pictures.laprovence.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700:10::6816:fd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pictures.laprovence.com.
TLS certificate: Issued by WE1 on July 20th 2024. Valid for: 3 months.

This is the only time pictures.laprovence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:10:... 2606:4700:10::6816:fd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

6 2606:4700:10::6816:fd3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pictures.laprovence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	laprovence.com 1 redirects pictures.laprovence.com	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
6	2

	Domain	Requested by
6	pictures.laprovence.com	1 redirects static.cloudflareinsights.com pictures.laprovence.com
1	static.cloudflareinsights.com	pictures.laprovence.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
pictures.laprovence.com WE1	`2024-07-20` - `2024-10-18`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pictures.laprovence.com/
Frame ID: 33249A56FD11BAD8D6B3994C74A4CC2E
Requests: 4 HTTP requests in this frame

Frame: https://pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: FBA38DA1B83B40B2F389AEB1FA979B2F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LaProvence.com

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

6
Requests

83 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

13 kB
Transfer

29 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://pictures.laprovence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
pictures.laprovence.com/ 1 KB
1 KB 273ms
145ms Document
text/html 2606:4700:10::6816:fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pictures.laprovence.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cd263b0189cdfbca2ebfb61aab7ebb6b1af56d205f02fe41a2a56141cba251

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8baeac4c0bce63c7-LHR
content-encoding: br
content-type: text/html
date: Thu, 29 Aug 2024 18:41:03 GMT
expires: Thu, 29 Aug 2024 19:41:03 GMT
last-modified: Wed, 10 May 2023 20:19:28 GMT
server: cloudflare
vary: Origin, Accept-Encoding
x-goog-generation: 1683749968096279
x-goog-hash: crc32c=r9LcEw== md5=epOz6XpDG4JQcfiQrPjisg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 86
x-guploader-uploadid: AHxI1nMVCvEMaOiJvSrRpkgqXlQhbjygmL1aRjH8ZnAcY9pI-lNvMdNd_s5LxhXlahqEdaiZG2R8cvhvfQ

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 187ms
80ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: pictures.laprovence.com
URL: https://pictures.laprovence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://pictures.laprovence.com/
Origin: https://pictures.laprovence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:41:03 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8baeac4da9d494f1-LHR

GET
H3

200

main.js Show response
pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame FBA3
Redirect Chain

https://pictures.laprovence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
4 KB

51ms
50ms

Script
application/javascript

2606:4700:10::6816:fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Protocol

H3

Server

2606:4700:10::6816:fd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18521246bf09a551384538bc31107832a8680500d4afb05f13fd399bace6de4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8baeac4e9f8a63c7-LHR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 29 Aug 2024 18:41:03 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8baeac4e3efe63c7-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 rum Show response
pictures.laprovence.com/cdn-cgi/ 0
146 B 51ms
50ms XHR
text/plain 2606:4700:10::6816:fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pictures.laprovence.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:fd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pictures.laprovence.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 29 Aug 2024 18:41:03 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://pictures.laprovence.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8baeac4e4f0a63c7-LHR

GET
H3 404 favicon.ico
pictures.laprovence.com/ 127 B
392 B 226ms
226ms Other
application/xml 2606:4700:10::6816:fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pictures.laprovence.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Referer: https://pictures.laprovence.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:41:03 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHxI1nO6puMqb8AoMZUtUigq6e4cIVCU6Qurc7jkaJ9xIehyDDeXmw7sKGCtLNh1oKTEnKIPwlm8Dp9N0g
content-type: application/xml; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 8baeac4e4f0b63c7-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 30 Aug 2024 18:41:03 GMT

POST
H3 200 8baeac4c0bce63c7 Show response
pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FBA3 0
646 B 72ms
66ms XHR
text/plain 2606:4700:10::6816:fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pictures.laprovence.com/cdn-cgi/challenge-platform/h/b/jsd/r/8baeac4c0bce63c7
Requested by: Host: pictures.laprovence.com
URL: https://pictures.laprovence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Aug 2024 18:41:03 GMT
server: cloudflare
cf-ray: 8baeac4f890063c7-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfBeacon

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.laprovence.com/	1970-01-20 23:09:18	Name: __cf_bm Value: uudfclzm5ZWHtzC2Vw3Jt1J8HwBygJPDV0d78qWXtaY-1724956863-1.0.1.1-IeDqNbtO31dUarOO_ggWFyj1NtFGVMz2U1jaesL1PB33lVvNnO.aoZejFXKIYBnUghSskpx5.NP8Q8mabkLmkg
			.laprovence.com/	1970-01-21 07:54:52	Name: cf_clearance Value: flcaAZXvp7wEw5pVxFqRIeTleQwZYQezZGAZ2kVWkfg-1724956863-1.2.1.1-56O_Al8wzqUMUJnygyJsdVMiOC00e1.k97AZFSm8nnmIDDTlDXRAqGUHyJyQB4fEnC3ENQxFLoyLvq63ENOVfbfycY8jkUU9YJ4SuBP7Oj.WufEA1MeNMWaR9b_lN.xs3x7CXdn1gdBcS30LImvPSaQ4ici09jpc2tNnenWuf7vKOAlRozdjCSSeM6Hq5yQEF070.42oajGN_XDJ5MOV7re5RwIjYDDV7Odlc5jVaeeHKvwTdXWsDsdLjESPU7.iRFhsIHFLrqDXJivWeh2HdhUd.kpW9G_.ujQYYQBrhY7lp8OQINfRPrXoJlMdTEomx8koPsKZo2qzg.Btoem44E4bj9.RfowRG2z7CqaW00jtCbkWxcV2nyVd.v2dmZnY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pictures.laprovence.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pictures.laprovence.com
static.cloudflareinsights.com
2606:4700:10::6816:fd3
2606:4700::6810:4f49
18521246bf09a551384538bc31107832a8680500d4afb05f13fd399bace6de4d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
a9cd263b0189cdfbca2ebfb61aab7ebb6b1af56d205f02fe41a2a56141cba251
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

pictures.laprovence.com Open in urlscan Pro 2606:4700:10::6816:fd3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

13 kBTransfer

29 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

pictures.laprovence.com Open in urlscan Pro
2606:4700:10::6816:fd3 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

13 kB
Transfer

29 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions