-CTXkfGX1D0T5gYxOagu5pos/rVMbTHncbyQYhO80hOBhSceF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D65)
template.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/template.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
297138116a74d24e13d49c7ba7da07ae78b2a71421986b16638d1c9350af1af9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3f99362c273ddb1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 21:40:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4f5c4236a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
navigation.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/navigation.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
7919767a96ac341c20727e1580dd21a1440a44a391e413aae30b0b70c3448c5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"7a7a4ced7593d01:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Thu, 21 May 2015 03:26:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4f5c4436a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
storefront.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
34 KB
7 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/storefront.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
456f3fca0b2d7ed37f57b1b0dfcbb048577270cbfdcd0a8b4121c9141f52827e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/imports.css

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"92f8647861f3cf1:0"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff4f5c4536a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
normal.woff2
www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/400/
15 KB
15 KB
Font
General
Full URL
https://www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/400/normal.woff2
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
cf-ray
8e7fff4f5c4836a0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14892
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
font/woff2
vary
Accept-Encoding
server
cloudflare
softaddtocart.css
www.paintedearthskincare.com/v/vspfiles/templates/253/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/softaddtocart.css
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/v/vspfiles/templates/253/js/design-toolkit_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
a4f6ca23ee489ac2e39395fbbb0576acbfd0b4e783c4746d4d695ae91411ca92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"3296627861f3cf1:0"
cf-bgj
minify
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
origSize=3191
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
text/css
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff506c9836a0-YYZ
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-AfSu9iFS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-AfSu9iFS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=4423, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
aiuJZqUxCLt3vPA+g1lvjiLNrfQ8NkyhUIYp/8Pcxg6ip4GlK35YlXpNj75SzYhlUf4hM1O9+6jmyjrKR8muHg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
form-settings
mc.us6.list-manage.com/subscribe/
14 KB
9 KB
Script
General
Full URL
https://mc.us6.list-manage.com/subscribe/form-settings?u=aaeb481a8afdd91057b49a415&id=a7caf03d6c&f_id=undefined&u=aaeb481a8afdd91057b49a415&id=a7caf03d6c&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.183.223 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-183-223.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
21b243038aa77d471ac85f20d16685c6eb98ecf9b521b615e8efc5ff33eef60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

x-request-id
1-67442a31-6dc436195e09aa8c4e81a3d4
content-encoding
gzip
expires
Mon, 25 Nov 2024 07:46:16 GMT
x-ua-compatible
IE=edge,chrome=1
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-spanid
aff9f83b-1a79-35f2-7765-cad372ede0b5
cache-control
max-age=279
intuit_tid
1-67442a31-6dc436195e09aa8c4e81a3d4
x-envoy-upstream-service-time
91
x-amzn-trace-id
Root=1-67442a31-6dc436195e09aa8c4e81a3d4
referrer-policy
same-origin
x-envoy-decorator-operation
http-interposer-desired-service.mailchimp-cloud-httpinterposer-use2-prd-m2.svc.cluster.local:8090/*
content-length
6844
server
istio-envoy
x-edgeconnect-midmile-rtt
0
x-edgeconnect-origin-mex-latency
166
normal.woff2
www.paintedearthskincare.com/cf-fonts/s/playfair-display/5.0.18/latin/700/
23 KB
23 KB
Font
General
Full URL
https://www.paintedearthskincare.com/cf-fonts/s/playfair-display/5.0.18/latin/700/normal.woff2
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7db8cc99b6c49ce9aff24dd36ff7fce854bc05beec1fab81548c332eda2b96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
cf-ray
8e7fff50acac36a0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
23352
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
font/woff2
vary
Accept-Encoding
server
cloudflare
painted_earth240.png
www.paintedearthskincare.com/v/
18 KB
18 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/painted_earth240.png
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/template.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
0ff15c6a45c8783a0fabfac0fb385f7b6010c596e68d2012e1d5fda8e9834fbd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/v/vspfiles/templates/253/css/template.css

Response headers

cf-cache-status
REVALIDATED
etag
"0b07ebbf393d01:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
origSize=19147
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/png
last-modified
Thu, 21 May 2015 18:27:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50bcb236a0-YYZ
accept-ranges
bytes
content-length
17977
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
normal.woff2
www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/700/
14 KB
15 KB
Font
General
Full URL
https://www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/700/normal.woff2
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
cf-ray
8e7fff50ccb436a0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14712
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
font/woff2
vary
Accept-Encoding
server
cloudflare
normal.woff2
www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/600/
14 KB
15 KB
Font
General
Full URL
https://www.paintedearthskincare.com/cf-fonts/s/source-sans-pro/5.0.11/latin/600/normal.woff2
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.paintedearthskincare.com
Referer
https://www.paintedearthskincare.com/

Response headers

cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
cf-ray
8e7fff50ccb636a0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
14824
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
font/woff2
vary
Accept-Encoding
server
cloudflare
Divider_Horizontal.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/
1 KB
1 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/Divider_Horizontal.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
a319a443a382387f1f821ea6e18481eb56a98664d89e8649d1f9ecc3a9dfad5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"b21f6c7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50dcc236a0-YYZ
accept-ranges
bytes
content-length
1143
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
Grid_Divider_Vertical.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/
92 B
440 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/Grid_Divider_Vertical.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
54637540d574499b701047b7a5d468337fb893a778ba39c3140f98c99555ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"b21f6c7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
origSize=886
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50dcc436a0-YYZ
accept-ranges
bytes
content-length
92
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
Grid_Divider_Horizontal.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/
93 B
441 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/Grid_Divider_Horizontal.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
a6647a7fc5c90785b54baceba8d6143012b07aebdeadd6c8739dd94c3b142ec5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"b21f6c7861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
origSize=887
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50dcc636a0-YYZ
accept-ranges
bytes
content-length
93
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
FBox_Heading_Back.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/
1 KB
1 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/FBox_Heading_Back.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
69b567c7578fe07655dd70258edb9670088f0d68abaf0a4e9340d048bfe918ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"72e4707861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
origSize=1161
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50dcc736a0-YYZ
accept-ranges
bytes
content-length
1153
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
FBox_Border_Left.gif
www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/
43 B
393 B
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/templates/253/images/HomePage/FBox_Border_Left.gif
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
e3f9df1a237afc367d049f0589d140492b9a51ab8823779afe3bed08c14f089b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"72e4707861f3cf1:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:36 GMT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
image/gif
last-modified
Wed, 29 Oct 2014 10:16:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff50dcc836a0-YYZ
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
collect
www.google-analytics.com/j/
3 B
26 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1056770718&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&ul=en-ca&de=UTF-8&dt=Painted%20Earth%20Skin%20Care%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1489342907&gjid=1751177693&cid=73093264.1732520496&tid=UA-XXXXX-X&_gid=1974409802.1732520496&_r=1&_slc=1&z=781066149
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.paintedearthskincare.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:41:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.paintedearthskincare.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
main.js
www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame E943
Redirect Chain
  • https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
8 KB
4 KB
Script
General
Full URL
https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a2ebe4d2e795c091229ef7502df7e13389780f1c3c11b546402c1ea6fc7a46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8e7fff51dd2a36a0-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
cf-ray
8e7fff513cef36a0-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 25 Nov 2024 07:41:36 GMT
vary
Accept-Encoding
server
cloudflare
local
www.paypal.com/credit-presentment/experiments/ Frame 1C80
0
0
Document
General
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zbnppqsblqqeuqkisuesqvxaegutly&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWVEV0ZzNVJGSDMzcEIzc2t1UDFNNTdqVFdnTUhTdUtGTXhKdGtNZGRwWXNSN1NTRUJhbmZxSTFSTjdMbFJhUV9KbWp4YjgtTF8xZGJJSlcmbWVyY2hhbnQtaWQ9VlVZVEtGWlpFQjZCRSZjdXJyZW5jeT1VU0QmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJmRpc2FibGUtZnVuZGluZz1jYXJkJmNvbXBvbmVudHM9YnV0dG9ucyxtZXNzYWdlcyxob3N0ZWQtZmllbGRzJmVuYWJsZS1mdW5kaW5nPXZlbm1vLHBheWxhdGVyIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfemJucHBxc2JscXFldXFraXN1ZXNxdnhhZWd1dGx5In19&env=production&scriptUID=uid_zbnppqsblqqeuqkisuesqvxaegutly&version=1.65.2&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AeDWFs5RFH33pB3skuP1M57jTWgMHSuKFMxJtkMddpYsR7SSEBanfqI1RN7LlRaQ_Jmjxb8-L_1dbIJW&merchant-id=VUYTKFZZEB6BE&currency=USD&commit=false&intent=capture&disable-funding=card&components=buttons,messages,hosted-fields&enable-funding=venmo,paylater
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chf/16A6) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paintedearthskincare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
53212
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
03a49346281ab
date
Mon, 25 Nov 2024 07:41:38 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"1479-DiRt2iOUB/nPcdFMTKWtzjkyi6Y"
last-modified
Sun, 24 Nov 2024 16:54:46 GMT
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
03a49346281ab
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (chf/16A6)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000003a49346281ab-870aa5a9a49b2f8f-01
vary
Accept-Encoding
x-cache
HIT
x-xss-protection
1; mode=block
ajaxcart.asp
www.paintedearthskincare.com/
16 B
306 B
XHR
General
Full URL
https://www.paintedearthskincare.com/ajaxcart.asp?Action=itemCount&cachebust=1732520496869
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
1c94777a97d780633442ffc3c062cdac7c2a1d29084d73b909fcc765f51222e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paintedearthskincare.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
x-dtpc
-64$320496091_126h14vUFWRTKKAESLHCFTACKCRPFGJKSSAWIRI-0e0

Response headers

strict-transport-security
max-age=15552000
cache-control
private
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e7fff518d0936a0-YYZ
x-download-options
noopen
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:37 GMT
x-xss-protection
1; mode=block
content-type
text/html; Charset=utf-8
x-powered-by
Volusion
vary
Accept-Encoding
server
cloudflare
1505709286663.jpg
www.paintedearthskincare.com/v/vspfiles/photos/homepage/
597 KB
598 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/photos/homepage/1505709286663.jpg
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
c27aceadb234d1385a77b85d4bbd26df05693880e25dafc386d91fe72063f460
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"c2a25b773730d31:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:37 GMT
cf-polished
origSize=651803
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
image/jpeg
last-modified
Mon, 18 Sep 2017 04:34:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff51bd2036a0-YYZ
accept-ranges
bytes
content-length
611674
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
201781016837799
connect.facebook.net/signals/config/
50 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/201781016837799?v=2.9.176&r=stable&domain=www.paintedearthskincare.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
3652f331ea52f795ca29a75275482a9515d42a47aa79850a9457385729dc6e30
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-3xS0SiUf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-3xS0SiUf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=76, mss=1232, tbw=70247, tp=65, tpl=0, uplat=36, ullat=0
pragma
public
x-fb-debug
iyB6YHMvz79PcyS9Xp6vFg1nQymn2J7HkvKBWEsAwZvviaAl2Uy4BD8Nm9DPhxa+Nu16SHeLu9qiyo0URZuc3Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
8e7fff455af9ab39
www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E943
0
689 B
XHR
General
Full URL
https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e7fff455af9ab39
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e7fff538dda36a0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=201781016837799&ev=PageView&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&rl=&if=false&ts=1732520497235&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1732520497233.66905159064659279&ler=empty&cdl=API_unavailable&it=1732520496938&coo=false&rqm=GET
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4469, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
196 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=201781016837799&ev=PageView&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&rl=&if=false&ts=1732520497235&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1732520497233.66905159064659279&ler=empty&cdl=API_unavailable&it=1732520496938&coo=false&rqm=FGET
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441118875142097842"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
d8eP+B51zsIW9tfy0wkiOLCyTA5dXVZc02tdV8fEjAqSTpKHvccG1lxOt+zUaIM7wFvgSEv1No6IkUHxljoAuQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441118875142097842", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4837, tp=13, tpl=0, uplat=170, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
muse.js
www.paypalobjects.com/muse/
55 KB
16 KB
Script
General
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.paintedearthskincare.com&t=xo&v=5.0.465&source=payments_sdk&mrid=VUYTKFZZEB6BE&client_id=AeDWFs5RFH33pB3skuP1M57jTWgMHSuKFMxJtkMddpYsR7SSEBanfqI1RN7LlRaQ_Jmjxb8-L_1dbIJW&comp=buttons,messages,hosted-fields&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

paypal-debug-id
e386527b6a766
content-encoding
br
etag
W/"64f25363-daa8"
x-content-type-options
nosniff
traceparent
00-0000000000000000000e386527b6a766-62c3498a007919d0-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, HIT
date
Mon, 25 Nov 2024 07:41:37 GMT
content-type
application/javascript
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
x-served-by
cache-sjc10081-SJC, cache-yyz4558-YYZ
x-cache-hits
12093, 80283
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1732520498.582422,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
15742
ts
t.paypal.com/
42 B
294 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AVUYTKFZZEB6BE-XO&page=muse%3Athird-party%3Aanalytics-xo%3A%3AVUYTKFZZEB6BE-XO%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=ea66c141-6d84-4063-a2a1-b2f0c94fee45&fltp=analytics&mrid=VUYTKFZZEB6BE&flag_consume=yes&pt=Painted%20Earth%20Skin%20Care%20Store&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732520497239&g=480&completeurl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&disableSetCookie=true
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
9bf5e8e91eb7f
correlation-id
9bf5e8e91eb7f
expires
Mon, 25 Nov 2024 07:41:38 GMT
traceparent
00-00000000000000000009bf5e8e91eb7f-89c177d835454ee1-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-00000000000000000009bf5e8e91eb7f-a5614e4a3bafeb76-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Mon, 25 Nov 2024 07:41:38 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200021-BUR, cache-yyz4573-YYZ
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732520498.096152,VS0,VE112
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
popup.js
downloads.mailchimp.com/js/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/
112 KB
33 KB
Script
General
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/popup.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de02d7d5ebcd5116989f346b5adc2db564a09f12073b560b3380ac047f9b00ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
gzip
ETag
W/"96a717b589e18e1ee32c8fa3e87e36d3"
Age
35861
Connection
keep-alive
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
BYUv5G5SKDWnFqYR5kYm07IINNMEhx4R8Gf7f4X1hU7f0IMFk55b1Q==
Date
Sun, 24 Nov 2024 21:43:57 GMT
Content-Type
application/javascript
Last-Modified
Tue, 04 Jun 2024 16:58:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P10
x-amz-server-side-encryption
AES256
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame E154
10 KB
3 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
gzip
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Age
85766
Connection
keep-alive
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
avW6sQ51npASYuE6cFT18DRbLyHGkkyUpV2S8Yaa8zbpzgD-7fz0qg==
Date
Sun, 24 Nov 2024 07:52:12 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P10
x-amz-server-side-encryption
AES256
banner.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame E154
813 B
1 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/banner.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

Vary
accept-encoding, Origin
ETag
"03dc514068214f6d7d052c91c8492206"
Age
23767
Connection
keep-alive
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
813
X-Amz-Cf-Id
0klrTRxTkWw6p3O9Ty_GhsjhRCKgtDDptJxKWcWJeJwv06rYoA7NGg==
Date
Mon, 25 Nov 2024 01:05:31 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P10
x-amz-server-side-encryption
AES256
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame A016
10 KB
0
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

X-Amz-Cf-Pop
JFK52-P10
Content-Encoding
gzip
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Age
85766
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
avW6sQ51npASYuE6cFT18DRbLyHGkkyUpV2S8Yaa8zbpzgD-7fz0qg==
Date
Sun, 24 Nov 2024 07:52:12 GMT
Content-Type
text/css
Vary
accept-encoding, Origin
Server
AmazonS3
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
x-amz-server-side-encryption
AES256
layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame A016
1 KB
972 B
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/layout-2.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
br
ETag
W/"689415cef3fb916a12beabcfa7ff4244"
Age
5381
Connection
keep-alive
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
SoioUDhHQ7Q_uy2AfuTJnM8THjJ0w8c129gTnfQC-jmW1pufhW5yXg==
Date
Mon, 25 Nov 2024 06:11:57 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P10
x-amz-server-side-encryption
AES256
modal.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/
3 KB
2 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/modal.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-47.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
gzip
ETag
W/"bb442b187fc78727105fd57962ce4b14"
Age
85373
Connection
keep-alive
Via
1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
FzrOZlh_ap5LnrKkEKt1V4Bofu-cVueZMveFjmrLpsCLj0iSz0vFpw==
Date
Sun, 24 Nov 2024 07:58:45 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P10
x-amz-server-side-encryption
AES256
index.html
www.paypalobjects.com/muse/store-cash-lite/ Frame EC9C
0
0
Document
General
Full URL
https://www.paypalobjects.com/muse/store-cash-lite/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paintedearthskincare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
16047
content-type
text/html
date
Mon, 25 Nov 2024 07:41:37 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"671fc6a9-da97"
last-modified
Mon, 28 Oct 2024 17:15:21 GMT
paypal-debug-id
eb99608cd8a5e
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000eb99608cd8a5e-2447a7941f196ace-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1113, 1451
x-content-type-options
nosniff
x-served-by
cache-sjc1000101-SJC, cache-yyz4540-YYZ
x-timer
S1732520498.931232,VS0,VE0
index.html
www.paypalobjects.com/muse/promotions/ Frame D088
0
0
Document
General
Full URL
https://www.paypalobjects.com/muse/promotions/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paintedearthskincare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
55818
content-type
text/html
date
Mon, 25 Nov 2024 07:41:37 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"671fdac9-30db3"
last-modified
Mon, 28 Oct 2024 18:41:13 GMT
paypal-debug-id
d3c962db4a226
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000d3c962db4a226-0b9ff22efb7fc4d1-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
5119, 54
x-content-type-options
nosniff
x-served-by
cache-sjc10052-SJC, cache-yyz4540-YYZ
x-timer
S1732520498.931442,VS0,VE0
index.html
www.paypalobjects.com/muse/analytics/ Frame DBF6
0
0
Document
General
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paintedearthskincare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
16057
content-type
text/html
date
Mon, 25 Nov 2024 07:41:37 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"671aa070-db19"
last-modified
Thu, 24 Oct 2024 19:30:56 GMT
paypal-debug-id
04668343c88bf
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-000000000000000000004668343c88bf-8a2d6ffcca1f17e3-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
16272, 22992
x-content-type-options
nosniff
x-served-by
cache-sjc1000107-SJC, cache-yyz4540-YYZ
x-timer
S1732520498.931216,VS0,VE0
c305dd27-e79c-45dd-bbb5-7cd2f83a3fb8.jpg
gallery.mailchimp.com/aaeb481a8afdd91057b49a415/images/ Frame A016
45 KB
45 KB
Image
General
Full URL
https://gallery.mailchimp.com/aaeb481a8afdd91057b49a415/images/c305dd27-e79c-45dd-bbb5-7cd2f83a3fb8.jpg
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c335feab5fa0487fe267314c9d4bb50c7c495f41407a1d48d29c0e295d786930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=E+cTMw==, md5=eGhKFMmAnasznh2PAosPrw==
etag
"78684a14c9809dab339e1d8f028b0faf"
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 08:41:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
45915
date
Mon, 25 Nov 2024 07:41:38 GMT
last-modified
Sat, 24 Aug 2019 13:27:01 GMT
content-type
image/jpeg
x-guploader-uploadid
AFiumC78mdK_AAnm2JjLzxk_B5P0jrHZcNrtusj3kwXWLpkadkY2vjBJXXY4o0EeJrip1CuSYjFAPKr4Jg
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1566653221096636
content-length
45915
server
UploadServer
ts
t.paypal.com/
42 B
295 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AVUYTKFZZEB6BE-XO&page=muse%3Aoffer%3A%3A%3AVUYTKFZZEB6BE-XO%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=ea66c141-6d84-4063-a2a1-b2f0c94fee45&es=visitorInfoFlowStarted&mrid=VUYTKFZZEB6BE&pt=Painted%20Earth%20Skin%20Care%20Store&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732520497994&g=480&completeurl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&disableSetCookie=true
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
523199c9f6880
correlation-id
523199c9f6880
expires
Mon, 25 Nov 2024 07:41:38 GMT
traceparent
00-0000000000000000000523199c9f6880-83bc3e8b89d74168-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000523199c9f6880-2bc3237b215ad73a-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Mon, 25 Nov 2024 07:41:38 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200108-BUR, cache-yyz4573-YYZ
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732520498.096469,VS0,VE104
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/
42 B
640 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AVUYTKFZZEB6BE-XO&page=muse%3Aoffer%3A%3A%3AVUYTKFZZEB6BE-XO%3A%3AfailedToFetchFlowMetadata%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=smartincentive&s=ci&item=ea66c141-6d84-4063-a2a1-b2f0c94fee45&es=failedToFetchFlowMetadata&mrid=VUYTKFZZEB6BE&erpg=Validation%20Error%3A%20User%20country%20is%20not%20eligible%20for%20merchant%20flow%20country%3BValidation%20Error%3A%20User%20country%20is%20not%20eligible%20for%20merchant%20flow%20country&pt=Painted%20Earth%20Skin%20Care%20Store&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732520498033&g=480&completeurl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&disableSetCookie=true
Requested by
Host: www.paintedearthskincare.com
URL: https://www.paintedearthskincare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
bb11f7c71866a
correlation-id
bb11f7c71866a
expires
Mon, 25 Nov 2024 07:41:38 GMT
traceparent
00-0000000000000000000bb11f7c71866a-7f241a12ef4d1d02-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000bb11f7c71866a-8927308a227c8303-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Mon, 25 Nov 2024 07:41:38 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200029-BUR, cache-yyz4573-YYZ
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732520498.096354,VS0,VE89
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
rum
www.paintedearthskincare.com/cdn-cgi/
0
150 B
XHR
General
Full URL
https://www.paintedearthskincare.com/cdn-cgi/rum?
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.paintedearthskincare.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e7fff60aaf536a0-YYZ
access-control-allow-origin
https://www.paintedearthskincare.com
date
Mon, 25 Nov 2024 07:41:39 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1056770718&t=timing&_s=2&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&ul=en-ca&de=UTF-8&dt=Painted%20Earth%20Skin%20Care%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4602&pdt=107&dns=159&rrt=0&srt=711&tcp=84&dit=2130&clt=2133&_gst=1440&_gbt=1605&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=73093264.1732520496&tid=UA-1399167-37&_gid=1974409802.1732520496&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1828047739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

age
35638
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 21:47:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1056770718&t=timing&_s=2&dl=https%3A%2F%2Fwww.paintedearthskincare.com%2F&ul=en-ca&de=UTF-8&dt=Painted%20Earth%20Skin%20Care%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4602&pdt=107&dns=159&rrt=0&srt=711&tcp=84&dit=2130&clt=2133&_gst=1440&_gbt=1605&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=73093264.1732520496&tid=UA-XXXXX-X&_gid=1974409802.1732520496&z=647898011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

age
35638
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 21:47:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
logger
www.paypal.com/xoplatform/logger/api/
977 B
757 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D0F) /
Resource Hash
15fb49a44c34196c1aab597225b5878ac7a0af47a5944f71331fa4688f6774e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paintedearthskincare.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
0a11a41a32469
content-encoding
gzip
etag
W/"3d1-EH9wSixtNT2pI8Zvdvfbp/P1Pac"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-00000000000000000000a11a41a32469-b0a6b4f507843989-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Mon, 25 Nov 2024 07:41:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin
https://www.paintedearthskincare.com
content-length
584
server
ECAcc (dcd/7D0F)
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D40) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paintedearthskincare.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paintedearthskincare.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 25 Nov 2024 07:41:39 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0a94868955372
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (dcd/7D40)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000a94868955372-d46b2b71cb435701-01
vary
Accept-Encoding Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
favicon.ico
www.paintedearthskincare.com/
6 KB
3 KB
Other
General
Full URL
https://www.paintedearthskincare.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
312e7af1cfb2af53ce7a69a246f81255baae3e3af42555b7c9082d316232471f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"b7585fe011a6cf1:0"
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=SS2BP03c3y2IOsqw392aceWbzadM3GayipyU8nGJCEo-1732520499-1.0.1.1-KpjzapSM_7NkMecnPYAyVUSdtH.LdhzsITghTE6Ch0gqVXotiVHyMmjKTPWGS9J0VBuYblejOc5ShDV0NomS3RGb5g4rrYLGquYlDx7Q7OjnB5Us90u0bL.zdQigI.ZDEcC5aUFJQPcPZ3ZzfiwxNwozBn6WOEzGAa24nwmgikA"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:39 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:39 GMT
content-type
image/x-icon
last-modified
Wed, 23 Jul 2014 01:03:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff61ab5236a0-YYZ
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=SS2BP03c3y2IOsqw392aceWbzadM3GayipyU8nGJCEo-1732520499-1.0.1.1-KpjzapSM_7NkMecnPYAyVUSdtH.LdhzsITghTE6Ch0gqVXotiVHyMmjKTPWGS9J0VBuYblejOc5ShDV0NomS3RGb5g4rrYLGquYlDx7Q7OjnB5Us90u0bL.zdQigI.ZDEcC5aUFJQPcPZ3ZzfiwxNwozBn6WOEzGAa24nwmgikA; report-to cf-csp-endpoint
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare
bf
bf64226adg.bf.dynatrace.com/
1 KB
1 KB
Fetch
General
Full URL
https://bf64226adg.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D64_sn_78F2956F1TSACUCOGPNVH0F6UA11C755&svrid=-64&flavor=cors&vi=UFWRTKKAESLHCFTACKCRPFGJKSSAWIRI-0&modifiedSince=1725900004336&rf=https%3A%2F%2Fwww.paintedearthskincare.com%2F&bp=3&app=f2c8c7e93216e073&crc=1990577784&en=8yp1p5ky&end=1
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/17052aca8bb/bf64226adg/f2c8c7e93216e073_complete.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.147.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-147-229.compute-1.amazonaws.com
Software
/
Resource Hash
06bc89ffb7d95e9fccd3a6adcd911c5c6320f02e2045b92c06371ad957dac2f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paintedearthskincare.com/

Response headers

strict-transport-security
max-age=31536000
x-oneagent-js-injection
true
access-control-allow-origin
https://www.paintedearthskincare.com
cache-control
no-cache
content-length
1105
date
Mon, 25 Nov 2024 07:41:40 GMT
content-type
text/plain;charset=utf-8
1506039682556.jpg
www.paintedearthskincare.com/v/vspfiles/photos/homepage/
304 KB
305 KB
Image
General
Full URL
https://www.paintedearthskincare.com/v/vspfiles/photos/homepage/1506039682556.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Volusion
Resource Hash
4ffae0b91c0be1c5acb8545aa4317d92c9c2ee2c9c1de81bc464d6d14eeed99c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paintedearthskincare.com/

Response headers

cf-cache-status
REVALIDATED
etag
"ff9389b93833d31:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 11:41:41 GMT
cf-polished
origSize=344326
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:41:41 GMT
content-type
image/jpeg
last-modified
Fri, 22 Sep 2017 00:21:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e7fff6aae5336a0-YYZ
accept-ranges
bytes
content-length
311784
x-xss-protection
1; mode=block
x-powered-by
Volusion
server
cloudflare

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery object| rquickExpr function| DP_jQuery_1732520495903 string| Config_VCompare_MaxProducts string| PageText_783 string| PageText_784 string| PageText_785 string| PageText_819 string| PageText_822 string| PageText_840 string| PageText_841 string| PageText_842 string| PageText_843 string| PageText_844 object| volusion string| payPalButtonSize string| payPalButtonColor string| payPalButtonShape string| paypalCreditButtonSize string| paypalCreditButtonColor string| paypalCreditButtonShape function| addToCart function| removeFromCart function| jsonp_callback function| retrieveCart function| getLineItemHTML function| cartLoop function| hideCart function| AddCartLink function| SoftAddSingleItem function| SoftAddMultipleItems function| SoftAddCheckboxes number| CART_PADDING_RIGHT function| DisplayCartPopup function| DisplayCartPopupBegin function| ErrorData function| CartMessage function| CartMessages function| imageMaxSide function| InProgressModalStart function| InProgressModalEnd function| CollectSoftAddToCartLinks object| MoreAddToCartPattern object| ProductCodeStringPattern object| ProductCodePattern function| FindAddToCartLinks string| global_Config_EnableDisplayOptionProducts string| global_PageText_OtherItemsAdded boolean| Config_EnableSoftAddToCart function| DropDown_ShopBy_Price_onChange function| DropDown_ShopBy_Category_onChange string| function_protect_images2_msg function| ClearForm function| OpenNewWindow function| OpenWindowNoScroll function| protect_images2 function| protect_images1 function| OpenSideWindow function| PageName function| PagePath function| QueryString function| GetCookieArray function| GetCookie number| c_minutes number| c_hours number| c_days number| c_years function| SetCookie function| encode function| decode function| v$ function| FixEvent function| AttachEvent function| DetachEvent function| ShowHide function| vTrim function| commaTrim function| addToDropdown object| Coordinates function| vPlacement function| IEVersion function| computedStyle function| this_AttachEvent function| uniquetoggleme function| Search_For_Products function| addbookmark function| IsReturnKey function| CancelEvent function| textAreaKeyDown function| textAreaKeyUp function| isvalidfield function| serialize function| getElementsByClassName string| agt number| is_major number| is_minor boolean| is_nav boolean| is_nav4up boolean| is_nav5 boolean| is_nav5up function| predictiveSearch_Dispose function| predictiveSearch_Init function| predictiveSearch_Initialized function| PredictiveSearch function| highlightSearchText function| setEllipses function| DisplayLocalDate function| isValidStoreVersion function| updateMDLComponents function| escapeString function| vjsReady string| whichCheckoutToGoTo function| setWhichCheckoutToGoTo function| goToCheckout function| proceedToOldCheckout function| proceedToNewCheckout function| linkCheckoutButtonsToNewCheckout function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| dT_ object| dtrum object| dynatrace string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| __post_robot_11_0_0___uid_zbnppqsblqqeuqkisuesqvxaegutly object| paypal object| __zoid_10_3_3___uid_zbnppqsblqqeuqkisuesqvxaegutly function| loadDTK object| DTK function| fbq function| _fbq function| define function| require object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm string| breadCrumb function| jq211 object| vSliderOptions function| onTranslateCallback function| onTranslatedCallback number| isIe function| $jQueryModern object| jQuery111107368776257489373 object| classie object| menuLeft object| showLeftPush object| body function| disableOther function| store_init object| emailSubscribeForm object| emailSubscribeButton function| disableSubscribeSubmit function| forwardToMailingList boolean| isUsingPpcp boolean| useNewCheckout function| removePayPalDivFromPushCart function| removePaypalButtons function| addPaypalButtonsWhenPushCartOpen function| paypalPushCartAddClassNameWatcher function| callFunctionIfDefined function| addPushCartPriceObserver object| __cfBeacon object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

20 Cookies

Domain/Path Name / Value
www.paintedearthskincare.com/ Name: volses
Value: 88402003-3793-3e88-b7e5-d1e9fcf1339f
www.paintedearthskincare.com/ Name: vsettings
Value:
www.paintedearthskincare.com/ Name: ASPSESSIONIDSQSACCTQ
Value: APNJOBIBEOMEFJFPCFEJPALB
.www.paintedearthskincare.com/ Name: __cf_bm
Value: chShy4zbtDU.PWddgm664RHUZQK83.gIvZ5Y82SA_ko-1732520495-1.0.1.1-t3JSPpAp8B9csZspfjDddm_GyJQTkqkhl3UJd2psCvbg9C53kHlLpeqHfEb4jv1UC4ZTu4cZB7rbd0ofYnObGA
.paintedearthskincare.com/ Name: rxVisitor
Value: 17325204960940LB0C3OQ90LJ4A10MAF9GK4VA07NKPIO
.paintedearthskincare.com/ Name: dtSa
Value: -
.paintedearthskincare.com/ Name: _ga
Value: GA1.2.73093264.1732520496
.paintedearthskincare.com/ Name: _gid
Value: GA1.2.1974409802.1732520496
.paintedearthskincare.com/ Name: _gat_gtag_UA_1399167_37
Value: 1
.paintedearthskincare.com/ Name: _gat
Value: 1
.list-manage.com/ Name: _abck
Value: 9C5D57825F8BD55711B6846F44293454~-1~YAAQlGrcF6Oql1eTAQAAENBEYgxE6pNyGh92/R5T22weMku3ALZn+xw6X1/YDcTqvcq8OVChJaq31CenV1JxjAHX+g4yPomejHwat19RrRpaqxYfIwDC1SgG7cb8xZZWbgJMjFwi23+BLLpKgyb2KNEMVBK3bFq2zwMkTewp4C3QCNy3BjQsDaWDcRUqd0E55TWYgew1KLOXdtnvzeKkVZ6lLeV7QHYHm6p5lBgwVo+8R4I9B4c+o7rdSOr+JzDW6ditETjjOT6cvJkj2wDbY9bvpudcvvb1V1eP2XXMQB6GuyWnUmKHM0m5fEiFgdnqdBT8osJZ5SfMinWrvRMFUUxJtabEssSDb36uBD0SFahbjrMApxUlPZ1puSt9QLO6j6y0K0iySFwNjdNeaJBJcgF493Aoh5Oz88MJ0xhq/cwP~-1~-1~-1
.us6.list-manage.com/ Name: ak_bmsc
Value: 3BAEA79FFDAFE756A387457A13AA9936~000000000000000000000000000000~YAAQlGrcF6Sql1eTAQAAENBEYhnmThO33iuzosb4aXfZ8E6r8S1j/ypZ+siz6mRQYaN64mxQARC4OaODH/CXrPq2R5oGc3iZU/BKRiCdcMi68Fwy2H7JH+gSJHI6QxEup1MpO8leCYJcnfnukltEEIAdtP0sIQfX2+0oFe6IUQpJm/x/YiWzJ1LjB/Jnl6UwakMR5MyJ+NQrt++X0YW6HuVihM7XU+C6nGD/Ij3Dqy1rk8IoiG5qNPD7S0ANnVEVsQpiVbbSOnpRQqRiKrhrAusMtbBjX+suzkWoLVhHK1RbI4X/Iop3rN24OgB3nEicD8FGcZU7Zadlio+OTrutr00BFNo6RsmF7obkj96XWRCmoLQBCdrieOqZik68YfYeCk6FpuGkMtxZpuvxonDVM9fm
.list-manage.com/ Name: bm_sz
Value: 8433832AB85EE092B97A1EA1D808783C~YAAQlGrcF6Wql1eTAQAAENBEYhmXtJskvji5SFB/1g2kd4FlHsAP5fL9SFdxO78HJVG36q8hrD6aKEQIpTAECBD04tKqt51uz5Zk6y6J7x674zIN5xxrRJG3ukN9n9S5Xxb0nU6AIlgABt7tDz/jowyg2hsyw6g1QeMLQQlvk9oWlgavrAYz69uaNI/hTPeXN6fuzJCZ6ZzAIculbbDQLhGRLgvnw4EOwg5njRoEAIf/Lk7+sDXsozsg/w6V8aX0Nr38PWAOQIMQdKQX2prUUrgR0PDOWHeHElrKOAxVcaYwOR2iRvAMr+lhhAi+V3SCQZgX+0j+002DYxL5eviTto6ID1FPm4zImVHAdZa56gaSOrYCnd5gRy5h~3159607~4403250
.www.paintedearthskincare.com/ Name: cf_clearance
Value: tNU3e_VvtNJ8eEkPJbLItUg_vt5PzL3fV0Diwt9_J5U-1732520497-1.2.1.1-QfadJSplzyAVj0.4T5MMJrznMDfWIrs.2LMBPLbPLSoBFcX7sw9UWIcfgbirE0oP3AF.YmLdVGkDihsW4YeTYABsYcu5rsvQsEEyKPnf4e6XNnkIl9v_yQ4wtnhIuBILLEsNol6DRBVVZtIYyeu1Hq2FYdtJMozaCqMXXaAyKc69vj.qW1_uZQOvrC4HYSQT16RTA9ogkpPrvhf46g7_KHy7ah1XReRX_9GryQXHBUO5dX7lH5r8Gjsxig0zLWwPphkcO9Im6tsWgWyRhjVnB.dx4UpIoyEMl13wBIPw3fNXPjjoiKAHxMz_8qB_4mWFKpDeuMAt1xDb4To8DBMEedQwXtUmeZoj4Xha0ZMb16bU5VZzI.l6t0mzLfiwAFBL
.paintedearthskincare.com/ Name: _fbp
Value: fb.1.1732520497233.66905159064659279
.paintedearthskincare.com/ Name: paypal-offers--view-count-credit%2Cone-touch
Value: 1
.paypalobjects.com/ Name: paypal-offers--country
Value: CA
.paintedearthskincare.com/ Name: rxvt
Value: 1732522299271|1732520496096
.paintedearthskincare.com/ Name: dtPC
Value: -64$320496091_126h-vUFWRTKKAESLHCFTACKCRPFGJKSSAWIRI-0e0
.paintedearthskincare.com/ Name: dtCookie
Value: v_4_srv_4_sn_78F2956F1TSACUCOGPNVH0F6UA11C755_app-3Af2c8c7e93216e073_0_ol_0_perc_100000_mul_1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bf64226adg.bf.dynatrace.com
code.jquery.com
connect.facebook.net
downloads.mailchimp.com
gallery.mailchimp.com
js-cdn.dynatrace.com
mc.us6.list-manage.com
s3.amazonaws.com
static.cloudflareinsights.com
t.paypal.com
www.facebook.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.paintedearthskincare.com
www.paypal.com
www.paypalobjects.com
104.16.79.73
13.226.94.47
13.226.94.78
142.250.31.139
142.251.16.102
142.251.16.97
142.251.179.95
151.101.194.137
151.101.3.1
151.101.67.1
172.66.0.114
192.229.210.155
23.49.183.223
31.13.66.19
31.13.66.35
34.96.122.219
44.215.147.229
52.216.49.24
068a3c08349836c312187ea8c37cb5b491abebd11b1540c5bbfbdda9a48b118c
06a07d347f7a9480ab5c34ed716d232c207ee3bf3362a757ae518b0cf2ab7086
06bc89ffb7d95e9fccd3a6adcd911c5c6320f02e2045b92c06371ad957dac2f6
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0ff15c6a45c8783a0fabfac0fb385f7b6010c596e68d2012e1d5fda8e9834fbd
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843
11befc7786638fc1ebe5a5b24405a0355f48f0ae607d07088be637d7594bc17c
15fb49a44c34196c1aab597225b5878ac7a0af47a5944f71331fa4688f6774e0
1643db58c5b1395e87f840e6edd98bd648d5f1d3fb6a3024a2f6367cc0bdd00a
16869435503592c76ba1f3991daffec46cb0b9f713f02bebaca356a8db63019a
1c94777a97d780633442ffc3c062cdac7c2a1d29084d73b909fcc765f51222e7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
21b243038aa77d471ac85f20d16685c6eb98ecf9b521b615e8efc5ff33eef60b
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27dcdd3103baf93156df6210d16a0f11973117067bcd4694bc80508ff7e8d999
297138116a74d24e13d49c7ba7da07ae78b2a71421986b16638d1c9350af1af9
2a9bcef7a4c59ad7d0b35d1b0ebf65fbfeb8eceea6b73f55499a6d396e53f40d
2f132c839a66495bff644afbe36632077f265bd1a905e3f2802e5d52e1639045
312e7af1cfb2af53ce7a69a246f81255baae3e3af42555b7c9082d316232471f
32728f119be1ebcf725b6e9780d313e48086d94ce84adc75eb79de3751a9fff9
3570d64fe001a57491a977cf8b6a48597a1c53290fe2a3f42f8d4c9315528cf5
3652f331ea52f795ca29a75275482a9515d42a47aa79850a9457385729dc6e30
36be86cc09358061168a149c711bf3bfb1df1b6300a3267ec905aad2a4c77fde
3770d8e814f0c29bbc745ea845fd8eb614f404e797c5833479116d17b5a7ad6e
3c329793a287091ec808c0bf484203f8d3269754511c99bc771779511a8d79ad
40bfcd156536dcb3949ae6bc1b9615a1c4cc797529d279346207530a050faa4c
40ffe0c57a316204c92e2b4df0da49840b9ff2e283d1c7924204ea546332014b
456f3fca0b2d7ed37f57b1b0dfcbb048577270cbfdcd0a8b4121c9141f52827e
4c5d7de05c1bb57ccfee71035b2ad900f0eef99f3ba238daf9665311ebf644f4
4e54473cd6fa072f4f7928d368787459f8098494cbdf9bb1b83e790d32c53b4b
4ffae0b91c0be1c5acb8545aa4317d92c9c2ee2c9c1de81bc464d6d14eeed99c
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54637540d574499b701047b7a5d468337fb893a778ba39c3140f98c99555ecbf
5948b4e0165dca45a96f5204495bb04563f3d457995f4c05d4d19c551f5ba39e
5a1271c842095ed7ec27fa5caed7d5584c905f9c31ddc8b1065d49813c6fdf3a
5ab3c1b1af74e40cc038400407a765ad663cea49c1258fa57cf0fd5ce000c8b6
60681750effde3e864f99408541fd324f29f9faf93230fcce7653ec6b76a1ffb
64a2ebe4d2e795c091229ef7502df7e13389780f1c3c11b546402c1ea6fc7a46
66ebeded87c9b586c7dc141806818a3d7c8f3882b4391ba47ac0b02af4aa1291
69853df007a78a5525fcc07ae01f9ea7422a8d70a7af5d322a85d9acab8bf4ba
69b567c7578fe07655dd70258edb9670088f0d68abaf0a4e9340d048bfe918ca
6a700bb2a9bebc84a5ec198bfade1559fa6ce736ccdc015f463fa90468592cd8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e8e658b4f356ad02a636d20805dc0e5072affc656eaaf224ca04c67094ec19d
70abb026739d27832cf52fa63d0cd9841fb9ac8300dfec556e8ae318b208c6af
7166fe14a59116d3d845f1e42f65df5b8cc4f54d78f8ba3c4d4d512ba81082a9
77d332fac16a1e8c80df4f42b9f22c4c738f46234d5f962377d327cd9d7dd9fc
77f9abe5b2c4ec02ca8811166ca6a84d4601d762cb500b5cab914f02ecc0524c
7919767a96ac341c20727e1580dd21a1440a44a391e413aae30b0b70c3448c5b
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d3ff4f0682321fd931041a9ee1e0bf60c8b183d4c89163d0910bc66f75b1430
8013c0d20eea098bdae6987d44b1818822ac2ecefed0cc662eae5493e5b17e97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072
90f84788420523bd920c13a28709334613be3b406dbf31b2c4ed0ff0cbb74dad
a319a443a382387f1f821ea6e18481eb56a98664d89e8649d1f9ecc3a9dfad5e
a38437a7a20dd66be71640acbd9fbbf45635cf5935ff3011ac7212fdb5146e83
a4f6ca23ee489ac2e39395fbbb0576acbfd0b4e783c4746d4d695ae91411ca92
a6647a7fc5c90785b54baceba8d6143012b07aebdeadd6c8739dd94c3b142ec5
a70895d3dd7830c1a053b00aff06431559dba78bba2d593bd7f134e621dd7c10
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab6237703c70ca1255a467b5c45d00a0306393f2ec1f544933b9571e88e02015
ac7db8cc99b6c49ce9aff24dd36ff7fce854bc05beec1fab81548c332eda2b96
af974fbb54aaae81bc3eb5422caa97f5b91198e34924be8a845abf855eccf192
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b456d1f6bc100d67b8913f8228a6f903029fea1b2d1ccf4dcdede6edd9535c2f
bb318052aac79bd4a4a5332b043cba5841117c6e3ded6c83977380e97d12e063
c27aceadb234d1385a77b85d4bbd26df05693880e25dafc386d91fe72063f460
c335feab5fa0487fe267314c9d4bb50c7c495f41407a1d48d29c0e295d786930
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d0d0e8d8b1307641f0374b8a22dff4034d5d25ac36505331dbb2236d7e687fa5
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01
d7e07e7cbbe28ef37686fff25c25334f906bc4a072a7db3a35afae405293ad4c
d97b31435eb82982caeb22292a31a521c1c8f8690c849d8a7540bd225902a362
dd3db65c2cae7f4cd265b2f175807436dee012a4f1af5fa22e16ffa5b31b7cf8
de02d7d5ebcd5116989f346b5adc2db564a09f12073b560b3380ac047f9b00ba
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e242b4149924ae5bf22b5e6ef39b93bb6ca909c3b1f3d7c76cc666b4f3b25e42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9df1a237afc367d049f0589d140492b9a51ab8823779afe3bed08c14f089b
e7b7e4dae55392650c81fb2ffa31239f58a4d2bf82f0469635d7085f5b2d4b37
f03502452aa5d504fe7ab95ee1ee5d9f29a097ec85ca4fc5f043cbff03436fac
f0960af5750248e9aed431935a56341d58bb3f2fc605019ebc283d21b33e8c81
f1149e7d0e98b03039bf0074c38010a49c2893cae227b9820fee4a97d8ddc2d6
f4cc8a0b9798ca8ff981e12bd05996952b13cefa7462769b4b31350493e1024c
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd3a1f11797b072b594843ec61de60740bec9bb67ca4f1dcb85e196f9aa3ca0b