www.provenance.org Open in urlscan Pro
2606:4700:20::ac43:4669 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://provenance.org/
Effective URL:
https://www.provenance.org/
Submission Tags: analytics-framework
Submission: On April 24 via api (April 24th 2023, 5:15:02 am UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 29 domains to perform 101 HTTP transactions. The main IP is 2606:4700:20::ac43:4669, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.provenance.org. The Cisco Umbrella rank of the primary domain is 434721.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2023. Valid for: a year.

This is the only time www.provenance.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.128.72.146 108.128.72.146	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4669	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	52.222.236.28 52.222.236.28	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.232.144 52.222.232.144	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	18.66.112.109 18.66.112.109	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:320... 2a06:98c1:3200::90:3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.193.226 172.65.193.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.202.85 172.65.202.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.72.37.244 54.72.37.244	16509 (AMAZON-02) (AMAZON-02)
4	172.65.236.181 172.65.236.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:2c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a06:98c1:320... 2a06:98c1:3200::90:2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.31.189.121 52.31.189.121	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:8b65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
101	36

1 108.128.72.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-72-146.eu-west-1.compute.amazonaws.com

provenance.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4669 (United States)

ASN13335 (CLOUDFLARENET, US)

www.provenance.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.222.236.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-28.fra56.r.cloudfront.net

global-uploads.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-109.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:3 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.193.226 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.202.85 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.37.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-37-244.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)

app-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3200::90:2 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
25866765.fs1.hubspotusercontent-eu1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.189.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-189-121.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:8b65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	webflow.com global-uploads.webflow.com — Cisco Umbrella Rank: 45164 uploads-ssl.webflow.com — Cisco Umbrella Rank: 17357	2 MB
13	gstatic.com www.gstatic.com fonts.gstatic.com	956 KB
8	google.com www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930	59 KB
7	hubspot.com api-eu1.hubspot.com — Cisco Umbrella Rank: 78260 app-eu1.hubspot.com — Cisco Umbrella Rank: 90938 track-eu1.hubspot.com — Cisco Umbrella Rank: 29301	26 KB
6	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 12924	302 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	284 KB
3	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 45608 feedback-eu1.hubapi.com — Cisco Umbrella Rank: 805164	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171 in.hotjar.com — Cisco Umbrella Rank: 2738	72 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 40666 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 42604	26 KB
2	provenance.org 1 redirects provenance.org — Cisco Umbrella Rank: 261946 www.provenance.org — Cisco Umbrella Rank: 434721	15 KB
1	hubspotusercontent-eu1.net 25866765.fs1.hubspotusercontent-eu1.net	4 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7215	161 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	377 B
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 46259	1007 B
1	hubspotfeedback.com js-eu1.hubspotfeedback.com — Cisco Umbrella Rank: 796698	10 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 44635	3 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 25409	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 19376	64 KB
1	usemessages.com js-eu1.usemessages.com — Cisco Umbrella Rank: 84536	22 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3425	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	256 B
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 21622	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	11 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	1 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	45 KB
101	29

	Domain	Requested by
29	global-uploads.webflow.com	www.provenance.org global-uploads.webflow.com
11	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	www.provenance.org www.gstatic.com www.google.com
6	static.hsappstatic.net	app-eu1.hubspot.com static.hsappstatic.net
4	app-eu1.hubspot.com	js-eu1.usemessages.com static.hsappstatic.net js-eu1.hubspotfeedback.com
4	uploads-ssl.webflow.com	global-uploads.webflow.com
4	www.googletagmanager.com	www.provenance.org www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	feedback-eu1.hubapi.com	static.hsappstatic.net
2	px.ads.linkedin.com	2 redirects
2	fonts.gstatic.com	www.google.com
2	api-eu1.hubspot.com	js-eu1.usemessages.com
1	track-eu1.hubspot.com
1	25866765.fs1.hubspotusercontent-eu1.net	www.provenance.org
1	content.hotjar.io	script.hotjar.com
1	api-eu1.hubapi.com	js-eu1.hsadspixel.net
1	px4.ads.linkedin.com	www.provenance.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	in.hotjar.com	script.hotjar.com
1	forms-eu1.hsforms.com	www.provenance.org
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	js-eu1.hubspotfeedback.com	js-eu1.hs-scripts.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.usemessages.com	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	www.provenance.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js-eu1.hs-scripts.com	www.provenance.org
1	snap.licdn.com	www.provenance.org
1	static.hotjar.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.provenance.org
1	cdnjs.cloudflare.com	www.provenance.org
1	d3e54v103j8qbb.cloudfront.net	www.provenance.org
1	www.googleoptimize.com	www.provenance.org
1	www.provenance.org
1	provenance.org	1 redirects
101	41

This site contains links to these domains. Also see Links.

Domain
app.provenance.org
info.provenance.org
www.pukkaherbs.com
provenance.org
25866765.fs1.hubspotusercontent-eu1.net
eu1.hubs.ly
www.linkedin.com
twitter.com
instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-14` - `2024-04-13`	a year	crt.sh
global-uploads.webflow.com Amazon RSA 2048 M02	`2023-02-17` - `2023-11-16`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-26`	7 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspotusercontent-eu1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.provenance.org/
Frame ID: F23C3D61CE708A72504E09A6868C0C51
Requests: 70 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=28abh1z296vd
Frame ID: 9918625AB1B713010C0D96319C34A3F2
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=m21vbik8ug25
Frame ID: A8BEB9764E6E6DA9136740BFD9DA3BBA
Requests: 8 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/3ff554af082f4a08872555fbd343739e?uuid=16a077cc88bb44329616794b9a1b3ae5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=provenance.org&inApp53=false&messagesUtk=3ff554af082f4a08872555fbd343739e&url=https%3A%2F%2Fwww.provenance.org%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: A4BE62DFB5B50268A365AA15EBFDADAE
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O
Frame ID: 5EB99F6054076AF9D3CAB62491A51725
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O
Frame ID: 5D5415545D35A660DEE2A9DF909A675D
Requests: 3 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/feedback-web-fetcher
Frame ID: 7C11D772A5ADCF718473415AEC2D31C9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Provenance: Sustainability Marketing Technology

Page URL History Show full URLs

https://provenance.org/ HTTP 301
https://www.provenance.org/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

99 %
HTTPS

49 %
IPv6

29
Domains

41
Subdomains

36
IPs

4
Countries

4289 kB
Transfer

8335 kB
Size

23
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.provenance.org/sign_in
Title: Sign in

Search URL Search Domain Scan URL

URL: https://info.provenance.org/meetings/erikaprovenance/straal
Title: Understand our mission

Search URL Search Domain Scan URL

URL: https://www.pukkaherbs.com/uk/en/products/joy-tea
Title: See live example

Search URL Search Domain Scan URL

URL: https://provenance.org/enquiry
Title: Boost Conversion

Search URL Search Domain Scan URL

URL: https://25866765.fs1.hubspotusercontent-eu1.net/hubfs/25866765/Skin%20Deep%20Beauty%20Report%202022.pdf
Title: Please click here

Search URL Search Domain Scan URL

URL: https://eu1.hubs.ly/H01RhJb0
Title: Download free report

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3105623

Search URL Search Domain Scan URL

URL: https://twitter.com/ProvenanceHQ

Search URL Search Domain Scan URL

URL: https://instagram.com/provenanceHQ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ProjectProvenance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://provenance.org/ HTTP 301
https://www.provenance.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4056090%26time%3D1682313297743%26url%3Dhttps%253A%252F%252Fwww.provenance.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true&e_ipv6=AQJcrDDqOArXQwAAAYexr8C6ODesAF45hXTdeg8382y0Vf2gm_J23-4RZ0pIqPVyoe6uBcxMUPtSrcupYEzGMocrnlM

101 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.provenance.org/
Redirect Chain

https://provenance.org/
https://www.provenance.org/

70 KB
15 KB

159ms
91ms

Document
text/html

2606:4700:20::ac43:4669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33cdee533b95e463a8c1125ca1ae7cd765846e683a9aa4fdcfc64c35e92247e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-ray: 7bcbdd97ded103f4-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 24 Apr 2023 05:14:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouIMk8M1ROExOlUHBHKd1GQUZXCl7NEXdfA9nb7vo505aZAkNWqjf%2FpsNAhBA5dj0kDZHaMrJ7lmcBpgazNrM6kdUA8KORn9QXQW0fu4keM0lWqqzsCSjsIdZAA6SIMCB27bIW0PggTpvXLVljjafQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: application/vnd.lotus-organizer
Date: Mon, 24 Apr 2023 05:14:55 GMT
Location: https://www.provenance.org/
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 provenanceorg.webflow.ef0f48e0e.min.css
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/ 184 KB
36 KB 92ms
31ms Stylesheet
text/css 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74ba4e8533686279d14ef026f55ac9a00cfd432884902c82d6ff8ecf21a1aa03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: .ChDlvq6cdbiRl9k4HRnalCkJUv2EYt8
content-encoding: gzip
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 05:14:56 GMT
age: 2490
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36406
last-modified: Fri, 21 Apr 2023 18:23:30 GMT
server: AmazonS3
etag: "9868a74d183a9faa63f49d4f6364feba"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 5ihSPr6Fm2oV0yr8XxSlR8jQTTfIjjihRSCzR9QOKilXE1TMwyrzfA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 87ms
37ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59977860-1

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4097a5ce27113fc9480b0f6dc320ed1fa3acf7e8a6d2e256ff51e01000fabe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45087
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 84ms
29ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
85 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P01H6XMGNW

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebc7d02de2dd665d2f232d916f06486494cbeb7d77b99cd4661a6f29346226e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 113 KB
45 KB 105ms
38ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PMVSQ7V

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b6a3168093f9d793260a15bb0ae75015fbd8711cfc72730a358bf434e02ac39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45180
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 63862f8bfc1ac26731a29361_Frame%20154.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 166 KB
167 KB 37ms
36ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/63862f8bfc1ac26731a29361_Frame%20154.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91420b1109fa52cedba7f0d58a9ae918b7a60d75ae591a28ad2f3007d8aa978a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 13:18:31 GMT
x-amz-version-id: _x8XowU4nsv4fQhDu.SWCvAqJg_hVx0b
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11289386
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 170047
last-modified: Tue, 29 Nov 2022 16:13:00 GMT
server: AmazonS3
etag: "7bcd8997bf67a4549970e2cd06d2caca"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: aVuNSZYU3XNNJq-D7NPYA-PEFAohOrksGEVjZNpxB_xTvE22Gh2Uuw==

GET
H2 200 634593d4f0e3694b1dd5dcec_close%20(7).svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 375 B
833 B 36ms
34ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/634593d4f0e3694b1dd5dcec_close%20(7).svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 982fbd969d95acfbb66e7cf12bea0af5f3b53aecaa57132311293d08d6d0c12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:29 GMT
x-amz-version-id: psO52ryxbjjoAgnBOXXCA45ea6xxs.ez
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 375
last-modified: Tue, 11 Oct 2022 16:03:34 GMT
server: AmazonS3
etag: "608226810349a5cbcc95770a84720874"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: QGrA0pClPAYTYY2lvG9IG8XYe9T6sbvPureXl3e1xaUcOKC1qBoFGw==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 104ms
28ms Script
application/javascript 52.222.232.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=608c2a0b35c2d32c9ff7121f
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-144.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.provenance.org/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 01:31:26 GMT
content-encoding: gzip
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age: 13410
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 7K24CAyINjxBpD0fXqzQvPssB2O_oJ3w_t9B2bnKEdsKFQUdkB0Plw==

GET
H2 200 webflow.81d312590.js Show response
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/js/ 289 KB
78 KB 24ms
24ms Script
text/javascript 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/js/webflow.81d312590.js
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f78a1827b2ca1f0f510bdc3b296e8a98867b472fc1115b72667e27fcb061aef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wSdXl_wSBljSeg0S04bmxN3.zEQbKMqI
content-encoding: gzip
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 14:57:31 GMT
age: 51446
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 79370
last-modified: Fri, 21 Apr 2023 13:20:35 GMT
server: AmazonS3
etag: "630ad9d11887d5ce45e934a1b5c4d805"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: lQH9Sv7bv29Z3B9PJm9JHjKhTcIwnUa734HB8nccb9nLl0lqy6rWPg==

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 75ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.provenance.org/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 984294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 746
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DVCPlL8ck9IwguOwFjXtK9hQp2mG9DV03qjGhjsPALq3g4gwchFLP5VTg5NuIT8kjGy1PXk0VItM5fYtCX2lFKQbPeADIldVk1zP5%2FEOwupu4tEFAp3o5B%2BTabXOj7ox0kErUeUCrnVQrgbcA57AgqO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bcbdd999aa82bee-FRA
expires: Sat, 13 Apr 2024 05:14:56 GMT

GET
H2 200 fs-cc.js Show response
cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/ 28 KB
11 KB 68ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/fs-cc.js

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

944b0d2a66fd7c253cb0c368dc1c6b802ecf1ea2b6f1b05b865400fcf57fc445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 05:14:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40458
x-jsd-version: 1.11.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10384
x-served-by: cache-fra-eddf8230135-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"6e44-6QFWM2OT7puhIxEFAaT+kz8i7w4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.provenance.org/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 17:03:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
70 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTDC6DS

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf3600f9028eaed83b2370a17af928a6ef1cb5b04100f3c9c7c36a0a5f52a435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71967
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59977860-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 04:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2352
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 06:35:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
85 KB 54ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P01H6XMGNW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59977860-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

235b96476449e44fe2a6b563b6cfb5be5ecfdc10f03b47e0c79c336934420070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 05:14:56 GMT

GET
H2 200 63874b2d08495cab8d25dc2c_Vector.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 957 B
1 KB 50ms
50ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/63874b2d08495cab8d25dc2c_Vector.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1dbffeb870f3a4a52cce78a3ab9fb0f882e4d715115138280d0eadb603a3e8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: 3EYKlpmMAiXzDxpD.0p2w3ez9FD8IBxQ
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 957
last-modified: Wed, 30 Nov 2022 12:23:10 GMT
server: AmazonS3
etag: "dd2cd10d5cc83ce8e5db21bb095ccd15"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: IF_vdT7Xubi1uywQ0Y2JPLhEFkoLzWo1RNCu6EB8t3KJ9XRz-55rVA==

GET
H2 200 60afba4820a44783e9679c52_bullet.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 577 B
1 KB 50ms
50ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/60afba4820a44783e9679c52_bullet.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59984b8e839c8da5060be35035769e5eb7cb05bc7607fc619a1fa229ea739c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: k6oS0y62UPqmUZs8AIxsDftnBLzq_2sQ
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 577
last-modified: Thu, 27 May 2021 15:27:06 GMT
server: AmazonS3
etag: "be26ab7aaad53ca98045ee5dda38e5e0"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: CSdbcmPtME21d4pT7npB9vpfgHgXxKKDW6fjPhj6UaUmuIeQr0NmpA==

GET
H2 200 60a74c1794ad2b74c4e47fc6_icon-right-arrow.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 266 B
725 B 51ms
51ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/60a74c1794ad2b74c4e47fc6_icon-right-arrow.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b98b79b4de95f3a65532257333bc593624fada353e180509bac1ae4d70accc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: T2Y1v.leTUiZwiYZkH8znSo5nYiYf2Dq
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 266
last-modified: Fri, 21 May 2021 05:58:50 GMT
server: AmazonS3
etag: "b2d0ea1a326a763793c504d9d34c0b37"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WQB09ngw_EI-b2ASxOodWcuE9VWEy0mUXX28CP5ZFGXpv2UKa-aPUg==

GET
H2 200 62d7c7df9b7ee71724866d32_Alicia%20Hickey%20Cult%20Beauty.jpg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 117 KB
118 KB 52ms
51ms Image
image/jpeg 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/62d7c7df9b7ee71724866d32_Alicia%20Hickey%20Cult%20Beauty.jpg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8db17b72f73d2b73029596217ee414aed9d11bbed02badb51cbe50af3fa28937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: vH7R53LtDcrMLSEMG2Md5E8xQxFvqTgk
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 120038
last-modified: Wed, 20 Jul 2022 09:16:17 GMT
server: AmazonS3
etag: "3ae8ad02ae15928349192a27af566221"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WGdI6mN_A0heh17910FQUlWnb0WCF7LB_R4x0Q3jfGX_6S4kS0R7vQ==

GET
H2 200 60a68886ab9ed347fd9d9bc1_proxima-nova-regular.ttf
uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/ 105 KB
51 KB 87ms
26ms Font
application/x-font-ttf 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/60a68886ab9ed347fd9d9bc1_proxima-nova-regular.ttf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be4a2bab7432354c326dca0c9c2c4fd905dfadd47617677c59340f71a3ca7369

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:39:32 GMT
x-amz-version-id: 3UYlSA__OHS56UYb.qcObBjtykOcnrzx
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 11298925
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 16:04:24 GMT
server: AmazonS3
etag: W/"12b02631f4cd70de2417c0dab52c8bce"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: bgDGPi14E9F7Fi3ZiGqB4dDLLbn7hJuOs6i6Iosad9dSEWz_BEeCNA==

GET
H2 200 637fa663bc7467737f61ffda_Alice%20Langston%20haedshot.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 1020 KB
1022 KB 53ms
53ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637fa663bc7467737f61ffda_Alice%20Langston%20haedshot.png
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d367b7ea8da4698ae9fb65b0f6771f33ee364c3a78ad9bd4b902bc556971d254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: gsel09SfW3uBreOhC0wL0FxmZfgjDxwG
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1044733
last-modified: Thu, 24 Nov 2022 17:14:12 GMT
server: AmazonS3
etag: "1f02a5215970a28f95acd6520fbf850d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 9IJLz0Y5hDXLIu3WZXL3DjF5PFaG-8p1qMjncIOowsZONFpEh9U0-g==

GET
H2 200 60a76bdfa3ba3a00743afb71_newsletter.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 671 B
1 KB 51ms
51ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/60a76bdfa3ba3a00743afb71_newsletter.svg
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 889f6b5eb2a9f09e6bb1c1d6b6dd2ca7a85f1ad7dc23f520481efc08a69c9034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:30 GMT
x-amz-version-id: ZkP8C64ys0IacivJt0P52_fZ2XnH4tjS
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 671
last-modified: Fri, 21 May 2021 08:14:25 GMT
server: AmazonS3
etag: "51e3fc4f45c5013a468ad62d99cff71f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: PBdQTH5wDJgUR3RvNenpVa7ygWR3RoHHCeZ_RnyhMgFyUja-F9VhOg==

GET
H2 200 60a6888648c7a28cf4601877_proxima-nova-medium.ttf
uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/ 105 KB
54 KB 106ms
46ms Font
application/x-font-ttf 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/60a6888648c7a28cf4601877_proxima-nova-medium.ttf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e8af856d8e9ed09b0bdf9eb33c5fc52bd03e4ede547e0ea4681fb056930ff2b

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:30:52 GMT
x-amz-version-id: XC7KjUveJmlU5aOMpa6CRxCNZMJxBwnx
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 8203445
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 16:04:24 GMT
server: AmazonS3
etag: W/"b97f1f36d86ed71dab6f2554e3af31a0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: Fkl0VhLflHRTDxMdc7mRc_IR6Mos_dpnP7UF254lsrdqvsFr3hxOxQ==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 60a68986145ee9646fa6ec71_basis-grotesque-medium.ttf
uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/ 108 KB
37 KB 120ms
61ms Font
application/x-font-ttf 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/60a68986145ee9646fa6ec71_basis-grotesque-medium.ttf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 387b77b93b1f6167d4c5644320a85c77266cc0074d56d1100c82d244626df553

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:39:32 GMT
x-amz-version-id: p7MRTH3W6aHQJmt06lJOO6h3TvEH4az1
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 11298925
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 16:08:40 GMT
server: AmazonS3
etag: W/"02712ac145446a3696611a8267f96fee"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: YglYwyZxqBgF_HqTvsF4SSJDCGAKiTKHOJTUN--1zdlaQ7VBhZD9XQ==

GET
H2 200 60a68886328ecc60f15cdbdb_proxima-nova-bold.ttf
uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/ 104 KB
50 KB 123ms
64ms Font
application/x-font-ttf 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/608c2a0b35c2d32c9ff7121f/60a68886328ecc60f15cdbdb_proxima-nova-bold.ttf
Requested by: Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/css/provenanceorg.webflow.ef0f48e0e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6da8a0dbebe5d720d7f9204b0eea6d0d22b67a0c2969c961c24055c40366021d

Request headers

Referer: https://global-uploads.webflow.com/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:39:32 GMT
x-amz-version-id: g7aG5qYW3bUiR0SKV.8FD1E96U0.rzVK
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 11298925
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 16:04:23 GMT
server: AmazonS3
etag: W/"305ea35a16d16a04b338642077a56f65"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: LuVcbFwpfdI6p9B9AQmFSJpRfyMih0sSvjmSvsZs5ziHHoqp5mk02g==

GET
H2 200 60a685a2dd9fae30d29a5427_logo.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 3 KB
2 KB 104ms
100ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/60a685a2dd9fae30d29a5427_logo.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 712e3fb6243a045999beddafd0c21aabe608e499166eb912d526e42523d5eb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:14 GMT
x-amz-version-id: XZoka2jmCArL.6BwZQDP3Q2VqkrEAxb2
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298163
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 15:52:05 GMT
server: AmazonS3
etag: W/"e8b300dd22d23c8baeee987a33c668b1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: pafZJDp_n_ghSgTAg9hgsmV0cvtatxV5B59lNr5wStiPji3KXs691A==

GET
H2 200 6303952c3bc94b0b3746df36_Dr%20Barbara-p-500.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 12 KB
12 KB 107ms
102ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/6303952c3bc94b0b3746df36_Dr%20Barbara-p-500.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 408766a9c1195e3ff10aa0191c69641214ac98fa2518170f013a657feb014766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 07:12:01 GMT
x-amz-version-id: 2Z2NM9fm6.q2wMFFCpUr61OxVxMt.8Z7
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 7164176
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12320
last-modified: Mon, 22 Aug 2022 14:39:42 GMT
server: AmazonS3
etag: "2fee9001a0063df50224269dea6b738d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 5tNCNFRHesuih35-iXAFJYwLza4UbOWdCFiYZ22LnhOHcs_zQ08_-w==

GET
H2 200 621e1eebbd3672823abc776e_Group%20484.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 10 KB
5 KB 104ms
99ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/621e1eebbd3672823abc776e_Group%20484.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7286e8fafd16b3c711b7b6226aa817e1a85c34fbd6ad90b4115a9b49f939fd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:14 GMT
x-amz-version-id: tQg6pmYyibuzr9YUbG_hGVMqlQWPhaOY
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298163
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Mar 2022 13:26:04 GMT
server: AmazonS3
etag: W/"2b92abaa29afb153b1a17765ee4c290b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: vL1BB5ZRKw6ZJhqZjnxsY24BsXpQBq4hWZmeYVfMiaWMSCWvFvp_NQ==

GET
H2 200 621e1eba7314f6b2febf1319_hourglass_brl%201.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 7 KB
4 KB 104ms
99ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/621e1eba7314f6b2febf1319_hourglass_brl%201.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14acb316f19afdd3f21e61c14d51a68bcc62bdd63a6d35e8a901a062c1edf122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:14 GMT
x-amz-version-id: 5ERy9u6eHZ_lRTBG8oRw07Tp8eaz5PvG
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298163
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Mar 2022 13:25:16 GMT
server: AmazonS3
etag: W/"f210768a03ca1437c8ba9e1479089ff6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: YnYgUhZyeUXy432lJJSnBgh8WvcowEb3VNCqHeI4tvU9YWsW888LnA==

GET
H2 200 637ead1fc5a4566ba27f0f6e_17673_Pukka%20Logos%20-%20CMYK_Brown-p-500.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 16 KB
17 KB 104ms
99ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637ead1fc5a4566ba27f0f6e_17673_Pukka%20Logos%20-%20CMYK_Brown-p-500.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e756a6929b30bbe1a06290b8cab165fa071581d6c34d5b9cb235d1a16adf2d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 13:58:02 GMT
x-amz-version-id: 5MnxALUF3K36XmAfW0v2SKzMFc_kqKO_
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 9213415
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16699
last-modified: Wed, 23 Nov 2022 23:30:44 GMT
server: AmazonS3
etag: "84d38e0fe2d7f8a25700a64a0dee7b08"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: KKkr8PLsAo9GSqLvuw0CxuPOrihjEdy9SSJZOPLQ2QpELOzZKGLp-w==

GET
H2 200 642589222fee170097f7fba4_sbtrct-logo.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 8 KB
2 KB 104ms
99ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/642589222fee170097f7fba4_sbtrct-logo.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9280ca614fd7926d8c54bf7a16ec1a51bc27972e7088e4cd8030f94e0fc5faa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:36:49 GMT
x-amz-version-id: 7NDd02Br2dnZxVUXVbCKc_NPJkez4M9n
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 2108288
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 30 Mar 2023 13:05:40 GMT
server: AmazonS3
etag: W/"a48125be5594e06bf30afff2054a3a17"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: D5hGQV30MBE5C9AcolQ9t7U7khJjh6LSrJ1t1T89L0Snebd1WNQdjQ==

GET
H2 200 62273f9912cbc97c346e3aa5_UD_PDB_Full_Monty_Stacked_BLK.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 15 KB
6 KB 104ms
100ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/62273f9912cbc97c346e3aa5_UD_PDB_Full_Monty_Stacked_BLK.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df4c888fc2647df26a59bfe7d67077cd40d7ee0def4c3e865c08dace35c6ba7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:14 GMT
x-amz-version-id: yUbMzrGGQLmZNcQos2AnoVdO49Bm21X7
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298163
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 08 Mar 2022 11:35:54 GMT
server: AmazonS3
etag: W/"43baa848f40a0ae8d0fb2b419a75a907"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 8E_2y7K_Zfp-NcXp92xakM0ozBTGEG-h92FeC3uV-l-RaipPTejrTw==

GET
H2 200 621e1ebb5b301d3dc0119069_CultBeauty.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 12 KB
6 KB 105ms
100ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/621e1ebb5b301d3dc0119069_CultBeauty.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f76f266dc11aee8a240385e573abb6dfd5abcc79dbad6614927bb679e595a160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:22 GMT
x-amz-version-id: FKj6eR1DO6xgSE4XOt2GDsKHHwDAQCxO
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298155
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Mar 2022 13:25:17 GMT
server: AmazonS3
etag: W/"495a3675e8ef48001e274f0109751231"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 6_0KyBnUG9Zx9dpZHt1d3dq9ZODNaTgoXBDtmMtHxR0dkLJ_PclTcw==

GET
H2 200 637f8ee24e36526bdd5a0834_637ead1f7a9f4c14b06e389f_belu-water-for-office-zepbrook-refreshments-3.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 7 KB
8 KB 104ms
100ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637f8ee24e36526bdd5a0834_637ead1f7a9f4c14b06e389f_belu-water-for-office-zepbrook-refreshments-3.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40d52679d3df71150fb08a5cbdf3db6cf9a8dff2afdc5abfe296141c54cdb22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:29 GMT
x-amz-version-id: NbTz91TljQ55ygqAr.8JjN.Dw5yaMrtW
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7490
last-modified: Thu, 24 Nov 2022 15:33:56 GMT
server: AmazonS3
etag: "a6724e38fadd4a63b492438d5cbf54bd"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: kIVVi98Y8f3Rlfp5_HwIACmRHonEmnGeaJ-d8hhNzuFfqh7BCnOiRA==

GET
H2 200 60c845ec19dbd4bafd43193a_cult-beauty-logo.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 4 KB
4 KB 104ms
100ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/60c845ec19dbd4bafd43193a_cult-beauty-logo.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3791ac048485837b50f3f5cbc106baa681fd1a918486523fae82fbdc32d24131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:29 GMT
x-amz-version-id: O3IWz3D1zwpL3FGxZf9KH.gKgEGQwxKs
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4046
last-modified: Tue, 15 Jun 2021 06:17:18 GMT
server: AmazonS3
etag: "95f5a76885a8818a64ef7e42fca45423"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Yr115j0X01yCNF_cVinsWYGrk5Kb_w4Yjuy9-nLtH3goq7ytVx4Hbg==

GET
H2 200 637f90007641892b734a8b97_Group%20453-p-800.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 87 KB
88 KB 105ms
101ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637f90007641892b734a8b97_Group%20453-p-800.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c48ebe60d741a656802ab556d536312b305bf779bc3ce89ab616c4632047c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:39:09 GMT
x-amz-version-id: EbmHs8Y7WQpGIBTxgo1KZd82tz14NErC
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11050548
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 89558
last-modified: Thu, 24 Nov 2022 15:38:43 GMT
server: AmazonS3
etag: "a3cd960278b73423cc5382789c6cf803"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: pb4G5uS0OseMF9ArdqI6AMLPm2j9-MwhBhfVfLDQlA5OdqObPL-KqQ==

GET
H2 200 6384c2cf8c40a7690ca262a8_Frame%2013%20(3)-p-500.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 64 KB
64 KB 105ms
101ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/6384c2cf8c40a7690ca262a8_Frame%2013%20(3)-p-500.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32c89ba86c472c8e901969cf1f15c2ebd82f2c17884923b396d3ea9074f01729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:04:03 GMT
x-amz-version-id: NZRGghksxkFTqXfcZgiAviUvR_DiyrOS
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 4612254
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65467
last-modified: Mon, 28 Nov 2022 14:17:03 GMT
server: AmazonS3
etag: "1b21b02bf165e61b1720608848a9b212"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: C1KAWgTVQfOWcSktmOp-lgQA4eusRxxuspaXFRw7mV85dPOuMXfXVw==

GET
H2 200 637f923e49771b33869b603c_Group%20454-p-800.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 64 KB
64 KB 105ms
101ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637f923e49771b33869b603c_Group%20454-p-800.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e18b9e7ee04817732c43970a7aee79c461da78a69036266864d57d4252a22db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:33:35 GMT
x-amz-version-id: tIjc5a2Ds6f.l_05Rr_f8jLBG5eTntbe
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 7810882
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65098
last-modified: Thu, 24 Nov 2022 15:48:17 GMT
server: AmazonS3
etag: "31a7cd7e8415dfa2dd4531f28bc96145"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: f9INmfjziUI23B16yu9raMuknN69wW-0Cm_bA57RSYvt5vUTSCbtwA==

GET
H2 200 627a86e32c8a7fcd9350d277_1.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 348 B
809 B 105ms
101ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/627a86e32c8a7fcd9350d277_1.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65a45b01e3489d1162743deebf3ef170537a682cc041d386f8d39b94b664da2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 11:33:53 GMT
x-amz-version-id: FxurGzFuRb_1sK57RAcnV20WqDrWW60T
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 10690864
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 348
last-modified: Tue, 10 May 2022 15:38:13 GMT
server: AmazonS3
etag: "751e16b5d9b59ca340dc90bf1d15596d"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XSTp9xJs3yX6IUGgM7fFNG6rkP0QD5-UYCcY8HEtBdDxIcHur41S5g==

GET
H2 200 627a87b575ed9f88ec514afd_arrowr.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 292 B
751 B 105ms
101ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/627a87b575ed9f88ec514afd_arrowr.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d3712b13690fb7409a0137028f7f21811672ee4764bd9c088ebc508fc1cfdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:58:29 GMT
x-amz-version-id: UCVHU6vltVRiNrjEFMjdnZCbuGZOkuDY
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11117787
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 292
last-modified: Tue, 10 May 2022 15:41:42 GMT
server: AmazonS3
etag: "035c27e9ea21b1bab00ea22b648c30ee"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 99HkA6WCdldVbrxbZ6PrrAMeJKkG5PK5_uIzzbgmhgKTzN7OP5dl1A==

GET
H2 200 627a86e35dc33c21917417a5_2.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 1 KB
1023 B 105ms
102ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/627a86e35dc33c21917417a5_2.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b1d2d9a1de580d09a308bd71f1f3805881da8d6e04f2e6d46d110c9114aa4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:55 GMT
x-amz-version-id: 477PLMUzkET52lhQf05B6majuogRqdag
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298122
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 May 2022 15:38:12 GMT
server: AmazonS3
etag: W/"6c5e0d8ed578105fba8f9490b9d32f6e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: XRo84ctGqXpCFz36NGjo3Is01_-0l-I2wdnQggJUwq7MWWmL5TUO_g==

GET
H2 200 627a86e37ea92848d46de719_1-1.svg
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 1 KB
1 KB 105ms
102ms Image
image/svg+xml 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/627a86e37ea92848d46de719_1-1.svg
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69c80302e8a0dae95e538408a8777c713f2e2d4e9f9da82b6289ab77a0441740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:52:55 GMT
x-amz-version-id: q4oa8cIXRY6hdB3VxUf7NpNg2t.jfKZ5
content-encoding: br
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 11298122
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 May 2022 15:38:12 GMT
server: AmazonS3
etag: W/"e5df76ea37e6e7eb8aa8227211fa581c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: EljAO9DoVXzB4pIDa6wxiTdE9-HfgVjZ29Tj4YTwnYMdAW_SBtUCuQ==

GET
H2 200 637f95512d963b1b964b550f_Group%201%20(3)-p-1600.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 313 KB
314 KB 106ms
103ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/637f95512d963b1b964b550f_Group%201%20(3)-p-1600.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bd3781e97d0fa717e061812fe52562b403599afc908a1585e7cb96991d8ed73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 13:58:04 GMT
x-amz-version-id: Ibm49J78ZrbefYZCyYv0qaUA0BruOo.M
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 9213413
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 320502
last-modified: Thu, 24 Nov 2022 16:01:33 GMT
server: AmazonS3
etag: "e1761b0cec851722a5981ddf8f61772e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 11HycuL6fG09IWRExhd0xeEwwn7pgUDPjDVv_QvHDSLmMc-_AVo0hw==

GET
H2 200 6387510a60a41550a2ba462a_Jessi-Baker-smile-headshot-provenance%201-p-500.png
global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/ 88 KB
89 KB 105ms
102ms Image
image/png 52.222.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-uploads.webflow.com/608c2a0b35c2d32c9ff7121f/6387510a60a41550a2ba462a_Jessi-Baker-smile-headshot-provenance%201-p-500.png
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5287e04c1f26e071bd36a5cf1f50552744f64e56c75e1815230afb7ddb635abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:28:00 GMT
x-amz-version-id: po9PiJHg740lUSE0cWkhk9rJUaay55PF
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age: 9049617
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 90596
last-modified: Wed, 30 Nov 2022 12:48:20 GMT
server: AmazonS3
etag: "f7f7b260b1e04a89d231b51e00bc1fbc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: A_QlpY5BboDszef0QcKEFpUhjoT7btcCZevMrLHOCYZRo04JutfCZA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 27ms
26ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=531016328&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provenance.org%2F&ul=en-us&de=UTF-8&dt=Provenance%3A%20Sustainability%20Marketing%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=94370295&gjid=684448614&cid=974813493.1682313297&tid=UA-59977860-1&_gid=1639400882.1682313297&_r=1&gtm=457e34j0&jsscut=1&z=258881496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 05:14:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenance.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2820385.js Show response
static.hotjar.com/c/ 9 KB
4 KB 132ms
52ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2820385.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTDC6DS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

420be8c50845cb4172ee78602130eec5236d852255303e967d5ff786eab1d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 05:14:57 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c4aa8433c0597458c1b1a07d3da468c2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5VZeKwEz_4CplFIQKNhlnNzSPdBVB3333ncnBqnOaWFZYrhzAxeLiQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 28ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=531016328&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provenance.org%2F&ul=en-us&de=UTF-8&dt=Provenance%3A%20Sustainability%20Marketing%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1085402478&gjid=1249533750&cid=974813493.1682313297&tid=UA-59977860-11&_gid=1639400882.1682313297&_r=1&_slc=1&gtm=45He34j0n81TTDC6DS&z=84910791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 05:14:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenance.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 169ms
81ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=42551
accept-ranges: bytes
content-length: 4777

GET
H2 200 25866765.js Show response
js-eu1.hs-scripts.com/ 3 KB
1 KB 143ms
60ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/25866765.js
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87550dc5f5ca88afca2f312c9f5b89bf148ba49357bc54462ee97d21a6e1fe9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 13cdabb3-7a84-4b66-b195-6f7bc41a96f4
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 25
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 52db9d62-cae7-479b-a5fe-fd6c58284e2f
last-modified: Sun, 23 Apr 2023 07:33:54 GMT
server: cloudflare
x-trace: 2B4E3BD622BDFF53D81A468FBD6839067B91C93B03000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.provenance.org
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-tnzn6
cf-ray: 7bcbdd9b3b72bbdd-FRA

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9918 50 KB
28 KB 49ms
46ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=28abh1z296vd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50292a92a40262e23e2755fd1af534d83a96a31b1ebd67ae0ec84be5b022de4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JFrwefLf3gib3YlsAr5E0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28038
content-security-policy: script-src 'report-sample' 'nonce-JFrwefLf3gib3YlsAr5E0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 05:14:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A8BE 50 KB
28 KB 42ms
41ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=m21vbik8ug25

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5089a2419542b7abd162dcef7560dc98f9d4e58be5e4f37243d02f41aabe522e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4Jok9i64rT2x8Q69e-xm_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28108
content-security-policy: script-src 'report-sample' 'nonce-4Jok9i64rT2x8Q69e-xm_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 05:14:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 94ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P01H6XMGNW&gtm=45je34j0&_p=531016328&_gaz=1&cid=974813493.1682313297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682313297&sct=1&seg=0&dl=https%3A%2F%2Fwww.provenance.org%2F&dt=Provenance%3A%20Sustainability%20Marketing%20Technology&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P01H6XMGNW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 05:14:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenance.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 101ms
34ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P01H6XMGNW&cid=974813493.1682313297&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P01H6XMGNW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 05:14:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenance.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 103ms
38ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P01H6XMGNW&cid=974813493.1682313297&gtm=45je34j0&aip=1&z=321922630

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 05:14:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame A8BE 55 KB
24 KB 70ms
28ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=m21vbik8ug25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 16:26:27 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame A8BE 410 KB
165 KB 91ms
49ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 17:03:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 9918 55 KB
24 KB 55ms
21ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 16:26:27 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 9918 410 KB
165 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 17:03:22 GMT

GET
H2 200 modules.3af729e1390c31850528.js Show response
script.hotjar.com/ 261 KB
68 KB 99ms
25ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3af729e1390c31850528.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2820385.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

053d91350c461f9bb575c22e2be01f990429addd476b87aea57c4b882dfa002a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 229550
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68732
last-modified: Fri, 21 Apr 2023 13:29:00 GMT
etag: "56e75754cb5d7b057018594e30193ba6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: GHoK34ByQ6YJ9QxUuda0dMLZKhaTSYq0tBTRCneKY0htSd0KZddNAw==

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 134ms
37ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3896d7f290c7d0517b49387537619d16697a856032f7b32ab1e5d59e146ab874

Request headers

Referer: https://www.provenance.org/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-amz-version-id: RRXUnHVzHJq1aZcQLM_lvgLsL.pkL5b0
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.351/bundles/project.js&cfRay=7bcbdd9cabbe038e-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad650f3a-7907-49c0-b78a-efab82520e2b
last-modified: Tue, 18 Apr 2023 10:07:51 UTC
server: cloudflare
etag: W/"bacdce2e1da562c87f37454206c81c80"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-52dth
cf-ray: 7bcbdd9cabbe038e-FRA
x-amz-cf-id: Fu7tGNyqNp8AY_DWtTtnr6f1GUEkfi_m-_HFdRGlmJXSbFEWfWYVcQ==
x-hs-target-asset: collected-forms-embed-js/static-1.351/bundles/project.js

GET
H2 200 conversations-embed.js Show response
js-eu1.usemessages.com/ 75 KB
22 KB 101ms
43ms Script
application/javascript 2a06:98c1:3200::90:3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.usemessages.com/conversations-embed.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44eba5892aa4be4608e9129809cd34114fe2483da700936fa22c67b189efe656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-amz-version-id: PmE6jtF9ZQXSzWtTOS8X8kt8dhw_.942
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 585
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12949/bundles/project.js&cfRay=7bcbcf536edf35f9-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 864d08ce-89ec-4aae-ac4d-0c422bea3b82
last-modified: Fri, 21 Apr 2023 07:18:42 UTC
server: cloudflare
etag: W/"2aa3f2d586a4999ea21a8aa7e915a709"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-52dth
cf-ray: 7bcbdd9c7daa3675-FRA
x-amz-cf-id: tkadtujH1ocaxoql3HD08aRUzoosKDk0UQctjfX5vj4NzPUo3mGbAA==
x-hs-target-asset: conversations-embed/static-1.12949/bundles/project.js

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25866765/ 208 KB
64 KB 366ms
55ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25866765/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2813c6a33752e58e787ca8400c73dd10556e6545f781c81b660ca64c2d0b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-amz-version-id: OIyOX78fza2O9h4h3GWOjhQsSasbpSsP
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: SCYBAPAWXX0MYG2P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 101
x-amz-id-2: IzJ0EL+VjYT54lygE19FC8pHGJRFlwvCUGOyTF0q6Ws1BMERvKgWe3M5L9fqY/P9PEIz99EDGy8=
x-evy-trace-listener: listener_https
x-request-id: 12b4d3f4-0dc2-4797-aefe-f56077aec048
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 16:44:50 GMT
server: cloudflare
etag: W/"cd49430d178fe626c2186e15a1fd5aae"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.provenance.org
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-67bc97b8f7-kwjqm
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7bcbdd9df90e2c77-FRA
expires: Mon, 24 Apr 2023 05:19:57 GMT

GET
H2 200 25866765.js Show response
js-eu1.hs-analytics.net/analytics/1682313000000/ 65 KB
21 KB 388ms
77ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1682313000000/25866765.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed831b7c44201e95448971cbeeef948fcbde074ee273a55847a5448140e90bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 758XF3XZRPYB759P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 23
x-amz-id-2: I6JwJQphg0r9bovVo/IaIRgWwMRB7NokbZK4S159LXu2fhPBCd1UHO9ILwPXFK6SCTHTFiUggCQ=
x-evy-trace-listener: listener_https
x-request-id: f54be80b-ee5a-41c5-be42-87846b5e7322
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 14:18:57 GMT
server: cloudflare
etag: W/"f5779a7d71fbe5dcfc60c8b77f2ed9cc"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-67bc97b8f7-kwjqm
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7bcbdd9dfb0f697b-FRA
expires: Mon, 24 Apr 2023 05:19:57 GMT

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
3 KB 337ms
32ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hsadspixel.net/fb.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-amz-version-id: .SjrrXgKPXt.4Z9u7JrAeq5b0ko7RK6Q
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 465
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.360/bundles/pixels-release.js&cfRay=7bcbd2406f3491e4-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b40cc467-c543-44b8-a615-187ed63fa604
last-modified: Mon, 17 Apr 2023 03:30:21 UTC
server: cloudflare
etag: W/"1ecc18fb1c2090998fc7361c029fa6a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-sr8l9
cf-ray: 7bcbdd9dfa2330f0-FRA
x-amz-cf-id: GL-OtbsXziss7rUjS74sWwlaEDwXSqMiV7hHdxQjkjrRwzaAJMgzlQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.360/bundles/pixels-release.js

GET
H2 200 feedbackweb-new.js Show response
js-eu1.hubspotfeedback.com/ 28 KB
10 KB 149ms
42ms Script
application/javascript 172.65.193.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25866765.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.193.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30dbd1cb83cbc964e7a70d069c59c43a43dc239345838a3efad8d4d3fa0b1078

Request headers

Referer: https://www.provenance.org/
Origin: https://www.provenance.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-amz-version-id: lMD10xOdC2SDzKXoEuri_PwXuum1BcVw
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.14622/bundles/popupInjector.js&cfRay=7bcbdd9d18893a98-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 125816f6-2d11-4890-a5fd-648871f616ec
last-modified: Mon, 03 Apr 2023 08:28:36 UTC
server: cloudflare
etag: W/"e4331d0404352b39aa11ba8a8c24bc44"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-sr8l9
cf-ray: 7bcbdd9d18893a98-FRA
x-amz-cf-id: rhS_8cPe34tgTUucGegLtnSGWt99ow7PW04hhVs6q6bTQUqepeOetQ==
x-hs-target-asset: feedback-web-renderer-ui/static-1.14622/bundles/popupInjector.js

OPTIONS
H2 200 public
api-eu1.hubspot.com/livechat-public/v1/message/ Frame 0
0 127ms
43ms Preflight
text/plain 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=25866765&conversations-embed=static-1.12949&mobile=false&messagesUtk=3ff554af082f4a08872555fbd343739e&traceId=3ff554af082f4a08872555fbd343739e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.provenance.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.provenance.org
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bcbdd9d5e2f6943-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 24 Apr 2023 05:14:57 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i06lG1d3UmNra0iBqp6FzY%2F%2BymkG1XOClNuHSgrRqFREs77V15Jp9qocYN2j4wJj3Gm7LORZHX6js9Bgqj%2BujgdTE%2BYNwse30hpJJWWrZ1ratnfTh5LcVsfHYm2ZN8O9iow0Jk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-7wrns
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 68fcfd3d-6220-4865-ba34-96f19c8acbf6
x-request-id: decec3d2-b25a-4d72-94c0-aacd65b85ea4
x-trace: 2BB3ED10A21C24B1C35C3CCE42E222E918D65C86AB000000000000000000

GET
H2 200 public Show response
api-eu1.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 81ms
81ms XHR
application/json 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd6ea3266d8344867904e41c60df88de641ea34b8975df749a081fa45d7418a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id: 11421f98-a452-40a8-87db-0649a85ef46c
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1419
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 080df33c-002e-43d3-8173-663f69228442
server: cloudflare
x-trace: 2B21F3F133A431D8691691409F23456AA272B82EBE000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provenance.org
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-7wrns
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFaIC%2ByZzmoIe6uKWuxPAX4GAAsL6SS%2FzI38WO2wEHIU7nTFIubsRuP5627J7T4w7nGk5RkjWhCuKS0%2FHxgdZOcPqRCgbUB%2B1XCIgW0EYgl8dasjJnGrVZpoKEvBr2TKJ3MrLqA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bcbdd9d9e666943-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 116 B
452 B 59ms
48ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25866765&utk=
Requested by: Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c065610b3d62a85dc0ce3c2b174281f616f49708f553b394dbb38a7462944e0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 4643cb1e-a7fb-4788-a9d2-30fa29ed50be
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9d6b42b6-3ce8-41e7-8728-45395cb83f2d
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provenance.org
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-twngm
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7bcbdd9d3c3f038e-FRA

GET
DATA 200
OK truncated
/ Frame 9918 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9918 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9918 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 109342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9918 15 KB
16 KB 76ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 107182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
DATA 200
OK truncated
/ Frame A8BE 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A8BE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A8BE 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 109342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A8BE 15 KB
15 KB 40ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 107182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9918 102 B
134 B 28ms
28ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be00e32745c8f3253a510efcfb4c728f018a4bb685589b668c460af2064b6135

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=28abh1z296vd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 05:14:57 GMT

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1007 B 120ms
39ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 05:14:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 1326cd64-144d-4ccd-8cf0-2a326bea8f11
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b93016cf-d1ef-4bbb-b679-96690427cfb7
Server: cloudflare
X-Trace: 2B3EEAF77FA6F456BFF30ACD4C2B94B4D048BA8886000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-6c4bd954cf-wpv7z
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7bcbdd9e4c0e904e-FRA

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A8BE 102 B
134 B 29ms
28ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be00e32745c8f3253a510efcfb4c728f018a4bb685589b668c460af2064b6135

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O&co=aHR0cHM6Ly93d3cucHJvdmVuYW5jZS5vcmc6NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=m21vbik8ug25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 05:14:57 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2820385/ 148 B
322 B 159ms
55ms XHR
application/json 54.72.37.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2820385/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3af729e1390c31850528.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.72.37.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-37-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff

Request headers

Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 3ff554af082f4a08872555fbd343739e Show response
app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/ Frame A4BE 53 KB
19 KB 202ms
110ms Document
text/html 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/3ff554af082f4a08872555fbd343739e?uuid=16a077cc88bb44329616794b9a1b3ae5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=provenance.org&inApp53=false&messagesUtk=3ff554af082f4a08872555fbd343739e&url=https%3A%2F%2Fwww.provenance.org%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5442f1ca27d7e3257255540333799f820b2497b06d824d8c97163a12b7b25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7bcbdd9f5fd86921-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.15401/html/index.html&cfRay=7bcbdd9f5fd86921&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F25866765%2Fthreads%2Futk%2F3ff554af082f4a08872555fbd343739e%3Fuuid%3D16a077cc88bb44329616794b9a1b3ae5%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dprovenance.org%26inApp53%3Dfalse%26messagesUtk%3D3ff554af082f4a08872555fbd343739e%26url%3Dhttps%253A%252F%252Fwww.provenance.org%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.provenance.org%2F&cfenv=prod&pdt=2023-04-24&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 05:14:57 GMT
etag: W/"e5959a3066b29d7719d7aa42bccbe1a2"
last-modified: Fri, 21 Apr 2023 07:18:42 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7bcbdd9f5fd86921&resource=conversations-visitor-ui/static-1.15401/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-id: uYUgPTXK2j6D5E5bB3tzhM1Et8njKmo-Fw01SROtr9dK9WnMZt5Bxw==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: y1iGkjmaU1K_JeQPHK1_giPAUm2A01dB
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-58fddcdcf9-52dth
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15401/html/index.html
x-hs-worker-debug-mode: false
x-request-id: 7860011e-b043-4bbb-a411-5538c4cff1e5

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4056090/domain/provenance.org/ 36 B
377 B 107ms
22ms XHR
application/json 2600:9000:20eb:2c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4056090/domain/provenance.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 00:56:23 GMT
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 15514
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=28597
x-amz-cf-id: gOzxtVb32hssGl-bc8xKlxtFAYCaZmZtRC5wDS7RmITV0juuPGGJGQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4056090%26time%3D1682313297743%26url%3Dhttps%253A%252F%252Fwww.provenance.org%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true&e_ipv6=AQJcrDDqOArXQwAAAYexr8C6ODesAF45hXTdeg8382y0Vf2gm_J23-4RZ0p...

0
265 B

215ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true&e_ipv6=AQJcrDDqOArXQwAAAYexr8C6ODesAF45hXTdeg8382y0Vf2gm_J23-4RZ0pIqPVyoe6uBcxMUPtSrcupYEzGMocrnlM
Requested by: Host: www.provenance.org
URL: https://www.provenance.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4A5AB2E32C2242DFB232242AFD6AFB1C Ref B: DUS30EDGE0807 Ref C: 2023-04-24T05:14:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6DhaMR3vYp12oBm6IRA==

Redirect headers

date: Mon, 24 Apr 2023 05:14:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BFDE83926D1D4AF59165DBAF52522A7F Ref B: FRAEDGE1307 Ref C: 2023-04-24T05:14:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4056090&time=1682313297743&url=https%3A%2F%2Fwww.provenance.org%2F&liSync=true&e_ipv6=AQJcrDDqOArXQwAAAYexr8C6ODesAF45hXTdeg8382y0Vf2gm_J23-4RZ0pIqPVyoe6uBcxMUPtSrcupYEzGMocrnlM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6DhaIvqdan+WiGJI48Q==

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 114 B
1 KB 105ms
43ms XHR
application/json 2a06:98c1:3200::90:2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25866765

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e650d61ab725c9286517962e71677234f0dd8d8aea387a25c8112a786c6bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 03879430-8691-4b3d-8a3f-58f490f26fc5
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dc523645-d824-494b-84ee-959c51157c60
server: cloudflare
x-trace: 2B73797D4F13E72EBCF9E1054E5F9EDFA07BEDFF74000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provenance.org
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-7wrns
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAnfZ%2FccDlqnkKLzYxIcKyBdrbeY8%2F0w1tT26Z9Hrb5IQuhWYQbJuCXGv3s3%2BoQ2s02RL0BKPBKI77prX2CKb01Mpt9ZjdFyrEn3KORNlGzACycO9Z1hI9%2FDL9kyt5VOU%2FvLRYzOHol86BY95Uu2lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bcbdd9f89f6363c-FRA
access-control-allow-headers: *

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 190ms
83ms XHR
application/json 52.31.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3af729e1390c31850528.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.31.189.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-189-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 668bbaa9cf43f1bf66d5f8aee90ec9f6061be7a873420214b955bcec0fc63515

Request headers

Referer: https://www.provenance.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 05:14:57 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5EB9 7 KB
1 KB 35ms
34ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13d3286a341a0ab9be5e4e795796accc3c5dd03ac8ba460b59482fc0d0a57d89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4zIV8SXw3HwhdD2rh11VcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1141
content-security-policy: script-src 'report-sample' 'nonce-4zIV8SXw3HwhdD2rh11VcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 05:14:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5D54 7 KB
1 KB 34ms
34ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

379e34b41d5ebb25a361b0cad94e082ea27920e057ab65375c6f99792021e9e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XVxIuIZEzO_u_QDx_J6wDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1143
content-security-policy: script-src 'report-sample' 'nonce-XVxIuIZEzO_u_QDx_J6wDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 05:14:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5EB9 55 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 16:26:27 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5EB9 410 KB
165 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 17:03:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5D54 55 KB
24 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 16:26:27 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5D54 410 KB
165 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&k=6LetqQIlAAAAACvWZdHzlaHRkgQfuTgBj4lcfA_O

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 17:03:22 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.301/ Frame A4BE 44 KB
17 KB 91ms
29ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.301/bundle.production.js

Requested by

Host: app-eu1.hubspot.com
URL: https://app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/3ff554af082f4a08872555fbd343739e?uuid=16a077cc88bb44329616794b9a1b3ae5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=provenance.org&inApp53=false&messagesUtk=3ff554af082f4a08872555fbd343739e&url=https%3A%2F%2Fwww.provenance.org%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0cab7e0449c5a3055a4aedc216e481e07c9dc4fd48fb39aa434961403bd5f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: UarowbKji3_owA5DYGIT6ugGkCEGwWcB
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1693047
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Apr 2023 13:57:55 GMT
server: cloudflare
etag: W/"34e6def95a965c1d7481d8ab8421d6e5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPAkT8ivRQ2moyVV%2FfIzf7SwdJj92jq%2F%2FkG6gYzZgTCOg7qvVJCOeLnCkIuQUgP8YdPyeJDPuq3aqC2tGM0YOqzNnMbG%2BbBMnJGiAziFIS3tdAfOkD2sIeHpju8XM%2BmZ2ZCCEMS%2FVeXecJURfEOP%2Bjc1l6E%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7bcbdda08a18382e-FRA
x-amz-cf-id: 1ikXHsFQXT6AjkhXS1_pJai9BLa4tRkFJ2L5dAd9mQBe6kJqNQkR3A==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame A4BE 20 KB
4 KB 94ms
32ms Stylesheet
text/css 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-eu1.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C1
age: 1743013
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsWuHLmTZiAx2Fs3nybu0RJfzSAEA5l76XD3O8bJ3rXiYLMDT2f4VS2%2FhKGSzPuFGhuQHDToyXis2WHCivvrQYfkxr6dRPW9dxJRcqTPhi6oeNc1LcYgNgWPhb7E%2FIIDlGymbMM7G%2FQi%2F1XE%2FqpH8MMRrlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7bcbdda0895d2c42-FRA
x-amz-cf-id: wKj5nWOeceW4faTuyOKl0ecR0Sxrzo9DvoSxn8nVQRJd6WYEVcDrtA==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.392/ Frame A4BE 294 KB
94 KB 92ms
30ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.392/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a827ba0a43cbeb52e1f7c01fac1d8526f1a927ef58d5a0bc4ea4047a8b47f075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: GyJQrIoHDRIfCuwwSVVsJwX13g1Qp9_O
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1521668
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Apr 2023 11:56:47 GMT
server: cloudflare
etag: W/"90cd3e4c19469ce68f12da7dbe18af11"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLKCIDlAvApVpFODL1LV869zjTwsWAZo4qL4egNAhbVL%2BAGQTrR1gCgswVN8qW10P8m3gjNhMraFGKXuXiEvNeIBkKNwhmu6YkksbP3yxuUpQ%2B0vGMsTgBFJMVswo%2BLh%2F3ZeC%2BGMDQ4sOFlWspuwK42oJt4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7bcbdda08a1a382e-FRA
x-amz-cf-id: r3KHvJk38vhqcwZu0KLiG6li4qwESpPCmiKUwoc5BqU3dBrBaVNumA==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15401/bundles/ Frame A4BE 608 KB
179 KB 99ms
37ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15401/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3519dc59bde8fd2f79ea5fe4ec96483d691fb19a56392144ae80bea65bb580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: y_xd1Hbs1HYEn_Olj7Bx_nbl4vjdlaR9
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 208562
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 17:53:43 GMT
server: cloudflare
etag: W/"0e8e865bb6e0db3e7f9e95c4d0f4816b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hmzoBn6C5SNxhhGne02AuLHWnmYG7QJBzPtZeiA2aYHdZwhpehJLIe3LeJPooDCf5TBEh5YuihlBHfmQ9IJ1i5TPMeFVM8%2FrGvrTdQfnXWcyuOnJXD4ThkSvNsW5j3N8RVF63G6vIu%2B%2BI2PZfQDqwegPtY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7bcbdda08a1b382e-FRA
x-amz-cf-id: SHTDh5oyUT81cNDKqkgdiLDZ0wC-GhaaxtmbItAD7lxb6ehF0y0Ebw==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15370/ Frame A4BE 776 B
869 B 28ms
27ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15370/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15401/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c82e67d2262e57632d0bb164c9f9df72190342737b3140d4e253aab2db3033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: cT2CmTkBQuXQKpx87jBUbopMzUtP7y16
via: 1.1 08829bb06bccf0ab66e6bd5eaa5fcbdc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ATL58-P1
age: 208527
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Apr 2023 13:58:37 GMT
server: cloudflare
etag: W/"86bbf018d11b364017bd6e2671e37f69"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSRw%2FQkBYuMQVQSXVx0QxxdtJAAyQIKQzrHTQkcrCVYaBcYYyWdkpjsJdv3708cl0eKkrKmydwRiQ4iHozfvhTVfy6nxSOLZ7wKXTTe6EsMIJgwUeJEi9qhdy9R4CgP8R95sOv3PLTafhQ6iNqf8lp%2FF2UA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7bcbdda19b2b382e-FRA
x-amz-cf-id: xwYjusjy3pxxtwwpYyCJkePq3r5QBkQwew0_1arW2Hw2peLmn_nfWg==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 Social%20Avatar%20-%20Dark@2x%20(1).png
25866765.fs1.hubspotusercontent-eu1.net/hub/25866765/hubfs/ Frame A4BE 3 KB
4 KB 166ms
101ms Image
image/png 2a06:98c1:3200::90:2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://25866765.fs1.hubspotusercontent-eu1.net/hub/25866765/hubfs/Social%20Avatar%20-%20Dark@2x%20(1).png?width=108&height=108

Requested by

Host: www.provenance.org
URL: https://www.provenance.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d965a4d14663f3483ae4863a4505556aa6c2151e06850cd67be69edbdebc71

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-eu1.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
via: 1.1 1c8c957c4a5bf1213bd57bd7d0ec6570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-51992337595,P-25866765,FLS-ALL
content-length: 3245
cf-resized: internal=ok/m q=0 n=1174+0 c=9+56 v=2023.3.5 l=3245
last-modified: Thu, 18 Aug 2022 11:01:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4XtHy29DfuUeX2-pTW4ZAQDIm9vgTOLORC04iu3DDQ:f90ee7f07b841e9665319f706af622b5"
vary: Accept, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7bcbdda2af463663-FRA

POST
H2 204 rhumb
app-eu1.hubspot.com/api/cartographer/v1/ Frame A4BE 0
1 KB 59ms
58ms Ping
text/plain 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15401

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15401/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/3ff554af082f4a08872555fbd343739e?uuid=16a077cc88bb44329616794b9a1b3ae5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=provenance.org&inApp53=false&messagesUtk=3ff554af082f4a08872555fbd343739e&url=https%3A%2F%2Fwww.provenance.org%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 74743342-8622-4810-93de-f5e857e2a771
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f03aba78-86a8-477a-8d5a-72874b0c2589
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVDwCiX5Z%2Fx1Wz3NrLAmge4XVyzm2BOM4Gfr%2FNXjSLHYe4TUroa7IQflu7ppNnf41gjt2JQXmUuAgsh6qMhf%2BwOsLHXi9mQm7BVqaMSeNJ65fX6373vkOmlcDk5vqgCoDj2FR8M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app-eu1.hubspot.com
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-dwg9v
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7bcbdda24a1a6921-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 welcomeMessages Show response
app-eu1.hubspot.com/api/livechat-public/v1/bots/public/bot/31064827/ Frame A4BE 893 B
1 KB 78ms
77ms XHR
application/json 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/api/livechat-public/v1/bots/public/bot/31064827/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15401&conversations-visitor-ui=static-1.15401&traceId=3ff554af082f4a08872555fbd343739e&sessionId=AG9vRP4j-4-tYYjTQi_csvkdlS9JjjpkeSlf5Et7XcQmuBBYUpwhStLrM_BSRmw0kbVQahtv3lEiIMC7xeB__1sDf4C4eBBp_Ho1Pf4gwZmELO6uZoAeSZka1FhzlkZVkrKQ-w-TFG6eTkUt2Aa8YoUqHaK7p8gXQUF2BVoSA-LbL63YdAdbmhY

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.301/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e143b1ff6730375986286bf2f25f05587aa46a82f86801cf863bf55f5abb63ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app-eu1.hubspot.com/conversations-visitor/25866765/threads/utk/3ff554af082f4a08872555fbd343739e?uuid=16a077cc88bb44329616794b9a1b3ae5&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=provenance.org&inApp53=false&messagesUtk=3ff554af082f4a08872555fbd343739e&url=https%3A%2F%2Fwww.provenance.org%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 07b0ba62-c859-496f-b554-53de49c50903
x-envoy-upstream-service-time: 29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d4a3f903-7b3c-4a4e-93f0-83572f556f15
server: cloudflare
x-trace: 2BCB364CC1D57EA17BC642CF6F2AC6A68612205CB2000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6454fdd5b-2t2z8
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ5VLE2I0Ya2JxYCEByIz3nVYnjusk02dNyMNDHiywzraqHobTlX9NceobKO3L7HYYYb%2B5M3oqFVAvXM%2FJZK1rtqounHRssy5XM68gvjCtIqzc0AJyJfjQT8VIFueajzuO5vi8I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bcbdda25a236921-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 feedback-web-fetcher Show response
app-eu1.hubspot.com/ Frame 7C11 1 KB
2 KB 80ms
80ms Document
text/html 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/feedback-web-fetcher

Requested by

Host: js-eu1.hubspotfeedback.com
URL: https://js-eu1.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cdb3dd1a718afa1de44ac1184117d5ce35744bdc2d1a2ff5137975880e08315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.provenance.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7bcbdda31ad76921-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.14622/html/fetcher.html&cfRay=7bcbdda31ad76921&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.provenance.org%2F&cfenv=prod&pdt=2023-04-24&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 05:14:58 GMT
expires: Tue, 25 Apr 2023 05:14:58 GMT
last-modified: Mon, 03 Apr 2023 07:59:30 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7bcbdda31ad76921&resource=feedback-web-renderer-ui/static-1.14622/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id: wh5LK-kvqw7Q-FsEI8dsEXjh_PuuS4ZD2oAk8azzrDftyniyyMERog==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: kSsA5jhP4z_K2hV8bFs2qQNXJdOQ_cnz
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.14622/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
975 B 147ms
63ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=25866765&rcu=https%3A%2F%2Fwww.provenance.org%2F&pu=https%3A%2F%2Fwww.provenance.org%2F&t=Provenance%3A+Sustainability+Marketing+Technology&cts=1682313298401&vi=2aca9b18eeb8c66e5398a12703711d7b&nc=true&u=202609678.2aca9b18eeb8c66e5398a12703711d7b.1682313298398.1682313298398.1682313298398.1&b=202609678.1.1682313298399&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenance.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7f1766ce-b5df-4fb5-8e5f-05a30e3bd82f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27f3eaf5-c65b-45ad-bfce-0706b1e35631
last-modified: Mon, 24 Apr 2023 05:14:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3ytjIDXRRFQYVsyKusAynjgJUNHBE4keU50YWI%2FIgVGJf2h4rLoDXx3CjYAJ8xW3B%2FbztXft7oAeAtiUrfNhKrFrvzfLLjX8w3f%2B4dEMGTbqabqOYGwLDKtGQSaVg1ob3DvleRy8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-db78cc896-twpvk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7bcbdda39a159b76-FRA
x-robots-tag: none

GET
H3 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.14622/bundles/ Frame 7C11 16 KB
7 KB 29ms
29ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.14622/bundles/fetcher.js

Requested by

Host: app-eu1.hubspot.com
URL: https://app-eu1.hubspot.com/feedback-web-fetcher

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae2b39a2f71126ed452624a363d90a1c4381dac69fc7eb55447db52d72f7afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:58 GMT
x-amz-version-id: bCW7GszwgTGHpoW521TyYTuHAy3v7sDW
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1802754
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 07:59:29 GMT
server: cloudflare
etag: W/"f4b1b8e50e23c5ec26c034a1b3fbc1b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBU8Afbyqs9R66%2BC9cZxfZ0K9GU%2FnTDaBl1EOh25OkYkAUHtPYwIHkzhZG54HyZz7RznU%2FC%2Fa5X0ZRQdvzXnnZ8ocEPvYIwhYszQ46TBjn0f4lZFIMm5vJpMHRer%2BJXbmIa7RYrg40LA%2FNAC3Iz9bmPSgY8%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7bcbdda3aab42c01-FRA
x-amz-cf-id: imHx7Fur37dzkgvME3e20UPzO_GU_fFRcXODi0BJB0moxas_3BUm5w==
expires: Tue, 23 Apr 2024 05:14:58 GMT

GET
H2 200 web-config Show response
feedback-eu1.hubapi.com/feedback/public/v1/ Frame 7C11 36 B
507 B 56ms
55ms XHR
application/json 2a06:98c1:3200::90:2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback-eu1.hubapi.com/feedback/public/v1/web-config?portalId=25866765&utk=2aca9b18eeb8c66e5398a12703711d7b&bundleVersion=1.14622&currentUrl=https%3A%2F%2Fwww.provenance.org%2F&pageUrl=https%3A%2F%2Fwww.provenance.org%2F

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.14622/bundles/fetcher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-HS-Referer: https://www.provenance.org/

Response headers

x-origin-hublet: eu1
date: Mon, 24 Apr 2023 05:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ca44a98b-a931-42f8-abd9-5652afc3deca
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2e9b5837-34be-4870-8035-4de1126c0247
server: cloudflare
x-trace: 2B9B6178A8B68E649AA7353135D88AF99A147533E4000000000000000000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app-eu1.hubspot.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOZR4zHu%2BrmHZnlgRK0PGFIW%2BB%2Fb9%2FQrao%2BNTl3wMyTwD2wYGD5CAOYwgVwc9geRldD73kreWuWpznhKynKgbuSeOgIdYgGkj57pGKB8xGjKukaxon7pM6G7%2F6zQjvULEZtc7Uk1u8p8LjWp7K0zZwEVG7XH"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: fra04/star-hubapi-td/envoy-proxy-b7586c7f5-m2qv8
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
cf-ray: 7bcbdda44ecc363c-FRA

OPTIONS
H2 200 web-config
feedback-eu1.hubapi.com/feedback/public/v1/ Frame 0
0 72ms
54ms Preflight
text/plain 2a06:98c1:3200::90:2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app-eu1.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app-eu1.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7bcbdda3fe82363c-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 24 Apr 2023 05:14:58 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgkX4tJ81kJu589HcEb%2FCMk%2BCBCS6l9rAk7xlBBhXvKxgSPp%2FKhLAH7HqlSsdidnTWhdCyPqnAKh1nQvyWx1XaI0zPv6JQON9U%2BIsEsuLjgMHj2HsdiclshPKiE84z9zsUy9kvKc6uexd7dAvlVsGx%2FxmN4k"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/star-hubapi-td/envoy-proxy-b7586c7f5-9x4g8
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 20be8c8f-196a-4971-966b-6cb7e79075e8
x-request-id: 1d193423-9281-4c72-9013-9d1a4e5c261a
x-trace: 2B62CFBD70769EDD7C55E239FC77B3EEA185511357000000000000000000

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.provenance.org/	1970-01-20 11:19:59	Name: _gid Value: GA1.2.1639400882.1682313297
.provenance.org/	1970-01-20 11:18:33	Name: _gat_gtag_UA_59977860_1 Value: 1
.provenance.org/	1970-01-20 11:18:33	Name: _gat_UA-59977860-11 Value: 1
.provenance.org/	1970-01-20 20:54:33	Name: _ga_P01H6XMGNW Value: GS1.1.1682313297.1.0.1682313297.60.0.0
.provenance.org/	1970-01-20 20:54:33	Name: _ga Value: GA1.1.974813493.1682313297
.provenance.org/	1970-01-20 20:04:09	Name: _hjSessionUser_2820385 Value: eyJpZCI6IjNkYWQ0ODc0LTY5YTgtNTVlMS04NjI2LTZiZDUzMTY3OGRiYiIsImNyZWF0ZWQiOjE2ODIzMTMyOTc1ODgsImV4aXN0aW5nIjpmYWxzZX0=
.provenance.org/	1970-01-20 11:18:35	Name: _hjFirstSeen Value: 1
.provenance.org/	1970-01-20 11:18:33	Name: _hjIncludedInSessionSample_2820385 Value: 1
.provenance.org/	1970-01-20 11:18:35	Name: _hjSession_2820385 Value: eyJpZCI6ImRiNTcxNWVlLTcxZTktNDc3MC1iNGEzLTk2MTJmNGRkYmRhMCIsImNyZWF0ZWQiOjE2ODIzMTMyOTc1OTYsImluU2FtcGxlIjp0cnVlfQ==
.provenance.org/	1970-01-20 11:18:35	Name: _hjAbsoluteSessionInProgress Value: 0
www.provenance.org/	1970-01-20 11:19:59	Name: ln_or Value: eyI0MDU2MDkwIjoiZCJ9
.linkedin.com/	1970-01-20 12:01:45	Name: UserMatchHistory Value: AQIsKK_g9nPwDgAAAYexr7-3E9lMNkDUECnuD7OABqeWSrFkpdG3pLocYahZRroWihczv-ckjYSOMg
.linkedin.com/	1970-01-20 12:01:45	Name: AnalyticsSyncHistory Value: AQLCk4K9EO87JQAAAYexr7-3pjiYz3_dRVpXKs7WInv3CYZP442eDPzpVcKHKqZbFVT04MrRBBP8p7QKpKlpfg
.linkedin.com/	1970-01-20 20:04:09	Name: bcookie Value: "v=2&899d6ba1-3903-4c82-8cdf-3d7ba224097e"
.linkedin.com/	1970-01-20 11:19:59	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2621:u=1:x=1:i=1682313297:t=1682399697:v=2:sig=AQFqFl3Hb8M5j9ZSdfMuhlQA0WH2_WRF"
.hubspot.com/	1970-01-20 11:18:35	Name: __cf_bm Value: lTSmzBUKG_8uDAJ6_S.W8E2PeX_aKQ3u1U11OWqgiAU-1682313297-0-AcjLnCG/YzozakCoCAPpNIlyClbcxUTwSWfye4zdC+tSatarYAHMKTd42Ilx0ew5yznCdFsF+DdO6WKhdLrEB9A=
.www.linkedin.com/	1970-01-20 20:04:09	Name: bscookie Value: "v=1&20230424051457e979d8ad-14df-4470-87d9-2c7918b0bc61AQGw1qN2La71PNWi7wDZbaoK_wEry4xm"
.linkedin.com/	1970-01-20 15:37:45	Name: li_gc Value: MTswOzE2ODIzMTMyOTc7MjswMjEVfM9gUsezpBm+XWlqzadOHjEt5NkIe+H+smc1XGzsJw==
.provenance.org/	1970-01-20 15:37:45	Name: messagesUtk Value: 3ff554af082f4a08872555fbd343739e
.provenance.org/	1970-01-20 15:37:45	Name: __hstc Value: 202609678.2aca9b18eeb8c66e5398a12703711d7b.1682313298398.1682313298398.1682313298398.1
.provenance.org/	1970-01-20 15:37:45	Name: hubspotutk Value: 2aca9b18eeb8c66e5398a12703711d7b
.provenance.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.provenance.org/	1970-01-20 11:18:35	Name: __hssc Value: 202609678.1.1682313298399

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25866765.fs1.hubspotusercontent-eu1.net
api-eu1.hubapi.com
api-eu1.hubspot.com
app-eu1.hubspot.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
content.hotjar.io
d3e54v103j8qbb.cloudfront.net
feedback-eu1.hubapi.com
fonts.gstatic.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
global-uploads.webflow.com
in.hotjar.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js-eu1.hubspotfeedback.com
js-eu1.usemessages.com
provenance.org
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track-eu1.hubspot.com
uploads-ssl.webflow.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.provenance.org
108.128.72.146
13.107.42.14
172.65.192.122
172.65.193.226
172.65.202.201
172.65.202.85
172.65.208.22
172.65.219.229
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
18.66.112.109
18.66.97.10
2001:4860:4802:32::36
2600:9000:20eb:2c00:2:53b2:240:93a1
2606:4700:20::ac43:4669
2606:4700::6811:190e
2606:4700::6812:8b65
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:148d
2a04:4e42::485
2a06:98c1:3200::90:2
2a06:98c1:3200::90:3
52.222.232.144
52.222.236.28
52.222.236.74
52.31.189.121
54.72.37.244
053d91350c461f9bb575c22e2be01f990429addd476b87aea57c4b882dfa002a
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0cdb3dd1a718afa1de44ac1184117d5ce35744bdc2d1a2ff5137975880e08315
0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7
13d3286a341a0ab9be5e4e795796accc3c5dd03ac8ba460b59482fc0d0a57d89
14acb316f19afdd3f21e61c14d51a68bcc62bdd63a6d35e8a901a062c1edf122
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3712b13690fb7409a0137028f7f21811672ee4764bd9c088ebc508fc1cfdb1
1dbffeb870f3a4a52cce78a3ab9fb0f882e4d715115138280d0eadb603a3e8eb
1f3519dc59bde8fd2f79ea5fe4ec96483d691fb19a56392144ae80bea65bb580
235b96476449e44fe2a6b563b6cfb5be5ecfdc10f03b47e0c79c336934420070
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
30dbd1cb83cbc964e7a70d069c59c43a43dc239345838a3efad8d4d3fa0b1078
32c82e67d2262e57632d0bb164c9f9df72190342737b3140d4e253aab2db3033
32c89ba86c472c8e901969cf1f15c2ebd82f2c17884923b396d3ea9074f01729
33cdee533b95e463a8c1125ca1ae7cd765846e683a9aa4fdcfc64c35e92247e3
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
3791ac048485837b50f3f5cbc106baa681fd1a918486523fae82fbdc32d24131
379e34b41d5ebb25a361b0cad94e082ea27920e057ab65375c6f99792021e9e1
387b77b93b1f6167d4c5644320a85c77266cc0074d56d1100c82d244626df553
3896d7f290c7d0517b49387537619d16697a856032f7b32ab1e5d59e146ab874
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408766a9c1195e3ff10aa0191c69641214ac98fa2518170f013a657feb014766
4097a5ce27113fc9480b0f6dc320ed1fa3acf7e8a6d2e256ff51e01000fabe2f
40d52679d3df71150fb08a5cbdf3db6cf9a8dff2afdc5abfe296141c54cdb22a
41d965a4d14663f3483ae4863a4505556aa6c2151e06850cd67be69edbdebc71
420be8c50845cb4172ee78602130eec5236d852255303e967d5ff786eab1d38c
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eba5892aa4be4608e9129809cd34114fe2483da700936fa22c67b189efe656
46e650d61ab725c9286517962e71677234f0dd8d8aea387a25c8112a786c6bd1
4e8af856d8e9ed09b0bdf9eb33c5fc52bd03e4ede547e0ea4681fb056930ff2b
50292a92a40262e23e2755fd1af534d83a96a31b1ebd67ae0ec84be5b022de4f
5089a2419542b7abd162dcef7560dc98f9d4e58be5e4f37243d02f41aabe522e
5287e04c1f26e071bd36a5cf1f50552744f64e56c75e1815230afb7ddb635abd
56b6e95b2d7f0ef3499dd72399e73ffe9e08d5a5c9ff3fafe0aae9c5da33ad0b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59984b8e839c8da5060be35035769e5eb7cb05bc7607fc619a1fa229ea739c9a
5b6a3168093f9d793260a15bb0ae75015fbd8711cfc72730a358bf434e02ac39
65a45b01e3489d1162743deebf3ef170537a682cc041d386f8d39b94b664da2d
668bbaa9cf43f1bf66d5f8aee90ec9f6061be7a873420214b955bcec0fc63515
69c80302e8a0dae95e538408a8777c713f2e2d4e9f9da82b6289ab77a0441740
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1d2d9a1de580d09a308bd71f1f3805881da8d6e04f2e6d46d110c9114aa4ed
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da8a0dbebe5d720d7f9204b0eea6d0d22b67a0c2969c961c24055c40366021d
712e3fb6243a045999beddafd0c21aabe608e499166eb912d526e42523d5eb54
7286e8fafd16b3c711b7b6226aa817e1a85c34fbd6ad90b4115a9b49f939fd61
74ba4e8533686279d14ef026f55ac9a00cfd432884902c82d6ff8ecf21a1aa03
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bd3781e97d0fa717e061812fe52562b403599afc908a1585e7cb96991d8ed73
7c48ebe60d741a656802ab556d536312b305bf779bc3ce89ab616c4632047c74
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
87550dc5f5ca88afca2f312c9f5b89bf148ba49357bc54462ee97d21a6e1fe9d
889f6b5eb2a9f09e6bb1c1d6b6dd2ca7a85f1ad7dc23f520481efc08a69c9034
8c5442f1ca27d7e3257255540333799f820b2497b06d824d8c97163a12b7b25b
8db17b72f73d2b73029596217ee414aed9d11bbed02badb51cbe50af3fa28937
91420b1109fa52cedba7f0d58a9ae918b7a60d75ae591a28ad2f3007d8aa978a
9280ca614fd7926d8c54bf7a16ec1a51bc27972e7088e4cd8030f94e0fc5faa4
944b0d2a66fd7c253cb0c368dc1c6b802ecf1ea2b6f1b05b865400fcf57fc445
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
982fbd969d95acfbb66e7cf12bea0af5f3b53aecaa57132311293d08d6d0c12b
9ae2b39a2f71126ed452624a363d90a1c4381dac69fc7eb55447db52d72f7afc
9c065610b3d62a85dc0ce3c2b174281f616f49708f553b394dbb38a7462944e0
9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff
9e18b9e7ee04817732c43970a7aee79c461da78a69036266864d57d4252a22db
a827ba0a43cbeb52e1f7c01fac1d8526f1a927ef58d5a0bc4ea4047a8b47f075
b98b79b4de95f3a65532257333bc593624fada353e180509bac1ae4d70accc3c
be00e32745c8f3253a510efcfb4c728f018a4bb685589b668c460af2064b6135
be4a2bab7432354c326dca0c9c2c4fd905dfadd47617677c59340f71a3ca7369
bf3600f9028eaed83b2370a17af928a6ef1cb5b04100f3c9c7c36a0a5f52a435
c0cab7e0449c5a3055a4aedc216e481e07c9dc4fd48fb39aa434961403bd5f31
d367b7ea8da4698ae9fb65b0f6771f33ee364c3a78ad9bd4b902bc556971d254
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df4c888fc2647df26a59bfe7d67077cd40d7ee0def4c3e865c08dace35c6ba7b
e143b1ff6730375986286bf2f25f05587aa46a82f86801cf863bf55f5abb63ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e756a6929b30bbe1a06290b8cab165fa071581d6c34d5b9cb235d1a16adf2d93
eb2813c6a33752e58e787ca8400c73dd10556e6545f781c81b660ca64c2d0b27
ebc7d02de2dd665d2f232d916f06486494cbeb7d77b99cd4661a6f29346226e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f76f266dc11aee8a240385e573abb6dfd5abcc79dbad6614927bb679e595a160
f78a1827b2ca1f0f510bdc3b296e8a98867b472fc1115b72667e27fcb061aef0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdd6ea3266d8344867904e41c60df88de641ea34b8975df749a081fa45d7418a
fed831b7c44201e95448971cbeeef948fcbde074ee273a55847a5448140e90bc

www.provenance.org Open in urlscan Pro 2606:4700:20::ac43:4669 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

99 %HTTPS

49 %IPv6

29 Domains

41 Subdomains

36 IPs

4 Countries

4289 kBTransfer

8335 kBSize

23 Cookies

10 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.provenance.org Open in urlscan Pro
2606:4700:20::ac43:4669 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

99 %
HTTPS

49 %
IPv6

29
Domains

41
Subdomains

36
IPs

4
Countries

4289 kB
Transfer

8335 kB
Size

23
Cookies

101 HTTP transactions
5 data transactions