www.provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b03f5&_e=HMocrNzpkX8ZU...
Effective URL:
https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source...
Submission: On June 29 via manual (June 29th 2024, 10:19:06 pm UTC) from CR — Scanned from DE

Summary HTTP 310 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 48 IPs in 3 countries across 34 domains to perform 310 HTTP transactions. The main IP is 2606:4700:10::6816:1b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.provenskincare.com.
TLS certificate: Issued by GTS CA 1P5 on May 19th 2024. Valid for: 3 months.

This is the only time www.provenskincare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 94	2606:4700:10:... 2606:4700:10::6816:1b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.58.60 13.35.58.60	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0d::5c	15169 (GOOGLE) (GOOGLE)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	3.165.246.143 3.165.246.143	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:480... 2a02:26f0:480:ba9::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.215.128 143.204.215.128	16509 (AMAZON-02) (AMAZON-02)
1	18.239.94.83 18.239.94.83	16509 (AMAZON-02) (AMAZON-02)
2	67.202.51.57 67.202.51.57	14618 (AMAZON-AES) (AMAZON-AES)
2	18.156.51.183 18.156.51.183	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.126.37.178 104.126.37.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:88b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	35.82.126.224 35.82.126.224	16509 (AMAZON-02) (AMAZON-02)
6	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	44.212.189.233 44.212.189.233	14618 (AMAZON-AES) (AMAZON-AES)
3	35.85.106.161 35.85.106.161	16509 (AMAZON-02) (AMAZON-02)
11	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	13.35.58.20 13.35.58.20	16509 (AMAZON-02) (AMAZON-02)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
8	54.235.77.118 54.235.77.118	14618 (AMAZON-AES) (AMAZON-AES)
2	23.22.144.165 23.22.144.165	14618 (AMAZON-AES) (AMAZON-AES)
1	52.22.50.55 52.22.50.55	14618 (AMAZON-AES) (AMAZON-AES)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
36	2600:9000:225... 2600:9000:225d:b800:2:cea4:aa80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	44.240.52.117 44.240.52.117	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	95.101.111.153 95.101.111.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
310	48

94 2606:4700:10::6816:1b5c (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

links.provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.provenskincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.58.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-60.fra60.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.165.246.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-246-143.mxp53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:ba9::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-128.fra53.r.cloudfront.net

static.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-83.ams1.r.cloudfront.net

campaign.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.51.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-51-57.compute-1.amazonaws.com

public.fbot.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.51.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-51-183.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.37.178 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-178.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.126.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-126-224.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.189.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-233.compute-1.amazonaws.com

44.212.189.233	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.85.106.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-106-161.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-20.fra60.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.235.77.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-77-118.compute-1.amazonaws.com

proven-api-production.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.22.144.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-144-165.compute-1.amazonaws.com

proven-pay-production.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.50.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-50-55.compute-1.amazonaws.com

52.22.50.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2600:9000:225d:b800:2:cea4:aa80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.builder.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.153 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	provenskincare.com 4 redirects links.provenskincare.com www.provenskincare.com	1 MB
36	builder.io cdn.builder.io — Cisco Umbrella Rank: 21694	636 KB
13	segment.com cdn.segment.com — Cisco Umbrella Rank: 1789	208 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 900	30 KB
10	herokuapp.com proven-api-production.herokuapp.com proven-pay-production.herokuapp.com	144 KB
9	yotpo.com staticw2.yotpo.com — Cisco Umbrella Rank: 8091 p.yotpo.com — Cisco Umbrella Rank: 7763	200 KB
7	google.com pay.google.com — Cisco Umbrella Rank: 3893 region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	39 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 913	3 KB
6	mountain.com dx.mountain.com — Cisco Umbrella Rank: 6339 px.mountain.com — Cisco Umbrella Rank: 6399 gs.mountain.com — Cisco Umbrella Rank: 11925	22 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	143 KB
6	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 6220 api.lightboxcdn.com — Cisco Umbrella Rank: 7151	155 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2394 rs.fullstory.com — Cisco Umbrella Rank: 2203	78 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	398 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	217 KB
4	fbot.me static.fbot.me — Cisco Umbrella Rank: 31470 campaign.fbot.me — Cisco Umbrella Rank: 31790 public.fbot.me — Cisco Umbrella Rank: 41527	122 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 406	200 KB
4	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 25915	87 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 311	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 8088	189 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	320 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2414	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 405 insight.adsrvr.org — Cisco Umbrella Rank: 1062	298 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1130	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	74 KB
2	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 9745	28 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4429	16 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1325	179 B
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 15209	194 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5884	7 KB
0	pbbl.co Failed cdn.pbbl.co Failed
310	34

	Domain	Requested by
93	www.provenskincare.com	3 redirects www.provenskincare.com
36	cdn.builder.io	www.provenskincare.com
13	cdn.segment.com	www.provenskincare.com
11	js-agent.newrelic.com	www.provenskincare.com
8	proven-api-production.herokuapp.com	www.provenskincare.com
7	staticw2.yotpo.com	www.provenskincare.com staticw2.yotpo.com
6	ct.pinterest.com	www.provenskincare.com
6	analytics.tiktok.com	www.provenskincare.com analytics.tiktok.com
5	www.lightboxcdn.com	www.provenskincare.com www.lightboxcdn.com
4	region1.analytics.google.com	www.provenskincare.com
4	www.googletagmanager.com	www.provenskincare.com
4	maps.googleapis.com	www.provenskincare.com
4	js.chargebee.com	www.provenskincare.com
3	bat.bing.com	www.provenskincare.com
3	fonts.gstatic.com	www.provenskincare.com
3	bam.nr-data.net	www.provenskincare.com
3	px.mountain.com	www.provenskincare.com
3	rs.fullstory.com	www.provenskincare.com
3	www.google.de
3	stats.g.doubleclick.net	www.googletagmanager.com www.provenskincare.com
3	cdnjs.cloudflare.com	www.provenskincare.com cdnjs.cloudflare.com
2	www.google-analytics.com	www.provenskincare.com
2	trkn.us	1 redirects
2	www.facebook.com
2	proven-pay-production.herokuapp.com	www.provenskincare.com
2	dx.mountain.com	www.provenskincare.com
2	s.pinimg.com	www.provenskincare.com
2	edge.fullstory.com	www.provenskincare.com
2	connect.facebook.net	www.provenskincare.com
2	p.yotpo.com
2	public.fbot.me	www.provenskincare.com
2	js.braintreegateway.com	www.provenskincare.com
2	pay.google.com	www.provenskincare.com
1	www.google.com
1	d.impactradius-event.com	www.provenskincare.com
1	api.segment.io	www.provenskincare.com
1	insight.adsrvr.org
1	match.adsrvr.org
1	gs.mountain.com	www.provenskincare.com
1	tvspix.com
1	api.lightboxcdn.com	www.provenskincare.com
1	www.gstatic.com
1	campaign.fbot.me	www.provenskincare.com
1	static.fbot.me	www.provenskincare.com
1	widget.trustpilot.com	www.provenskincare.com
1	links.provenskincare.com	1 redirects
0	cdn.pbbl.co Failed	www.provenskincare.com
310	47

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.youtube.com
www.tiktok.com
support.provenskincare.com

Subject Issuer	Validity	Valid
www.provenskincare.com GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
js.chargebee.com Amazon RSA 2048 M03	`2024-02-12` - `2025-03-11`	a year	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2025-01-29`	a year	crt.sh
*.fbot.me Amazon RSA 2048 M03	`2024-03-29` - `2025-04-27`	a year	crt.sh
yotpo.com Amazon RSA 2048 M03	`2024-02-04` - `2025-03-05`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
api.lightboxcdn.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-04-28` - `2024-10-28`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-08` - `2024-07-07`	3 months	crt.sh
edge.fullstory.com WR3	`2024-06-28` - `2024-09-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2024-05-23` - `2025-06-24`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
rs.fullstory.com WR3	`2024-06-29` - `2024-09-27`	3 months	crt.sh
44.212.189.233 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-15`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh
52.22.50.55 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.builder.io Amazon RSA 2048 M01	`2023-09-30` - `2024-10-28`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Frame ID: B7FD953744C6A2C57EA1A3BACE3D7288
Requests: 300 HTTP requests in this frame

Frame: https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: D984F024028C1FA769EDEADD18D928EC
Requests: 4 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/lightbox.js?mb=1719699536864&lv=1
Frame ID: E4C50F9FE4C0A28B9536EB494FA651DB
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.provenskincare.com&mid=
Frame ID: A62C206C0C84BC0C8E3C29639460CAE7
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: E9560167024D6ED4A51047B5C0476803
Requests: 1 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/master.html
Frame ID: 963C7C8E7B830A0367BAE6A1206A5E7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b0... HTTP 307
https://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b0... HTTP 303
https://www.provenskincare.com/auth/user/passwordless?token=&email=sjohnson%40backcountry.com&promo=CLEARSK... HTTP 301
https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARS... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Lightbox (JavaScript Libraries) Expand

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

310
Requests

83 %
HTTPS

43 %
IPv6

34
Domains

47
Subdomains

48
IPs

3
Countries

4022 kB
Transfer

12658 kB
Size

46
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/provenskincare/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/provenskincare

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB6y1t_mob1GPt7rzUaXNvQ/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@provenskincare/

Search URL Search Domain Scan URL

URL: https://support.provenskincare.com/
Title: Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b03f5&_e=HMocrNzpkX8ZUpmSJKyvdW_25m2hkdpS44w2xmNecVJr1m7BNMDPI5DtxTsIxwn2QpgPUFQCMManasPzkRNUj8YH25MUEfABj9JH4S0kxGjnrQ87GWvGrvGaaG6dbIwGF-2zUWWqYoaMrl8QMD96RaRo_uzT8IZ9P9qB7zE0DoF22rEpuuGaDgoBn_MWHynZ2qns-YuXr4hrP4bkNX7VLQn9HtKqrsXwVWYMwQXKKkILuHiUMqAtZQo0eZGEZVen1-QNx_wqINn0CjJk2bgJvt9kDmoVKv57YF3THTIqFCDwHPA7l28dg7lyt_U85B-m6yzO23i-iBfvQHNiz1wL0uCMGsFyBCEuxjbDLT6bGAcep7V9nQRkswFCi67UJvzq5R0LexGJqrB8M1t7KdXB-np2dNCWRPz0xqHCQx-wTi1CRgdn_8y3aamG2ucVsAbwOqm8sIgfrsLHIxAtN5uP-Q%3D%3D HTTP 307
https://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b03f5&_e=HMocrNzpkX8ZUpmSJKyvdW_25m2hkdpS44w2xmNecVJr1m7BNMDPI5DtxTsIxwn2QpgPUFQCMManasPzkRNUj8YH25MUEfABj9JH4S0kxGjnrQ87GWvGrvGaaG6dbIwGF-2zUWWqYoaMrl8QMD96RaRo_uzT8IZ9P9qB7zE0DoF22rEpuuGaDgoBn_MWHynZ2qns-YuXr4hrP4bkNX7VLQn9HtKqrsXwVWYMwQXKKkILuHiUMqAtZQo0eZGEZVen1-QNx_wqINn0CjJk2bgJvt9kDmoVKv57YF3THTIqFCDwHPA7l28dg7lyt_U85B-m6yzO23i-iBfvQHNiz1wL0uCMGsFyBCEuxjbDLT6bGAcep7V9nQRkswFCi67UJvzq5R0LexGJqrB8M1t7KdXB-np2dNCWRPz0xqHCQx-wTi1CRgdn_8y3aamG2ucVsAbwOqm8sIgfrsLHIxAtN5uP-Q%3D%3D HTTP 303
https://www.provenskincare.com/auth/user/passwordless?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin HTTP 301
https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Request Chain 183

https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Request Chain 257

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=45.141.152.72;cuidchk=1

310 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.provenskincare.com/auth/user/passwordless/
Redirect Chain

http://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b03f5&_e=HMocrNzpkX8ZUpmSJKyvdW_25m2hkdpS44w2xmNecVJr1m7BNMDPI5DtxTsIxwn2QpgPUFQCMManasPzkR...
https://links.provenskincare.com/u/click?_t=5a966853f0ac438ba4d502da7f03c231&_m=7734fc665f8d41b8b44a010aff2b03f5&_e=HMocrNzpkX8ZUpmSJKyvdW_25m2hkdpS44w2xmNecVJr1m7BNMDPI5DtxTsIxwn2QpgPUFQCMManasPzk...
https://www.provenskincare.com/auth/user/passwordless?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment...
https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatmen...

79 KB
25 KB

428ms
428ms

Document
text/html

2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8bef07d994738e7e0521b0ed4af73a9e2f51f4db01f33b2b565b378bed7a8d7f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 89b94b9428833aa3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jun 2024 22:18:56 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699536&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=orMGyn%2FnOPtt1%2FrDjhFggQgCVNv%2Fjt05zGbCCAeu7TE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699536&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=orMGyn%2FnOPtt1%2FrDjhFggQgCVNv%2Fjt05zGbCCAeu7TE%3D
server: cloudflare
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 89b94b9408613aa3-FRA
content-length: 0
date: Sat, 29 Jun 2024 22:18:56 GMT
location: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
server: cloudflare
vary: Accept-Encoding

GET
H3 200 hp-v1hero-bg-desktop.jpg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/ 31 KB
32 KB 132ms
131ms Image
image/avif 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bg-desktop.jpg

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797bd652cbd43bd0b45c9bead0e560448320ea9026788c1a3044f6ffd872498e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
via: 1.1 b481ede90908ed62958e1cf615981fc8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 31852
cf-resized: internal=ok/h q=0 n=18+123 c=0+0 v=2024.6.0 l=31852
last-modified: Mon, 26 Apr 2021 18:21:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfojGx_NXdNi9ubfhJnHx77RPS1gWqs-rDoNB_ezzVDQ:f2d3deec90a80ad587c86b98e04e1b4e"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b94b96dbcf3aa3-FRA

GET
H3 200 main~43dd7041.e8fcd1286044bcc1d51c.css
www.provenskincare.com/dist/ 29 KB
5 KB 425ms
425ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~43dd7041.e8fcd1286044bcc1d51c.css
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3f1ec2b737a51ea868107d991b8729460b1af2b6ac2b41f8cc0c237175357b99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4024
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"fb8-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b97ed043aa3-FRA

GET
H3 200 main~25dc9f7d.c4a9050d0224238d6bf4.css
www.provenskincare.com/dist/ 30 KB
3 KB 422ms
420ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9440d2546b2c4b3ece7ffa601c7a5128da0e473e06b832a3049b5ebc719a8217

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-polished: origSize=38143
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"d24-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b97ed093aa3-FRA

GET
H3 200 main~ed126cf3.be2ef42ab1d98b2b93d4.css
www.provenskincare.com/dist/ 38 KB
4 KB 415ms
413ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~ed126cf3.be2ef42ab1d98b2b93d4.css
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4d29f5bc8393f25ae465dd1e664be1cafbf02cef1b92bfd492e18aa4c78a3736

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3636
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"e34-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b97ed0d3aa3-FRA

GET
H3 200 main~52f0199e.b5053c0581bb7da38501.css
www.provenskincare.com/dist/ 45 KB
7 KB 416ms
414ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~52f0199e.b5053c0581bb7da38501.css
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1182703d14fb4aa33711014cdb2203be511e6e7d852d7cdb7e57b6a282d33c12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6067
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"17b3-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b97ed0f3aa3-FRA

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
1021 B 33ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1395229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj4aj5Bh3jLmmZFZOYLw3Uccr72zSv2sLSJKv%2F6wWFq%2FMsNIzRC7rqh%2BL7UT5MUa5eSfE2VlN7jyYYRQ%2BBvkbsYwLNKqCv6VBFAa%2BifMmoqLRgtVcZX5iv1RAATCBcEPoyKaklBJYYpKpzXBKfSr9PGO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89b94b98087c6ae0-FRA
expires: Thu, 19 Jun 2025 22:18:56 GMT

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 35ms
22ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1045052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 637
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=weVRLgZtzE50VuMIZkE1DeAYxwmTDABw%2FJiXp2kdXzC3Phn%2FPRYAsfkharwOEkg9OOIbMZPcZD2yLIWIjAjvYNYE%2B8udbL4Z3z0rdKmrGspbRm4epSAYLiD5d9kbGSmS%2BkRvJVnNbs%2F%2B4pIEKMIVf7Lz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89b94b98087e6ae0-FRA
expires: Thu, 19 Jun 2025 22:18:56 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 rocket-loader.min.js Show response
www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jun 2024 17:43:16 GMT
server: cloudflare
etag: W/"667c5334-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 89b94b97ed113aa3-FRA
expires: Mon, 01 Jul 2024 22:18:56 GMT

GET
H3 200 loading+spinner.gif
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/transition/ 4 KB
4 KB 58ms
58ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/transition/loading+spinner.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b55e9528830a1ad9833c1dcf9a17940a9ee0cf04f2d8d4b0c53ffc76e4310c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 4088
cf-resized: internal=ok/r q=0 n=50+79 c=0+0 v=2024.4.0 l=4088
last-modified: Tue, 23 Jul 2019 22:06:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfthsXx7VNXLx-MhcnlpbglQTJ1gWqs-rDoNB_ezzVDQ:b950a07388ac51ff553cdb588ad30c32"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b94b980d203aa3-FRA

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 271 KB
80 KB 49ms
7ms Script
application/x-javascript 13.35.58.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-60.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bf53bd9038544e5ad04d32d05281be924967578cb52a6a59b85ba88cc59015dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yDA_m01oR2GLuDqqCvL1WNhi4.juE5Ao
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 29 Jun 2024 22:14:38 GMT
via: 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Jun 2024 09:15:18 GMT
server: AmazonS3
etag: W/"5d36af215a630063baf73ca1b10dc527"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: UGEkGxBDgbt1cMoO4tXgMrCUSscikOFtgltpIi27GlRnkv5JCf7aow==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 130 KB
39 KB 130ms
71ms Script
application/javascript 2a00:1450:400c:c0d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20a7a56877a96f53e3231e28a239a4a1bf45ad5dadc7dd967996d3686441a3fe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-xGVE0ez0WEXVQgiXB4eqIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-xGVE0ez0WEXVQgiXB4eqIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjitHikmJw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZJL6-ZNIA4sPR01md0mewBgGxT_0M1hggbr15jnUqEM8NOM8annmeNenfedYiIP7IcZF1ScRF1kOJF1mFeDguTGjawibw4Nfre0xK2kn5hfGZecUliXklSaWVaUX5eSWpeSnFqUVlqUXxRgZGJgZmRhZ6BkbxBQYAqJ871w"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 29 Jun 2024 22:18:56 GMT

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.81.0/js/ 54 KB
15 KB 66ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.81.0/js/paypal-checkout.min.js

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBE) /

Resource Hash

13575b73cac87583ac763ca4c7686f8afa32e1073005708e2cbe60c7f6ebb24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 29e1b6f7ed334
dc: ccg11-origin-www-1.paypal.com
content-length: 15086
last-modified: Fri, 10 Dec 2021 00:02:05 GMT
server: ECAcc (frc/4CBE)
traceparent: 00-000000000000000000029e1b6f7ed334-6f7cee5283aa604d-01
etag: W/"61b298fd-d972"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.81.0/js/ 42 KB
13 KB 67ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.81.0/js/client.min.js

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCD) /

Resource Hash

a38be85daeb6788a0b0516a2f6009b31e418cfa8d1e9b3d52401b467ff622b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: db2ad9e220633
dc: ccg11-origin-www-1.paypal.com
content-length: 12777
last-modified: Fri, 10 Dec 2021 00:02:05 GMT
server: ECAcc (frc/4CCD)
traceparent: 00-0000000000000000000db2ad9e220633-6cfa9b0164ec796c-01
etag: W/"61b298fd-a7ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 36ms
6ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 01:37:57 GMT
content-encoding: gzip
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 74460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: zi9pc4GSr_MDS_nDn6tWYjMVUApK644fTirmkwL8jx8U7yH6d3JhPA==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 263 KB
87 KB 77ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC7f1eg2joY6fosshrsl-MMbnBJSIvfIhI&libraries=places

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bffdcbd236475b96ecc0666f5ecbb2dff52de99ef06f850c8d575165e28d9dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88639
x-xss-protection: 0

GET main~ef7d455c-c0b887cc7dd6f46755a0.js
www.provenskincare.com/dist/ 0
0

GET main~7bd12dde-a7d20543187c06e87e89.js
www.provenskincare.com/dist/ 0
0

GET main~102ff935-5c2505f211e0abc5db0c.js
www.provenskincare.com/dist/ 0
0

GET main~1019d6e1-9470e656a8f4b62fcbdd.js
www.provenskincare.com/dist/ 0
0

GET main~cecaaa2b-4738dc2a0cd9e1232124.js
www.provenskincare.com/dist/ 0
0

GET main~d605314e-ac88af59d67700a76428.js
www.provenskincare.com/dist/ 0
0

GET main~a3f6583e-8d56e6a5d410b9d2386a.js
www.provenskincare.com/dist/ 0
0

GET main~157645a8-efe0eabfd73b6b0ced82.js
www.provenskincare.com/dist/ 0
0

GET main~52f0199e-4651321baefc94959a90.js
www.provenskincare.com/dist/ 0
0

GET main~ed126cf3-c35fff0b5bcf0bb6bff8.js
www.provenskincare.com/dist/ 0
0

GET main~5601a669-73757b676e685d17d14b.js
www.provenskincare.com/dist/ 0
0

GET main~362bd4e4-d47e8ad05b1e0dbc1dba.js
www.provenskincare.com/dist/ 0
0

GET main~25dc9f7d-c00b06a2c28e0df2029f.js
www.provenskincare.com/dist/ 0
0

GET main~b2c1640e-d3eedbde5f7774bf3acc.js
www.provenskincare.com/dist/ 0
0

GET main~43dd7041-84073a273d2c6ce0a747.js
www.provenskincare.com/dist/ 0
0

GET 7016-3da27dd4b0936d36659b.js
www.provenskincare.com/dist/ 0
0

GET 9856-c6f84dca68f28c359673.js
www.provenskincare.com/dist/ 0
0

GET 896-4939e19b8998e180b9e0.js
www.provenskincare.com/dist/ 0
0

GET 8796-52699ebd0532fece684c.js
www.provenskincare.com/dist/ 0
0

GET 2363-f1bd42350c1d46b473f4.js
www.provenskincare.com/dist/ 0
0

GET 5984-70b4effecb281de2731e.js
www.provenskincare.com/dist/ 0
0

GET 2964-b9d3de3072959a54cfc7.js
www.provenskincare.com/dist/ 0
0

GET 1428-bfa6b79840a1d0b8373b.js
www.provenskincare.com/dist/ 0
0

GET 4516-292879b389f6ca8ea3d6.js
www.provenskincare.com/dist/ 0
0

GET 5664-963365335dc1f3595b9e.js
www.provenskincare.com/dist/ 0
0

GET 4320-986e270844a736123282.js
www.provenskincare.com/dist/ 0
0

GET 9560-8597622c4be85ae684d4.js
www.provenskincare.com/dist/ 0
0

GET 6768-9f0459ddaedd3f5bc5c9.js
www.provenskincare.com/dist/ 0
0

GET 9748-3328cba39e613fecfd9f.js
www.provenskincare.com/dist/ 0
0

GET 7412-ca367a1ae2a69d792d98.js
www.provenskincare.com/dist/ 0
0

GET 3064-e0836eb7e9e5695f8d3b.js
www.provenskincare.com/dist/ 0
0

GET 1540-77f596381419667b64fb.js
www.provenskincare.com/dist/ 0
0

GET 840-c855e93e7785e45ce378.js
www.provenskincare.com/dist/ 0
0

GET 5248-7c67c46757173a40ef53.js
www.provenskincare.com/dist/ 0
0

GET 4552-be9c8ab9d64a80413879.js
www.provenskincare.com/dist/ 0
0

GET 3472-ddcf2e78d5a07c3acc59.js
www.provenskincare.com/dist/ 0
0

GET 5752-1ac395be7e90729f76ff.js
www.provenskincare.com/dist/ 0
0

GET 3568-b44049acb732232ef4cf.js
www.provenskincare.com/dist/ 0
0

GET 2780-a83e405b839de128a8f8.js
www.provenskincare.com/dist/ 0
0

GET 8196-309ee510542710e9c985.js
www.provenskincare.com/dist/ 0
0

GET 2520-1363e28628ee87538e01.js
www.provenskincare.com/dist/ 0
0

GET 9552-36ba2ca6ffec7b6fb401.js
www.provenskincare.com/dist/ 0
0

GET 1584-0aa9738ab7f6fd2b21c7.js
www.provenskincare.com/dist/ 0
0

GET 9112-9fe5a0d831dcee25bb40.js
www.provenskincare.com/dist/ 0
0

GET 3984-a7248cd53952ef3c20c5.js
www.provenskincare.com/dist/ 0
0

GET 2788-ba2a53eb44e7ed5c3c0c.js
www.provenskincare.com/dist/ 0
0

GET 7184-0bc02c3dc6eb9fc37a17.js
www.provenskincare.com/dist/ 0
0

GET 4724-f2948fb4cebd72511029.js
www.provenskincare.com/dist/ 0
0

GET 5028-c7ec5cf2c8c4e059f990.js
www.provenskincare.com/dist/ 0
0

GET 2396-e7183a3a664c225cede9.js
www.provenskincare.com/dist/ 0
0

GET
H3 200 1746-05ad6a0a54dc44c0bbb8.js Show response
www.provenskincare.com/dist/ 133 KB
35 KB 434ms
430ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1746-05ad6a0a54dc44c0bbb8.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a8755ab56e3c7cd7089fa1fde1dece24ffe64031dcac80a692fcdfb76bb1940

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-polished: origSize=135983
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8a5e-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b981dbe3aa3-FRA

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/ 2 KB
1 KB 209ms
180ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/lightbox_inline.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3c87f38d2059c5a359dab6527aa4520f7fe0d2d681dca45cb874918bb8a566

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: GsQ5iuAUHGEDdBt0oawfpA==
cf-polished: origSize=2532
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 18:46:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 843410e4-801e-005c-12a7-7de9c9000000
x-ms-version: 2009-09-19
cf-ray: 89b94b984cd49208-FRA

GET
H3

200

main.js Show response
www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame D984
Redirect Chain

https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
4 KB

24ms
24ms

Script
application/javascript

2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Requested by

Protocol

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59525b235de8c4064af5b57c8366cd2406af73fb027f3481e3067a0f5b174a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89b94b985deb3aa3-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 29 Jun 2024 22:18:56 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89b94b981dc03aa3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon.ico
www.provenskincare.com/dist/ 295 B
943 B 403ms
403ms Other
image/x-icon 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e11767221d3944d7c96a571f7183663a440f026322a6c79b760f905cf32d4899

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"127-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: image/x-icon
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b988e313aa3-FRA

POST
H3 200 89b94b9428833aa3 Show response
www.provenskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D984 0
412 B 29ms
29ms XHR
text/plain 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/89b94b9428833aa3
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
server: cloudflare
cf-ray: 89b94b98feb33aa3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/ Frame E4C5 510 B
636 B 356ms
356ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/lightbox.js?mb=1719699536864&lv=1
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3d658cd2db623598c5c968f10bfa50b6fca71457a07ac88562201c899a8cba7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 29 Jun 2024 21:59:03 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 89b94b997e1d9208-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/ 103 KB
28 KB 703ms
619ms Script
text/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/analytics.min.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b35ceb43c26ca430d4ec7d176b33d9d3ff393cc7d1ea9ba94791745f3caeacc0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5HUnR4hUpqj8871T0FSqQWSRNt19bQPV
content-encoding: br
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 22:18:58 GMT
x-amz-cf-pop: MXP53-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 May 2024 18:28:23 GMT
server: AmazonS3
etag: W/"38c4bcdd55a92830a20cfbf79c4b5eaf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: NnV9RB2-ctfayaU7J9LLL_oo6SZU6pHlUUOsYDqD4wTxa82_tXOSAw==

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 40ms
24ms XHR
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.provenskincare.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 widget.js Show response
staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/ 445 KB
145 KB 56ms
17ms Script
text/javascript 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cbca2c0c6f4f60aa66042f6789715274ecdd6bceb3b6f62ef7d27d749c864e6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ratelimit-reset: 60
content-encoding: gzip
date: Sat, 29 Jun 2024 22:18:56 GMT
env: PRODUCTION
x-ratelimit-limit-minute: 5000
x-ratelimit-remaining-minute: 4999
ratelimit-limit: 5000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1719699536910_388391753_320274779_190_7737_6_16_146";dur=1
content-length: 147549
correlation-id: 35e69f0b-115e-4e11-bc00-0b1033dc9d6d
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=2762
access-control-allow-credentials: true
ratelimit-remaining: 4999

GET
H2 200 friendbuy.js Show response
static.fbot.me/ 372 KB
85 KB 48ms
9ms Script
application/javascript 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fbot.me/friendbuy.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 298ab7fe85a9903e413d721701fe084d79c8beea5e94902d52298f8989213fbc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Zg1Z4t9gGVIhZ6O6G98mp9kbM8loPz7x
content-encoding: gzip
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 22:14:56 GMT
last-modified: Tue, 11 Jun 2024 21:31:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 241
x-amz-server-side-encryption: AES256
etag: W/"1cd65a4782eac6072f662decf6d6d314"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: gW8K88nh5zWVe2SIu_pwANT3YOH5V0jm6SeXUIwgg-i1wwggeVrmkQ==

GET
H2 200 campaigns.js Show response
campaign.fbot.me/f98255ba-3c70-4132-b5e4-0b9e6975af4b/ 381 KB
36 KB 493ms
434ms Script
application/javascript 18.239.94.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.fbot.me/f98255ba-3c70-4132-b5e4-0b9e6975af4b/campaigns.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a764ae9cc0f16bce92623938b2e9ee1510d1389266bdaa0f56d2a7b5a43b4fc4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wPxjj1jE2GxauRtQI.gqYNcOAxgTH5Jd
content-encoding: gzip
via: 1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 22:18:58 GMT
last-modified: Thu, 08 Feb 2024 19:43:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
etag: W/"cfbdcb1b84945d0206577c91623e0e27"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=30
x-amz-cf-id: c1OWdDbWygj9PDmb6LUBTZpOHq6l5i89MZioQzc_vKpcw7jiY5iPLw==

GET
H2 200 200-ae63307b44c8babac30b.js Show response
js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/ 17 KB
5 KB 7ms
7ms Script
application/x-javascript 13.35.58.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/200-ae63307b44c8babac30b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-60.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ef2568e0e8ccd500dfb11a979b0b2c433632ae9340d3b65d64e15329066871ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zgpnwlPNprt2sgWZx2Fi5wxILjqC5e9i
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 29 Jun 2024 22:17:48 GMT
via: 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 69
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Jun 2024 09:15:18 GMT
server: AmazonS3
etag: W/"b878c6c73fbe4933d2e35afb6ecbb01c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: _R99fn9AdgeN35KvcIBFctj_SJsyT1woaF5LpTsol9VuTVa3BM6zCQ==

GET
H2 200 payframe
pay.google.com/gp/p/ui/ Frame A62C 0
0 234ms
197ms Document
text/html 2a00:1450:400c:c0d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.provenskincare.com&mid=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Lm7HQreDSfn3wZfmXfOR-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.provenskincare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Lm7HQreDSfn3wZfmXfOR-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 29 Jun 2024 22:18:57 GMT
expires: Sat, 29 Jun 2024 22:18:57 GMT
origin-trial: AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjitHikmJw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZJL6-ZNIA4sPR01md0mewBgGxT_0M1hggbr15jnUqEM8NOM8annmeNenfedYiIP7IcZF1ScRF1kOJF1mFuDkuTmjawibwYvpiCyXtpPzC-My84pLEvJKk0sq0ovy8ktS8lOLUorLUongjAyMTAzMjCz0Do_gCAwBAFDqM"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 widget.css
staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/ 480 KB
39 KB 17ms
16ms Stylesheet
text/css 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2023-07-30_08-44-12

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b35a6ffa194f412a8f15c0b15c218a4cef102d2fb8b201086a344952f19d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719699537004_388391753_320274789_159_7728_5_0_255";dur=1
content-length: 39533
x-xss-protection: 1; mode=block
x-request-id: 7d5e9f9dae3196565cf2c3fdf5b0e3dd
x-runtime: 0.162151
etag: W/"f2ee54d2772951aac7a0c5b145410e25"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=257
access-control-allow-credentials: true
access-control-allow-headers: *

OPTIONS
H2 200 xhr
public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/ Frame 0
0 333ms
106ms Preflight 67.202.51.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/xhr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.51.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-51-57.compute-1.amazonaws.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.provenskincare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.provenskincare.com
content-length: 2
date: Sat, 29 Jun 2024 22:18:57 GMT
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"45.141.152.72","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-66808851-0c2664a80e2625a06ddcf235","accept":"*/*","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","origin":"https://www.provenskincare.com","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36","sec-fetch-mode":"cors","sec-fetch-site":"cross-site","sec-fetch-dest":"empty","referer":"https://www.provenskincare.com/","accept-encoding":"gzip, deflate, br, zstd","accept-language":"en-US,en;q=0.9","priority":"u=1, i"}
server: nginx/1.27.0

POST
H2 200 xhr Show response
public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/ 529 B
789 B 486ms
292ms Fetch
application/json 67.202.51.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://public.fbot.me/events/f98255ba-3c70-4132-b5e4-0b9e6975af4b/profile/xhr
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.51.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-51-57.compute-1.amazonaws.com
Software: nginx/1.27.0 /
Resource Hash: d0072b5b09bdb547252d7fdb602e3d0c6411d009368d83c12eb24c1a281cdc79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.provenskincare.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.provenskincare.com
date: Sat, 29 Jun 2024 22:18:57 GMT
access-control-allow-credentials: true
server: nginx/1.27.0
content-length: 529
content-type: application/json

GET
H2 200 i
p.yotpo.com/ 35 B
280 B 42ms
7ms Image
image/gif 18.156.51.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&se_va=Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG&cx=eyJwdl91dWlkIjo1MjE2MzA0OTQsInBpeGVsX2lkIjoiNDgzMDE1YmEtZDY5YS00YWZiLWI3OWQtNTQyZmMxMzU4NDMwIn0&dtm=1719699537019&tid=861552&vp=1600x1200&ds=1600x1200&vid=1&duid=4c91403a42ea769b&p=web&tv=js-0.13.2&fp=3554096492&aid=onsite_v2&lang=de-DE&cs=UTF-8&tz=Europe%2FBerlin&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.51.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-51-183.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Sat, 29 Jun 2024 22:18:57 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Sun, 30 Jun 2024 22:18:57 GMT

GET
H2 200 open_sans.css
staticw2.yotpo.com/assets/ 281 B
587 B 15ms
14ms Stylesheet
text/css 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/open_sans.css
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2023-07-30_08-44-12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2023-07-30_08-44-12
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
last-modified: Sun, 19 May 2024 13:21:58 GMT
etag: "6649fcf6-d8"
env: PRODUCTION
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=604800
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719699537030_388391753_320274791_30_7586_6_0_255";dur=1
content-length: 216
expires: Sat, 06 Jul 2024 22:18:57 GMT

GET
H3 200 2396-e7183a3a664c225cede9.js Show response
www.provenskincare.com/dist/ 35 KB
7 KB 54ms
53ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2396-e7183a3a664c225cede9.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e2dc647304fa8cc9b33bfb0167335861969b270f04a19fef6dc0c416c1edbbc2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6331
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"18bb-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9ae8ce3aa3-FRA

GET
H3 200 5028-c7ec5cf2c8c4e059f990.js Show response
www.provenskincare.com/dist/ 35 KB
8 KB 32ms
32ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/5028-c7ec5cf2c8c4e059f990.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 11cb69f8b850c942767c25acfe66e8f1b709be34151e6b70de8b2e50e8e99d58

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 7842
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719489835&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=SNMYrbvy9SGW5v7WFg%2Fv0fXoc14DA8NtI0YXytqdzbQ%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1ea2-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719489835&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=SNMYrbvy9SGW5v7WFg%2Fv0fXoc14DA8NtI0YXytqdzbQ%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9b49333aa3-FRA

GET
H3 200 4724-f2948fb4cebd72511029.js Show response
www.provenskincare.com/dist/ 28 KB
7 KB 54ms
53ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4724-f2948fb4cebd72511029.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c9dfbaf23f8a2138b0d18970b9ac7bab94b384366a5a5015a3ea757902a0c65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6507
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"196b-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9b79703aa3-FRA

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/ Frame E4C5 700 KB
151 KB 31ms
30ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/user.js?cb=638545403523622106
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/6a101e6d-4628-4c23-a259-6a49477d0254/lightbox.js?mb=1719699536864&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ae73cd3f743f43487bdaea1b9583dd797ef488ab010fa2bf226ddf9832439b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: UrPFSLctrod5ymKYWeBjjw==
age: 146086
cf-polished: origSize=1111671
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 18:46:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 4c4a7c51-d01e-0022-5592-c37606000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 89b94b9bb8579208-FRA
expires: Sun, 29 Jun 2025 22:18:57 GMT

GET
H2 200 light_square_gpay.svg
www.gstatic.com/instantbuy/svg/ 2 KB
1 KB 27ms
7ms Other
image/svg+xml 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/instantbuy/svg/light_square_gpay.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jun 2024 13:01:02 GMT
age: 292675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 894
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="instantbuy-eng"
vary: Accept-Encoding
report-to: {"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jun 2025 13:01:02 GMT

GET
H3 200 7184-0bc02c3dc6eb9fc37a17.js Show response
www.provenskincare.com/dist/ 19 KB
7 KB 42ms
42ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/7184-0bc02c3dc6eb9fc37a17.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d906023f35fe18a30dbd1b76a2870de37cfe538430dfb8a6ec2817a3d9bfa22

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6650
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"19fa-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9bd9fc3aa3-FRA

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 24ms
24ms Stylesheet
text/css 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638430148090054530
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 237683
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b3ac3d62-101e-0070-106f-756bf4000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 89b94b9c08a59208-FRA
expires: Tue, 30 Jul 2024 22:18:57 GMT

GET
H2 200 z Show response
api.lightboxcdn.com/z9gd/43890/www.provenskincare.com/jsonp/ 788 B
1 KB 597ms
124ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lightboxcdn.com/z9gd/43890/www.provenskincare.com/jsonp/z?cb=1719699537292&dre=l&callback=jQuery112408597510056191822_1719699537282&_=1719699537283
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ddeb5172e7a260ab87d19262f7502eab2be66acc3346a9bc5c16e633a67c1ba1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: application/javascript

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 17ms
16ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1719699537286&h=www.provenskincare.com&e=p&u=43890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 29 Jun 2024 22:18:57 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1943349
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 4c20669e-901e-0061-20c5-b85cef000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89b94b9c18ae9208-FRA

GET
H3 200 27a5d8239c6ab0e8a80b.woff2
www.provenskincare.com/dist/ 27 KB
28 KB 411ms
411ms Font
application/font-woff2 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/27a5d8239c6ab0e8a80b.woff2
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 970b41c7b91e24fdedd379e95edddece68399a53af803e2c9ab314f38410f681

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 27860
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719435276&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yfiGgoEUGCrogg6%2Bgrir4ZvzI0yeRQ3kccdVX%2Bukr%2F8%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"6cd4-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719435276&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yfiGgoEUGCrogg6%2Bgrir4ZvzI0yeRQ3kccdVX%2Bukr%2F8%3D"}]}
content-type: application/font-woff2
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9c3a763aa3-FRA

GET
H3 200 2788-ba2a53eb44e7ed5c3c0c.js Show response
www.provenskincare.com/dist/ 31 KB
11 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2788-ba2a53eb44e7ed5c3c0c.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 14efdf2ae8e4003dbd1301377d838335e8160997af9b4f88ef0453a1048efcdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 10809
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2a39-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9c3a7b3aa3-FRA

GET
H3 200 3984-a7248cd53952ef3c20c5.js Show response
www.provenskincare.com/dist/ 45 KB
12 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/3984-a7248cd53952ef3c20c5.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0172e03f3b5de0028f0661772f6347a814cb235430e628e2a9a3ef5fd16760fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 11439
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2caf-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9c6ab93aa3-FRA

GET
H3 200 9112-9fe5a0d831dcee25bb40.js Show response
www.provenskincare.com/dist/ 146 KB
35 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/9112-9fe5a0d831dcee25bb40.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a7682d493d5e7b9377e272e480f083d1c3c3c1821ec8199cdfdb75e00975b511

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
cf-polished: origSize=149074
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"959e-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b9caafc3aa3-FRA

GET
H3 200 1584-0aa9738ab7f6fd2b21c7.js Show response
www.provenskincare.com/dist/ 124 KB
35 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1584-0aa9738ab7f6fd2b21c7.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7b82c085820bfd85aaf26c9af590f9eaad9b38362e847b0913c27e2fd6f09ace

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
cf-polished: origSize=126998
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"831d-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b9cfb413aa3-FRA

GET
H3 200 9552-36ba2ca6ffec7b6fb401.js Show response
www.provenskincare.com/dist/ 97 KB
34 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/9552-36ba2ca6ffec7b6fb401.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2d38532dcea04825948e20591c4a683d3d5d204c322e93cd34791fdcb480f7d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
cf-polished: origSize=99842
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"85d2-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b9d3b883aa3-FRA

GET
H3 200 2520-1363e28628ee87538e01.js Show response
www.provenskincare.com/dist/ 85 KB
28 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2520-1363e28628ee87538e01.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: adf00edf0781b68b8acd900c70a2d34928b221dea44fc1db095f93c3cc109552

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 27892
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"6cf4-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9d8bda3aa3-FRA

GET
H3 200 8196-309ee510542710e9c985.js Show response
www.provenskincare.com/dist/ 17 KB
6 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8196-309ee510542710e9c985.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4a1a408fa7e640e36392053bc555da262a9e9c4bb7c1bc3a01f23c91b8b722cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 5049
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"13b9-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9dcc1e3aa3-FRA

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/ 19 KB
4 KB 64ms
29ms Fetch
application/json 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/KZSnsWKOJoLmrv0mp6OFlhwFb7JnNmVf/settings
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77278ec6ffa3bc379d1d63440197f0d9b29589fedfb584cf78cb2dd7a15dfaf1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: G65DEnFpQZ9lAJmxE5bIPSkiIrJuwIp.
content-encoding: br
via: 1.1 a366fd20fbfe4c17553696da0b2bf4ee.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 22:18:57 GMT
x-amz-cf-pop: MXP53-P4
age: 119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jun 2024 10:35:07 GMT
server: AmazonS3
etag: W/"66e25683294a4cc00ee798ad557590ee"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: S_bvoap3ybDKfcd27QDE37UwZuROEGKjGW5yk1sufJ-Mqh0wX0UgXg==

GET
H3 200 2780-a83e405b839de128a8f8.js Show response
www.provenskincare.com/dist/ 67 KB
21 KB 58ms
58ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2780-a83e405b839de128a8f8.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1d60a13a61acc5da40cb2dd7018545857e73176315baf7812772129380ca5b9c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 20899
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"51a3-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9e0c8e3aa3-FRA

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 18ms
18ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:48:35 GMT
x-amz-version-id: bCnfawpcITW3uoknVKbYt68xGfkmWUIg
content-encoding: br
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P4
age: 3706223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 May 2024 17:49:25 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: AAWz1kZYJHtu2SP8Dwa3Rz92-HB2a06aiIuiuztkEqGUKERYnEaLVQ==

GET
H3 200 3568-b44049acb732232ef4cf.js Show response
www.provenskincare.com/dist/ 68 KB
25 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/3568-b44049acb732232ef4cf.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6c90363db21af9013c2fe455dfbf0f1a74fb60b813823a37affa99df8c67f0b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 24779
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"60cb-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9e6d013aa3-FRA

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 18ms
18ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:48:26 GMT
x-amz-version-id: VlzHAMQ1yYdNYlkt0r9wjZNiLaOHOlzJ
content-encoding: br
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P4
age: 3706232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 May 2024 17:49:25 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 5kwAA_2cgd3wdJXhx9yFehp4fRA2R1wJiRZBb7b8Ht_XIsJ7CC-Nmg==

GET
H2 200 d12b2279aa755ca1d747.js Show response
cdn.segment.com/next-integrations/actions/friendbuy/ 283 KB
74 KB 28ms
27ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/friendbuy/d12b2279aa755ca1d747.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e68b3c338a1567da9bad2b7015d68e4e725f2057238e815e5614c2739094b1f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pQa1tHnrKaexKP.e0dv52QFHs7bRjQJS
content-encoding: br
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 15:11:36 GMT
x-amz-cf-pop: MXP53-P4
age: 26148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 25 Jun 2024 14:15:00 GMT
server: AmazonS3
etag: W/"0c4dd70bbb4c5f06b740834816b80eca"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: A5UK4XtDPvUo15exiOSX59V3aXsmgHjf892ACdEbB4vThl1F2_q_kg==

GET
H2 200 90c45e2ce4e06df57e3a.js Show response
cdn.segment.com/next-integrations/actions/tiktok-pixel/ 179 KB
55 KB 20ms
20ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/tiktok-pixel/90c45e2ce4e06df57e3a.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 698ab064d795191da9d84b8e481d33a3e5c4cd06ccbea239a4eb5c8be892083c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QxAFZEvXYeBaOVYg1FVcTIjyjufc1fob
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 16:51:51 GMT
x-amz-cf-pop: MXP53-P4
age: 19626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 25 Jun 2024 14:15:01 GMT
server: AmazonS3
etag: W/"23ae947d5da9031c085ae76b2cedf5ab"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: y_RMYo6s__ENKFFEDvWvlGorrEqY8HOBpbOZbEfYYvwHriD9L8Wh7w==

GET
H3 200 5752-1ac395be7e90729f76ff.js Show response
www.provenskincare.com/dist/ 289 KB
75 KB 56ms
56ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/5752-1ac395be7e90729f76ff.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 964bdf1c8f5ecf297c0e7b739a97bc49f5792504532e8e9a56b2b164750984e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
cf-polished: origSize=295954
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"121b1-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b9ead423aa3-FRA

GET
H2 200 2d04d1da143afcea0dd4.js Show response
cdn.segment.com/next-integrations/actions/845/ 27 KB
8 KB 18ms
17ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: o9NMlXkoqao3Ygh5ZZk.tXy96r009F1i
content-encoding: br
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 09:19:39 GMT
x-amz-cf-pop: MXP53-P4
age: 46759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jun 2024 15:13:29 GMT
server: AmazonS3
etag: W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 5ocW9YHBtov8ISNLiYjs0kJJz_qE-xWf6C0OO7zKTGtwN2oo4R4Pag==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 18ms
18ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:34:56 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: wpk0j._e3yrV_Q_oe4XUfSazc1o1NcTQ
x-amz-cf-pop: MXP53-P4
age: 1503842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: AmazonS3
etag: "a7cd49c834a0851140e3304c91cb34d0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: PQ7Ui64VFdXuWVPOHg2S4wk0x3rAi3vSZZkpYtNbfxROM2Ycf16ZbA==

GET
H2 200 fullstory.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/ 5 KB
3 KB 19ms
19ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9fda204818eb76752b45ba07f2a3357507dfbd1ffac18a8badebda6f96feab7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 20:08:36 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: ELiB7h_iQdssJmEb7fK1sMKpgTaTr4RJ
x-amz-cf-pop: MXP53-P4
age: 1476622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2166
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: AmazonS3
etag: "5ab49a383e9cf7b93c013d369b1b30f7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Sf_P9OUX7Wrp1iuv1YBwLk5UG1s5EGBdjtE1dWxlva8ph3rokFn50Q==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 19ms
19ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:01:00 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: 2QnOYwF5YFKn4huywZP2TBu6SmwTBwS6
x-amz-cf-pop: MXP53-P4
age: 1469878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1343
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: AmazonS3
etag: "a2b1aa1a0e402b1f891c929f94449d47"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 1zgMQLJet7aP9hazYilkNKU7VGb-Rekn88ec9c6OzOyKReYXdM_VAw==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 19ms
19ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:34:56 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: i2ncOaRW_yaUuTEZyHsZKDaGAnZswmH9
x-amz-cf-pop: MXP53-P4
age: 1503842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1655
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: AmazonS3
etag: "d151cb0874ed5e13006e5f38364ec01e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Bmd78M7cYvdmPTmEbFp3sN2VE1knOoxxz4jKOZqiX-0Qvq0rW3qlDA==

GET
H2 200 pinterest-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.5/ 5 KB
2 KB 19ms
19ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.5/pinterest-tag.dynamic.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00e57d05069f8818b6f243ad2e6ab6b37dfef16f1d2b12369a4f1149c5617eaa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 19:11:29 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: HOjCrjVT0fCK0sAC.6Ql_Wltpjox6TqV
x-amz-cf-pop: MXP53-P4
age: 961649
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1989
last-modified: Mon, 03 Jun 2024 14:40:13 GMT
server: AmazonS3
etag: "d2e5bee33a58f5c4819f84648efb2bfb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: htSPDumsRHtIECvHeyzArNx-bFuWbafczvDgN5KyOLWvXeXf23sxkA==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 244ms
109ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5FM6VVGE0M3SF4IV8NG&lib=ttq
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8aa0cbd2f8a168192722f787611860a11be3d6a3ac9ab6a000bfad6f7626770c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: bea116f.53be7e49
date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24062922185791EC9C8718C7DF6227F2-58290877742A5609-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 96,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=8, inner; dur=5
content-length: 1901
pragma: no-cache
server: nginx
x-tt-logid: 2024062922185791EC9C8718C7DF6227F2
x-cache-remote: TCP_MISS from a23-218-223-70.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.218.223.70
x-tt-trace-host: 016f188ec6c4b24d6b5b7285ae76c25c3365e2f1dfa97fc70fa60e16e151ba0c2c04de7b23fc02f0f8b2f26cbac152a139ca59051a599a5ca8468c56c7872e65f26cf2da4119ea349b063c2b8a1eca11074a1d36dc9d95ccd0175fbbbc530e1d0e2a8bf4d49e40cffd1157f1b2909b79e2
expires: Sat, 29 Jun 2024 22:18:58 GMT

GET
H3 200 3472-ddcf2e78d5a07c3acc59.js Show response
www.provenskincare.com/dist/ 24 KB
6 KB 35ms
35ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/3472-ddcf2e78d5a07c3acc59.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3e4ba438125438814aa10d6e9b11fd6e6d73f9b56296b0f386921174323ace61

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 5944
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1738-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9f6df53aa3-FRA

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 70 KB
22 KB 18ms
18ms Script
application/javascript 3.165.246.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.246.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-246-143.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 19:59:49 GMT
content-encoding: gzip
via: 1.1 63f2129c9b5b147756a13dbcdad68422.cloudfront.net (CloudFront)
x-amz-version-id: V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
x-amz-cf-pop: MXP53-P4
age: 1477148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21911
last-modified: Mon, 03 Jun 2024 14:40:11 GMT
server: AmazonS3
etag: "c467a63b2e7c3a99be423ace649014d8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 4b_rkjyICfPHBFQBqLTMAFnQqI35w5kdkBEb7Wwl91adbuWG7mSRUQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
59 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 29 Jun 2024 22:18:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: uJcg0IDl1hJlw0vlX4LW/vGJ2ojTLgb/GilvwoaAX6fHwZyCuroHV8XnTgzeOwku66qtFI/6buwsxTrkN9RO1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 277 KB
75 KB 35ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:42:22 GMT
content-encoding: br
age: 2195
x-guploader-uploadid: ACJd0NqahFBgtTpP42IGSFVDJsWx2MXT0r17GQ_qz-L631F3v5DMZZZOtus8bMvOr3VA7_1jK1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76394
last-modified: Thu, 27 Jun 2024 13:38:26 GMT
server: UploadServer
etag: "f79ad65695b94b39d47799af56fbd7e3"
vary: Accept-Encoding
x-goog-generation: 1719495506351318
x-goog-hash: crc32c=wtOMAQ==, md5=95rWVpW5SznUd5mvVvvX4w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 76394
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 29 Jun 2024 22:42:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
111 KB 64ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBQ57K4&l=dataLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

300ae542faf3f32b9d58da96b716861e7c130c7339b411ce831fecc6b57eab36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113520
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 22:18:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
94 KB 51ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-813896931

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

705ddcb5d26f038d85969e092f581f692fc6feaf857cf27d11dc9608ee827d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95541
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 22:18:57 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 93ms
25ms Script
application/javascript 2a02:26f0:3500:88b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1878

GET
H3 200 4552-be9c8ab9d64a80413879.js Show response
www.provenskincare.com/dist/ 87 KB
19 KB 45ms
44ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4552-be9c8ab9d64a80413879.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8aec8e47d01a356c10a18f9ce92f7b37598bd58f2bfd3d14c4b24f5fe207762d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 18776
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"4958-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94b9fae3f3aa3-FRA

GET
H3 200 5248-7c67c46757173a40ef53.js Show response
www.provenskincare.com/dist/ 98 KB
27 KB 41ms
40ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/5248-7c67c46757173a40ef53.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6a3024b1047c265cf9765ee572e062f7516f1ad4d1d8a2cc390b00b9833e9eda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 26617
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"67f9-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba01eb53aa3-FRA

GET
H2 200 101684010396000 Show response
connect.facebook.net/signals/config/ 70 KB
15 KB 120ms
120ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/101684010396000?v=2.9.159&r=stable&domain=www.provenskincare.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb5a41a8c294c9b69776072b7420bef5efce9d378f8ab004cf1927f92ff1cb96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 29 Jun 2024 22:18:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=64, mss=1328, tbw=63749, tp=-1, tpl=-1, uplat=112, ullat=1
pragma: public
x-fb-debug: ukvQ5LFLqL5UYQe5mtQtH/2qkvqYnuPX/KoDdqvnp9IcagWbuhdSRtB5DeKMWpz9L9Ozkzjuf4tMcwtNlP5JMQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/F2508/v1/ 4 KB
2 KB 116ms
115ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/F2508/v1/web
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 86f34590131aee1781c3458ff08e606fcb22c09a51bf330454b1ecae503c0c5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ACJd0NoPhMyRvcnLuPndJJg-dMoPREAeqwcniMKder4PLCMC2iUByUvsQPn5WQwB8CSThf9n9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
last-modified: Sat, 29 Jun 2024 22:18:56 GMT
server: UploadServer
etag: "138c915499c27c7d35d3dfbfb65565af"
x-goog-generation: 1719649436111054
x-goog-hash: crc32c=eEsyuQ==, md5=E4yRVJnCfH0109+/tlVlrw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1286
accept-ranges: bytes
content-type: application/json
expires: Sat, 29 Jun 2024 22:33:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e841021029208d687295fd953796004ecd288795db43802e46158f1997de8609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 22:18:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
96 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

055fd2d2b3684ee9ee1db9c8571a042135ab0d9b7327632a93428850af10638a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 22:18:58 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 30 KB
8 KB 404ms
98ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32549&tdr=&plh=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&cb=67505806703697480term=value
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: ff8013d1fc889bd5833ad624fc2166aa3e55d0d9869f31704783c18f0a374b7d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 819ms
166ms Image
image/png 35.82.126.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1719699538064&l=tvscientific-pix-o-1d976acc-3464-4c38-b8a5-c5cae7cdbf36&u3=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.82.126.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-126-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
pragma: no-cache
date: Sat, 29 Jun 2024 22:18:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2 200 main.f74ed22b.js Show response
s.pinimg.com/ct/lib/ 70 KB
20 KB 15ms
14ms Script
application/javascript 2a02:26f0:3500:88b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20114

GET
H3 200 840-c855e93e7785e45ce378.js Show response
www.provenskincare.com/dist/ 24 KB
8 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/840-c855e93e7785e45ce378.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0ded27b516d740f2481a88563d5cd997e54bb05de2d3814444e3298237810f10

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 7384
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1cd8-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba0f8293aa3-FRA

GET
H2 200 main.MTZkNWZlYWU4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
99 KB 15ms
15ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 53be802b
date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406271534555ED516B3241339563F5A
x-tt-trace-id: 00-2406271534555ED516B3241339563F5A-27B6A03651CEF887-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cccdf324974bf31bc92a1d837f9dca1850e2f8bd0b51c327d76a9fd9a766c61e9e8fe41a51930f2a63559b43d71e40be276f2a2f9c73c8e15c103dc1a389f626bac2df22a236ada77fb65b535a224bee2239eacadca116898a5310075724c441
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 100324

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
709 B 90ms
38ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613287502723&cb=1719699538095&dep=2%2CPAGE_LOAD

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.30d53e17.1719699538.158c1e0c
x-envoy-upstream-service-time: 1
content-length: 188
x-pinterest-rid: 8760982223773522
pin-unauth: dWlkPU1ESTNPVEpqTnpFdE5tVmhPUzAwTldSbExUaGlOMk10WVRVNFpUQTVOVFl5WVRkbA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.provenskincare.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 87ms
40ms Fetch
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2613287502723&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.126%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1719699538100

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.30d53e17.1719699538.158c1e0b
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 35
x-pinterest-rid: 1371608116748880
pragma: no-cache
referrer-policy: origin
content-type: image/gif
access-control-allow-origin: https://www.provenskincare.com
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 13ms
12ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 53be8114
date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400009551EF5C15CA9748B8FC
x-tt-trace-id: 00-2405211400009551EF5C15CA9748B8FC-0C5FEC4D8AB4521F-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0153383331b27fe25ddcc67dbff01dbf92cef4a6aa02f03fc529778a4dd4c29db43c995ba1a3308fe81fc527a708842168c3dcde9beffc40dc6538ccd7a99fdc6a71b9aa4a8323fcd795d7e2dbd14f61f54dc97ea9a82c942d036fd901d3704756
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39732

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 170ms
170ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c1da9ad.53be8135
date: Sat, 29 Jun 2024 22:18:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240629221858F2C32C5B4270845A5715-60BCFB091E9853DD-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 151,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=57, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240629221858F2C32C5B4270845A5715
x-cache-remote: TCP_MISS from a23-218-223-83.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 57,23.218.223.83
x-tt-trace-host: 016f188ec6c4b24d6b5b7285ae76c25c3365e2f1dfa97fc70fa60e16e151ba0c2ce25682579209a459641c45f74b0662f4b1ef9971a3d1d6b5f82ff386c984d0baf0db846d11117a16021f62e5fc5f72137820e4e6b171b4ed4c6062618a935e522a344483c8d56866adcdfaf9011ac41b
access-control-allow-headers: Authorization,*
expires: Sat, 29 Jun 2024 22:18:58 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 41ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WG031FR1CX&gtm=45je46q0v879258545z879326618za200zb79326618&_p=1719699537855&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1055823592.1719699538&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1719699538&sct=1&seg=0&dl=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2644&_z=fetch
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:18:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 73ms
24ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WG031FR1CX&cid=1055823592.1719699538&gtm=45je46q0v879258545z879326618za200zb79326618&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG031FR1CX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:18:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
16ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG031FR1CX&cid=1055823592.1719699538&gtm=45je46q0v879258545z879326618za200zb79326618&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=823630156

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:18:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1540-77f596381419667b64fb.js Show response
www.provenskincare.com/dist/ 14 KB
5 KB 45ms
44ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1540-77f596381419667b64fb.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ed36d25a27682cab3d5a1492f22ee436d3de97a8217fd1cd4d6f9bcec14e04b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4862
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"12fe-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba1c9153aa3-FRA

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
740 B 171ms
129ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 3ca9c98a73b76f077ffe2a01d2c349a29b3427736dded92c21c930b0fff4d16d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554

GET
H3 200 3064-e0836eb7e9e5695f8d3b.js Show response
www.provenskincare.com/dist/ 9 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/3064-e0836eb7e9e5695f8d3b.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4037bc488cf1b24e172f63bdf3e8b16b3800ad7319809002aa6cfb25ec12252d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"24e7-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94ba2196d3aa3-FRA

GET
H3 200 7412-ca367a1ae2a69d792d98.js Show response
www.provenskincare.com/dist/ 58 KB
19 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/7412-ca367a1ae2a69d792d98.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 04b6f64026c4628a6e0085c9a5ae4f915973090961a82c315b1eccc8886d4cfd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 18816
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"4980-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba249a73aa3-FRA

GET
H3 200 9748-3328cba39e613fecfd9f.js Show response
www.provenskincare.com/dist/ 22 KB
7 KB 35ms
35ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/9748-3328cba39e613fecfd9f.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6c583215c38cc92f6f99d66305c05ae8460302acaffe9a961f48623a5a28a29a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6034
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1792-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba289f63aa3-FRA

GET
H3 200 6768-9f0459ddaedd3f5bc5c9.js Show response
www.provenskincare.com/dist/ 52 KB
14 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/6768-9f0459ddaedd3f5bc5c9.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 41c22b023fcdbd1ec0e590a756fd24e81db8b0983a6af71031428560edc121f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 14111
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"371f-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba2ca323aa3-FRA

GET
H3 200 9560-8597622c4be85ae684d4.js Show response
www.provenskincare.com/dist/ 49 KB
14 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/9560-8597622c4be85ae684d4.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 228ce2fd816156544c5b08546c917bda86b1b6a08a872f5bb4b31008d67c0735

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 14167
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"3757-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba31aa53aa3-FRA

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 132ms
132ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c1db364.53be8486
date: Sat, 29 Jun 2024 22:18:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240629221858CB85DBC4F2E48546A328-3E4A60BB90296BC8-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 110,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240629221858CB85DBC4F2E48546A328
x-cache-remote: TCP_MISS from a23-218-223-83.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.218.223.83
x-tt-trace-host: 016f188ec6c4b24d6b5b7285ae76c25c3365e2f1dfa97fc70fa60e16e151ba0c2ce25682579209a459641c45f74b0662f4e6b24f664d8b8656b88219e5d84674c2ee4a817078ce164b85e8e1888df4dda437ebd04915fdb0a067dbdfa223189757a955fa270f88ec18c3713d1265d0cd22
access-control-allow-headers: Authorization,*
expires: Sat, 29 Jun 2024 22:18:58 GMT

GET
H3 200 4320-986e270844a736123282.js Show response
www.provenskincare.com/dist/ 89 KB
30 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4320-986e270844a736123282.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a7ac8c15d460be3734c36db62ac7d5486fdb78018ad49b45c6f93db14bfa1b30

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 29990
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"7526-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba34adc3aa3-FRA

GET
H/1.1 200
OK is Show response
44.212.189.233/ 32 B
437 B 412ms
105ms Fetch
text/plain 44.212.189.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://44.212.189.233/is
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.212.189.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-189-233.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: bf8400afa36bbaf1cd13dd8455807898e5f80981a96c7a2fc6d67f7e5c7313a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H3 200 5664-963365335dc1f3595b9e.js Show response
www.provenskincare.com/dist/ 25 KB
9 KB 48ms
48ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/5664-963365335dc1f3595b9e.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 06862b7a15bd7e681bf6c6970cfc0624919ef1c2e86c4693763b942a2a37dc94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 8759
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2237-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426138&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=xvnlt8LLYlHzdovnNxu4sbOywjmvExmG2OLlGR94CmI%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba38b213aa3-FRA

GET
H3 200 4516-292879b389f6ca8ea3d6.js Show response
www.provenskincare.com/dist/ 6 KB
3 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4516-292879b389f6ca8ea3d6.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fbac6c8fce43ae88b5d7545d5916464e40e2951a9c269392ba64cd86f9c806e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"17e1-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94ba3db7c3aa3-FRA

GET
H3 200 1428-bfa6b79840a1d0b8373b.js Show response
www.provenskincare.com/dist/ 76 KB
27 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1428-bfa6b79840a1d0b8373b.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2d2a5bb1ed8c417836073f9ed83bef000d41786d35c16c81e10fd1d527e566f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 27225
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"6a59-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba42bee3aa3-FRA

GET
H3 200 2964-b9d3de3072959a54cfc7.js Show response
www.provenskincare.com/dist/ 11 KB
4 KB 43ms
43ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2964-b9d3de3072959a54cfc7.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3d909cba7f07ed84605c2ea8d01b21334b299accb6361c753888b93954856587

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3355
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"d1b-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba46c273aa3-FRA

GET
H3 200 5984-70b4effecb281de2731e.js Show response
www.provenskincare.com/dist/ 155 KB
51 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/5984-70b4effecb281de2731e.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 511b731aed6a8aa3e5f3e0e6e7c3500a760032e376d92ddeeca9e5c4c6bbe99d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
cf-polished: origSize=158786
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"c918-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94ba4bc793aa3-FRA

GET
H3 200 2363-f1bd42350c1d46b473f4.js Show response
www.provenskincare.com/dist/ 49 KB
13 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2363-f1bd42350c1d46b473f4.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5b7252063e89b5df199e5fa646c6fe1b66a1c27aaf50c8c9dcebcbfd2bf14b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 13124
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"3344-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba4fccc3aa3-FRA

GET
H3 200 8796-52699ebd0532fece684c.js Show response
www.provenskincare.com/dist/ 83 KB
23 KB 46ms
46ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8796-52699ebd0532fece684c.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 47d5067a1161ebe6de6e533dc21eaad185af2a35f39e628bbca1630aaecaba92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 23144
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719435274&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=BYX3ITWx1minJXSg%2B0HvMdrotWrCR4sGYbAmK31gdXQ%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"5a68-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719435274&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=BYX3ITWx1minJXSg%2B0HvMdrotWrCR4sGYbAmK31gdXQ%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba53d0a3aa3-FRA

GET
H3 200 896-4939e19b8998e180b9e0.js Show response
www.provenskincare.com/dist/ 49 KB
16 KB 48ms
48ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/896-4939e19b8998e180b9e0.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cb4aaec276ed7b55d6f569f413803c586ec3364efef4f121e704d7e8650aaeb8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
cf-polished: origSize=49994
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"3b1f-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94ba58d753aa3-FRA

GET
H3 200 9856-c6f84dca68f28c359673.js Show response
www.provenskincare.com/dist/ 19 KB
7 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/9856-c6f84dca68f28c359673.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3f65f3b4d9b9567bae631b25707af69f14859b91cd5c34b3eeed1eacebdf80ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6130
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"17f2-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba5ddc83aa3-FRA

GET
H3 200 7016-3da27dd4b0936d36659b.js Show response
www.provenskincare.com/dist/ 66 KB
23 KB 45ms
45ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/7016-3da27dd4b0936d36659b.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 818a439ac8b418c626e873091193b4c60d376e94efe5d1c3df977f00012a2d58

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22673
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"5891-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba61e123aa3-FRA

GET
H3 200 main~43dd7041-84073a273d2c6ce0a747.js Show response
www.provenskincare.com/dist/ 102 KB
26 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~43dd7041-84073a273d2c6ce0a747.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 829c330240c369ce3820b1510abcf7433909c28abba09f514df4436ea844e7b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:58 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 1
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 26041
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"65b9-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba66eb73aa3-FRA

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 681ms
168ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-91WG9T9YM4%3BG-WG031FR1CX&ga_client_id=1055823592.1719699538&shpt=&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-91WG9T9YM4%3BG-WG031FR1CX%22%2C%22ga_client_id%22%3A%221055823592.1719699538%22%2C%22shpt%22%3A%22%22%2C%22dcm_cid%22%3A%221719699538.1%22%2C%22ga_utm_campaign%22%3A%22ba_20240628_free_spot_treatment_1_pros_lap%22%2C%22ga_utm_source%22%3A%22Iterable%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22aZQoW5zTBo6TIYI9GQfGGgTuJFxrnmkz%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1719699538.1&available_ga=%5B%7B%22id%22%3A%22G-91WG9T9YM4%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-WG031FR1CX%22%2C%22sess_id%22%3A%221719699538%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32549&plh=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&cb=67505806703697480term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Csegment%3Dtrue
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6d603d84f4aafcb9d6ccfbd8179facc3d53aeccd012ea1d5a822644cb7c98690

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

GET
H3 200 main~b2c1640e-d3eedbde5f7774bf3acc.js Show response
www.provenskincare.com/dist/ 52 KB
15 KB 40ms
40ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~b2c1640e-d3eedbde5f7774bf3acc.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a792206f777d956dac09721d217db4a7c00b9d327cd9ae9f013155ee4e6d284d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 14628
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"3924-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba6bf343aa3-FRA

GET
H3 200 main~25dc9f7d-c00b06a2c28e0df2029f.js Show response
www.provenskincare.com/dist/ 45 KB
13 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~25dc9f7d-c00b06a2c28e0df2029f.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8773a7062aa20f197eccf7537570d77d0d8fb080f26f2b3df37e0854fd6a70a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 12772
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"31e4-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba6ff9e3aa3-FRA

GET
H3 200 main~362bd4e4-d47e8ad05b1e0dbc1dba.js Show response
www.provenskincare.com/dist/ 22 KB
4 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~362bd4e4-d47e8ad05b1e0dbc1dba.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d5c5cf7a606a3ce46ad3c144b733be4dbc20582195c581fccdbbd1b957826c6f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3404
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"d4c-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba73fd13aa3-FRA

GET
H3 200 main~5601a669-73757b676e685d17d14b.js Show response
www.provenskincare.com/dist/ 13 KB
5 KB 43ms
42ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~5601a669-73757b676e685d17d14b.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 62f8742791ccf1a725ef42925fbd6d985cd3408e19d21571261d7e1b6423faea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4385
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1121-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba778143aa3-FRA

GET
H3 200 main~ed126cf3-c35fff0b5bcf0bb6bff8.js Show response
www.provenskincare.com/dist/ 35 KB
10 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~ed126cf3-c35fff0b5bcf0bb6bff8.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2e88a016af4a68e0bf52697ab0efab8e6514590ffae7b981cbc03edea71d9268

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 9988
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719489835&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=SNMYrbvy9SGW5v7WFg%2Fv0fXoc14DA8NtI0YXytqdzbQ%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2704-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719489835&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=SNMYrbvy9SGW5v7WFg%2Fv0fXoc14DA8NtI0YXytqdzbQ%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba7b88a3aa3-FRA

GET
H3 200 main~52f0199e-4651321baefc94959a90.js Show response
www.provenskincare.com/dist/ 53 KB
16 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~52f0199e-4651321baefc94959a90.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5b1b81eea11e41a0a6c715fb6e85f1a6f1bae505b10dcb1d630a157b849779f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 15624
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"3d08-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba7f8c93aa3-FRA

GET
H3 200 main~157645a8-efe0eabfd73b6b0ced82.js Show response
www.provenskincare.com/dist/ 16 KB
5 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~157645a8-efe0eabfd73b6b0ced82.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9e64eba566798c6bd106c9d6f64622c65505e7f2f6756eea6c5e7b86122ef7c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4004
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"fa4-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba8390e3aa3-FRA

GET
H3 200 main~a3f6583e-8d56e6a5d410b9d2386a.js Show response
www.provenskincare.com/dist/ 273 KB
77 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~a3f6583e-8d56e6a5d410b9d2386a.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 379d6ad8b4f4e47e37d76b0ba51c668a63fb228b3ead9136e37301ccda3b3778

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 77856
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"13020-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba879843aa3-FRA

GET
H3 200 main~d605314e-ac88af59d67700a76428.js Show response
www.provenskincare.com/dist/ 19 KB
7 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~d605314e-ac88af59d67700a76428.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f075261966d03035bb64d490f69903652c110be6d1d253ada612540359bd52c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6085
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"17c5-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba8c9e73aa3-FRA

GET
H3 200 main~cecaaa2b-4738dc2a0cd9e1232124.js Show response
www.provenskincare.com/dist/ 11 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~cecaaa2b-4738dc2a0cd9e1232124.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d348c5bab93b85544aa2047fa6bf0d57a51e8cbcad1b6a76934d17ad598f0cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4154
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"103a-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba90a293aa3-FRA

GET
H3 200 main~1019d6e1-9470e656a8f4b62fcbdd.js Show response
www.provenskincare.com/dist/ 13 KB
5 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~1019d6e1-9470e656a8f4b62fcbdd.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fa9ab0a5917d148ccee3bc2ecfb5f2e4cc66ccf62b1f4caca411070d94b83d0e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4034
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"fc2-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba94a683aa3-FRA

GET
H3 200 main~102ff935-5c2505f211e0abc5db0c.js Show response
www.provenskincare.com/dist/ 27 KB
9 KB 42ms
42ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~102ff935-5c2505f211e0abc5db0c.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 759aef0f5346c3c624826710dff2ce0fcea2b6c35884bfdf3b739bd8d27c9c95

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
cf-polished: origSize=27584
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2154-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94ba97aa73aa3-FRA

GET
H3 200 main~7bd12dde-a7d20543187c06e87e89.js Show response
www.provenskincare.com/dist/ 63 KB
16 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~7bd12dde-a7d20543187c06e87e89.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 226e62698265217367601fe856e84663e7e55ad4368ea0e171c1ece30e287eaf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 16023
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"3e97-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94ba9cb0f3aa3-FRA

GET
H3 200 main~ef7d455c-c0b887cc7dd6f46755a0.js Show response
www.provenskincare.com/dist/ 116 KB
33 KB 38ms
38ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/main~ef7d455c-c0b887cc7dd6f46755a0.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a7360ad72ac30937dd05b84b90fb9532b07a2755dbda33e4933b9015f3e9adb6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2
cf-polished: origSize=118615
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8178-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94baa0b513aa3-FRA

GET
H3 200 8180-bcade54f9d6894134009.js
www.provenskincare.com/dist/ 0
3 KB 395ms
394ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8180-bcade54f9d6894134009.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"20a3-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94bab9cd03aa3-FRA

GET
H3 200 1508-64d2610c17b51642de91.js
www.provenskincare.com/dist/ 0
5 KB 414ms
413ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1508-64d2610c17b51642de91.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4822
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"12d6-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd23aa3-FRA

GET
H3 200 7470-9ffb9fedd97fee954070.js
www.provenskincare.com/dist/ 0
8 KB 396ms
395ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/7470-9ffb9fedd97fee954070.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 7808
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1e80-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd63aa3-FRA

GET
H3 200 2870-b077e0050d3cc8342608.js
www.provenskincare.com/dist/ 0
9 KB 404ms
403ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2870-b077e0050d3cc8342608.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 8745
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2229-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd83aa3-FRA

GET
H3 200 8591-d2c19b4fc5df39e497bb.js
www.provenskincare.com/dist/ 0
7 KB 412ms
411ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8591-d2c19b4fc5df39e497bb.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6753
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1a61-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cda3aa3-FRA

GET
H3 200 4744-0faef5d60569f9997ab6.js
www.provenskincare.com/dist/ 0
11 KB 399ms
398ms Other
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4744-0faef5d60569f9997ab6.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 11040
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2b20-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cdb3aa3-FRA

GET
H3

200

main.js Show response
www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame D984
Redirect Chain

https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
0

17ms
17ms

Script
application/javascript

2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Protocol

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59525b235de8c4064af5b57c8366cd2406af73fb027f3481e3067a0f5b174a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89b94b985deb3aa3-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 29 Jun 2024 22:18:56 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89b94b981dc03aa3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 async-api.6bb277af-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 28ms
7ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IKEZ6UzFI9Ywqj5FPBWhZ6EQnEcInnhK
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: ASSWY4P0WMQXG1T4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1126
x-amz-id-2: VhFhUTl0AaRb/O8lc5CWgta4uwo/1DrKEpQWg5ZLrwF4IJvqNRAMhum0d+ioUDQkt6oPdKSj1XzCutAkRr4rMw==
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:57:44 GMT
server: AmazonS3
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2549

GET
H2 200 lazy-loader.48127245-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
1003 B 27ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Z63_XOk305G3pXoQwruDfTNX0hFnaG6e
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 4WAYTGTKZN3JBN8W
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 515
x-amz-id-2: WlUxKWcijVk0pLzHAi1tqJM95+q1lm5oZ9leFzwTFPFkJUSL74nUsV5/NlNx7we0hYYcJfX8baQ=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:58:28 GMT
server: AmazonS3
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2535

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 9ms
8ms Script
application/javascript 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.30d53e17.1719699539.158c2971
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 2108

GET
H2 200 ct.html
ct.pinterest.com/ Frame E956 0
0 55ms
38ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.provenskincare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

akamai-grn: 0.30d53e17.1719699539.158c29b4
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 29 Jun 2024 22:18:59 GMT
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1238035566923238

GET
H2 200 animation.css
js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/ 722 B
1 KB 8ms
7ms Stylesheet
text/css 13.35.58.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/animation.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-60.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hCDctMwMRbXsyrC0I7VapPgX2_by.TXz
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 22:15:56 GMT
x-amz-cf-pop: FRA60-P10
age: 183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 722
last-modified: Mon, 03 Jun 2024 09:15:19 GMT
server: AmazonS3
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
accept-ranges: bytes
x-amz-cf-id: Qr2mSYrp3nHfj7a8n_BcLFzUurXqUGRr9tLLe7rGKhYUil9LlRUQcA==

GET
H2 200 master.html
js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/ Frame 963C 0
0 35ms
7ms Document
text/html 13.35.58.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.06.03-05.40/v2/master.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-20.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.provenskincare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 249
cache-control: max-age=300,public
content-length: 234
content-type: text/html
date: Sat, 29 Jun 2024 22:14:51 GMT
etag: "5d6d7cc58ff7f5fe35d515bcc4e37816"
last-modified: Mon, 03 Jun 2024 09:15:19 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront)
x-amz-cf-id: IaQK70dt8FB-cGaKgmBIfCYcW7YCX_AOFqJ865Ai5axCCUgzl3bfgA==
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-amz-version-id: DnxCn3clQ.BZyBjsxePDmLzKfrNqPRYT
x-cache: Hit from cloudfront

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 683ms
168ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 872c892280a968d0e02e0c3348062c9155d1d9e1ac8feb221eb596f3133a36fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H2 200 118.d37755e4-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 7ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/118.d37755e4-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wullkZqww.qC.CsFsKDw3URdlRGkbU45
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: GZPMJSNRQP5NGVZX
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3601
x-amz-id-2: gsdwbjxf2Hn5zKM/3gJhre/bWSVnguhhjASb0RvzrGnL+ck7kvqeE8JMlH8rDVYrek2fj0rDy98=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:56:02 GMT
server: AmazonS3
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2504

GET
H2 200 page_view_event-aggregate.29613e65-1225.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 8ms
7ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MRDkrOSPdQ3oFj3sxqXv.Yy7Mpr5w_XS
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: GZPH27PTAPHWSJ1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1721
x-amz-id-2: Pd7YiOy2+Lvsr4jXBPjnhslNad0GnSqPxUUcsZDxX7qo2sN1mlMDzDbFJidEdvPddV9eXsg7dtQ=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:34:32 GMT
server: AmazonS3
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2495

GET
H2 200 page_view_timing-aggregate.e791ce32-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 8ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OTpGGyrum6biRNP3RnrENGI.kQzkuyNM
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: GZPP8KPAT8V2VYNS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2328
x-amz-id-2: eHwx2zyJpnvnHZT9Opg4OHWQoYfXN3z9/OlDIoy6mJFBvmPMZ408Xe2a8v0nPPDrvm8A7irT86U=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:35:01 GMT
server: AmazonS3
etag: "84ba19034cf0206a49ecf68893086bdd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2510

GET
H2 200 metrics-aggregate.b4a54ed9-1225.min.js Show response
js-agent.newrelic.com/ 1 KB
964 B 8ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: X1BM487_D5UJFpnfEqoNn3A4i0aaYZy8
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0YX3PR3AWRQ9Y47F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 756
x-amz-id-2: 28cJ3Fkj8orNXHguS4HXHih5wWw0nOVhZJwpVWqnkkiFvnCDcKQPXdAYoxRN47Rmky+kaNNZKWk=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:58:48 GMT
server: AmazonS3
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2493

GET
H2 200 jserrors-aggregate.ef250e1c-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 9ms
8ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.ef250e1c-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2d7c5406cd5476cc832d78d9965ac1370bea2ccd700512d91512bd93bb4cac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ZQsp2ZOnIwe81UxgIdOvfHok9lMQQYOb
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0YXDANB3A550QMK1
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3088
x-amz-id-2: UiPn07HN8SgxQaDEj/NgbR4NTY5sDVrnnqiJ3s5hzH9Jo+6VRdp1GN+bzxxPSpsXDAa13tlud0k=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:58:17 GMT
server: AmazonS3
etag: "57226211458d66408fe8e6f2a870ac73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2501

GET
H2 200 ajax-aggregate.fc672923-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 10ms
8ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.fc672923-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb9ded273eb670fb69a7063d6df6f6fd3aa3b4b185703f2c1e97dd5936138a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DyPmreuJHWFtWzDiDtq9v6rDs.n27TkD
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0YX9NCVAZVEKKM4X
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2468
x-amz-id-2: ZHhrYa5NjIL2N1e1H/Mbwa1WvSctKPVzu6SoLpjLce/hadqlCUZtSE7OKoZgXyMX44mFzQouJSc=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 20:57:34 GMT
server: AmazonS3
etag: "166e664a45eea3f57f277bbe4c918943"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2504

GET
H2 200 session_trace-aggregate.94c80cda-1225.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 10ms
8ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.94c80cda-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

983acf3ef5c106a8e903cbddc3c53c08f2b8b98313ea22e41a0acf7ca3a18150

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 28fx.Ii6oHxDen1MFVsJMCIPjHhmqxd4
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: GZPJVGESNFW1Z66S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3931
x-amz-id-2: VixGPx8K0PCd+Ad4ZRwOU0wxop+WVvjWZDHGoc/XvMl++17/v0K2xL9vIEx3F1OYj+Rvp4qvmRQ=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:36:06 GMT
server: AmazonS3
etag: "424a549cc28afe269b792b20fdae0acb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2513

GET
H2 200 page_action-aggregate.92657d87-1225.min.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 10ms
9ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.92657d87-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e1d37eede31b28e70a5ad04013b247aa16c1f1461e62a5d5db141a4bad735ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nKEDj8_mRQ4gZiSI6jVu1xkQ_qDwyjji
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0YX56PH34N4R1CMP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1248
x-amz-id-2: S4BbeihN0O2GKJeQWu8AwXAs34/aC/banWFk2OS00TTsKQwbqizKCUDN2xQ7s7qT6+QpAGI5Ta8=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:34:21 GMT
server: AmazonS3
etag: "44fd542c32559790db696a8ee7ade0b1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2469

GET
H2 200 spa-aggregate.6bec5056-1225.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 10ms
9ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.6bec5056-1225.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97af10e459a3e2861e7f1c0b1248df09cedb857732f9c4114ebe9db32d8db7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cLUK2UxuQh39UiBjV_y05dlbuDMS636O
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 22:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0YXBQAM8ATWT3XQD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6993
x-amz-id-2: Kf6VNLBhNbE64qrNPox4+S9Y036yTdDTY8J/7vfYmcQmT9CneAcOxp7z6HXlIO4yoxcjvSQY2NY=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:36:27 GMT
server: AmazonS3
etag: "4ef5a28c37c21f283a99a9932c1a7799"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2404

POST
H3 200 89b94b9428833aa3 Show response
www.provenskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D984 0
413 B 33ms
32ms XHR
text/plain 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/cdn-cgi/challenge-platform/h/g/jsd/r/89b94b9428833aa3
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
server: cloudflare
cf-ray: 89b94bacce083aa3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200 NRJS-56085fa33919899413a Show response
bam.nr-data.net/1/ 79 B
486 B 547ms
511ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-56085fa33919899413a?a=1103226155&sa=1&v=1225.PROD&t=Unnamed%20Transaction&rst=4420&ck=0&s=458b03ce9ecd63bf&ref=https://www.provenskincare.com/auth/user/passwordless/&be=1150&fe=3080&dc=3079&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1719699535551,%22n%22:0,%22f%22:471,%22dn%22:471,%22dne%22:471,%22c%22:471,%22ce%22:471,%22rq%22:472,%22rp%22:899,%22rpe%22:1073,%22dl%22:902,%22di%22:1089,%22ds%22:1101,%22de%22:1102,%22dc%22:1146,%22l%22:1146,%22le%22:1161%7D,%22navigation%22:%7B%7D%7D&fp=1088&fcp=1088&jsonp=NREUM.setToken
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-eddf8230030-FRA

GET
H3 200 loading+spinner.gif
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/transition/ 4 KB
0 0ms
0ms Image
image/webp 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/transition/loading+spinner.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b55e9528830a1ad9833c1dcf9a17940a9ee0cf04f2d8d4b0c53ffc76e4310c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 4088
cf-resized: internal=ok/r q=0 n=50+79 c=0+0 v=2024.4.0 l=4088
last-modified: Tue, 23 Jul 2019 22:06:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfthsXx7VNXLx-MhcnlpbglQTJ1gWqs-rDoNB_ezzVDQ:b950a07388ac51ff553cdb588ad30c32"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b94b980d203aa3-FRA

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 44 KB
8 KB 453ms
129ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=65413defb9dcec058d971c38
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 9bbae7070510131b0b0db1a17dae64a05b54bd1c672acf29e7e0f463f2923534

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 37 KB
7 KB 440ms
118ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=64ac784b6e0d31411c4e613d
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: dc487339befe359b0400bc85bd0c7a1e3b7f97ff1c23c8452a634b305c3e03b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 44 KB
8 KB 423ms
115ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=64d27ec50b96607becb07c5d
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 331b9d4aaa2a3173132067d7d0b5bd429bb355f5d36c0d5f732beb00f50c3951

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK shop-products-v2 Show response
proven-pay-production.herokuapp.com/ 51 KB
8 KB 432ms
120ms XHR
application/json 23.22.144.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-pay-production.herokuapp.com/shop-products-v2
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.144.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-144-165.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ec483724261ff1995e8649a217553592ba42f34fa045610332cff892c24987c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dQc1DRrUeyhvNHxJoy8RjTxd4nMH2GV9xXXIjHSQRdE%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dQc1DRrUeyhvNHxJoy8RjTxd4nMH2GV9xXXIjHSQRdE%3D

GET
H/1.1 200
OK products Show response
proven-pay-production.herokuapp.com/ 23 KB
4 KB 414ms
106ms XHR
application/json 23.22.144.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-pay-production.herokuapp.com/products?version=current
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.144.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-144-165.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 6ba70fa76abab827769c160f6f8b39665413af8154788be558e45daff1f615a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dQc1DRrUeyhvNHxJoy8RjTxd4nMH2GV9xXXIjHSQRdE%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dQc1DRrUeyhvNHxJoy8RjTxd4nMH2GV9xXXIjHSQRdE%3D

GET 2693.js
cdn.pbbl.co/r/ 0
0

GET
H3 200 8180-bcade54f9d6894134009.js Show response
www.provenskincare.com/dist/ 8 KB
0 1ms
0ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8180-bcade54f9d6894134009.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 493f22a91749bba7175ce86f046b816abe0647386a792b1c26cec7bd0a9bee46

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"20a3-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94bab9cd03aa3-FRA

GET
H3 200 1508-64d2610c17b51642de91.js Show response
www.provenskincare.com/dist/ 13 KB
0 3ms
2ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/1508-64d2610c17b51642de91.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 07cb39a7a66298b9d67fa4e4fef0998a5eae544d862d23bab4dd773f30eff9fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4822
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"12d6-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd23aa3-FRA

GET
H3 200 7470-9ffb9fedd97fee954070.js Show response
www.provenskincare.com/dist/ 19 KB
0 3ms
3ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/7470-9ffb9fedd97fee954070.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a7695f7a5a2af5d4b6bdf002208ee912d1db8bbd5fd3de0df9e80180d0198bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 7808
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1e80-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd63aa3-FRA

GET
H3 200 2870-b077e0050d3cc8342608.js Show response
www.provenskincare.com/dist/ 26 KB
0 3ms
3ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/2870-b077e0050d3cc8342608.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e4b11f22e7064be1312e7ae122bf6c19c33eb8c35ea8d67a0d9e3c4cf9f53316

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 8745
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2229-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cd83aa3-FRA

GET
H3 200 8591-d2c19b4fc5df39e497bb.js Show response
www.provenskincare.com/dist/ 18 KB
0 3ms
3ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/8591-d2c19b4fc5df39e497bb.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b978621102fa918109d282e47537f8e8f6c00cf67eb409bec588291e27af8427

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6753
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"1a61-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cda3aa3-FRA

GET
H3 200 4744.20a29ae2202475a0e33a.css
www.provenskincare.com/dist/ 23 KB
3 KB 404ms
402ms Stylesheet
text/css 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4744.20a29ae2202475a0e33a.css
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e8f523ec5065772bfeda1c2d43219e2a1bc198448886f988746b27dfeebf7ebb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 1965
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719515332&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=eBxY4aThLVzrEuWH7rI4cBQGGzrVcJIe5lX7i4nk6rQ%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"7ad-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719515332&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=eBxY4aThLVzrEuWH7rI4cBQGGzrVcJIe5lX7i4nk6rQ%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94baf28ab3aa3-FRA

GET
H3 200 4744-0faef5d60569f9997ab6.js Show response
www.provenskincare.com/dist/ 33 KB
0 3ms
3ms Script
application/javascript 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4744-0faef5d60569f9997ab6.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e88321fc921e1a049cf5fbf9e21c406acd3a61166b10b6e62bb01fd4980a1601

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 11040
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D
last-modified: Wed, 26 Jun 2024 17:54:54 GMT
server: cloudflare
etag: W/"2b20-19055afa9b0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426140&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=h8rhKmq%2BBHJD8FaQuD7P1GLImey5KKFlV2eWx%2BlXTqY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bab9cdb3aa3-FRA

GET
H3 200 favicon.ico
www.provenskincare.com/dist/ 295 B
0 1ms
1ms Other
image/x-icon 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e11767221d3944d7c96a571f7183663a440f026322a6c79b760f905cf32d4899

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:57 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"127-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719426139&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=igz%2FfkZyIOAOQ7u0Wrb%2B0%2FsMfXU2vzvvoS%2BJMJ3qGII%3D"}]}
content-type: image/x-icon
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94b988e313aa3-FRA

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 30 KB
8 KB 98ms
97ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32549&tdr=&plh=https%3A%2F%2Fwww.provenskincare.com%2F&cb=60180930939462040
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 9da159d8bc1a02afb166a01ee2a66244694bafad5ff9f87af9ec4e7898955d89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:59 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK is Show response
52.22.50.55/ 32 B
437 B 391ms
101ms Fetch
text/plain 52.22.50.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.22.50.55/is
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-50-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 9b012582173efa3ce4fc263115248edd10c4696fa3a5bc1b20e5a503067bddd4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

POST
H/1.1 200 NRJS-56085fa33919899413a Show response
bam.nr-data.net/resources/1/ 36 B
357 B 220ms
220ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-56085fa33919899413a?a=1103226155&sa=1&v=1225.PROD&t=Unnamed%20Transaction&rst=4974&ck=0&s=458b03ce9ecd63bf&ref=https://www.provenskincare.com/&st=1719699536701
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1361446afd051dcc9778aebc1209f1c818fe76c8b50b721cb8b1fc5102d8089

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-credentials: true
Connection: close
Content-Length: 36
x-served-by: cache-fra-etou8220039-FRA

GET
H/1.1 200
OK st Show response
px.mountain.com/ 6 KB
2 KB 520ms
195ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-91WG9T9YM4%3BG-WG031FR1CX&ga_client_id=1055823592.1719699538&shpt=&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-91WG9T9YM4%3BG-WG031FR1CX%22%2C%22ga_client_id%22%3A%221055823592.1719699538%22%2C%22shpt%22%3A%22%22%2C%22dcm_cid%22%3A%221719699538.1%22%2C%22ga_utm_campaign%22%3A%22ba_20240628_free_spot_treatment_1_pros_lap%22%2C%22ga_utm_source%22%3A%22Iterable%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22aZQoW5zTBo6TIYI9GQfGGgTuJFxrnmkz%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1719699538.1&available_ga=%5B%7B%22id%22%3A%22G-91WG9T9YM4%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-WG031FR1CX%22%2C%22sess_id%22%3A%221719699538%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32549&plh=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Csegment%3Dtrue&cb=1719699539589115&shguid=d144d681-e606-3eb0-90a6-4f21e74325c7&shgts=1719699540479
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 92e1a81b56c33beb8b603f84dada92eb39ebf3e188624991f3ee9b79614666b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:00 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 31
connection: close

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/transition/loading+spinner.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b55e9528830a1ad9833c1dcf9a17940a9ee0cf04f2d8d4b0c53ffc76e4310c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:18:56 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 4088
cf-resized: internal=ok/r q=0 n=50+79 c=0+0 v=2024.4.0 l=4088
last-modified: Tue, 23 Jul 2019 22:06:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfthsXx7VNXLx-MhcnlpbglQTJ1gWqs-rDoNB_ezzVDQ:b950a07388ac51ff553cdb588ad30c32"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b94b980d203aa3-FRA

GET
H/1.1 200
OK pdp Show response
proven-api-production.herokuapp.com/api/cms/ 586 KB
82 KB 131ms
131ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/cms/pdp?includeRefs=false&offset=0&noTraverse=false&limit=20&enrich=true&userAttributes.urlPath=%2F
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ce176d531b1ae35c5d5276c3cfe0d6062460a255035cf7b73fbe1aed0cbf0a5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 44 KB
8 KB 129ms
129ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=64d27ec50b96607becb07c5d
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 331b9d4aaa2a3173132067d7d0b5bd429bb355f5d36c0d5f732beb00f50c3951

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 37 KB
7 KB 121ms
121ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=64ac784b6e0d31411c4e613d
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: dc487339befe359b0400bc85bd0c7a1e3b7f97ff1c23c8452a634b305c3e03b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:00 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK questions Show response
proven-api-production.herokuapp.com/api/ 44 KB
8 KB 250ms
132ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/questions?questionnaireId=65413defb9dcec058d971c38
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 9bbae7070510131b0b0db1a17dae64a05b54bd1c672acf29e7e0f463f2923534

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:01 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699540&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FQioiPzqO%2Bkc1lARDVhF54YZyN0dx0Li%2ByIxnSnYTMQ%3D

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 522ms
185ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-91WG9T9YM4%3BG-WG031FR1CX&ga_client_id=1055823592.1719699538&shpt=&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-91WG9T9YM4%3BG-WG031FR1CX%22%2C%22ga_client_id%22%3A%221055823592.1719699538%22%2C%22shpt%22%3A%22%22%2C%22dcm_cid%22%3A%221719699538.1%22%2C%22mntnis%22%3A%22YAlL70PSZf5CDNTnnGUBMe60lIFmCr8i%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1719699538.1&available_ga=%5B%7B%22id%22%3A%22G-91WG9T9YM4%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-WG031FR1CX%22%2C%22sess_id%22%3A%221719699538%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32549&plh=https%3A%2F%2Fwww.provenskincare.com%2F&cb=60180930939462040&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Csegment%3Dtrue
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6f8816336d997b5ac75b2c03c8f373c2264432667bc48636f7995c644dfbad37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 18
connection: close

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 213ms
212ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=F2508&UserId=2ace5032-86b1-4317-b324-e666639b0b29&SessionId=2fc6c373-ee4b-4b76-beed-78a40348da07&PageId=5123564d-3857-40a7-af94-3250663eb02c&Seq=1&ClientTime=1719699540902&PageStart=1719699538382&PrevBundleTime=0&LastActivity=516&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ca7efbfbf3a28d21c90fb6ec1de6b326ebe5e1313555d66da638c728a025ec37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provenskincare.com
date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H/1.1 200 NRJS-56085fa33919899413a Show response
bam.nr-data.net/events/1/ 24 B
349 B 243ms
226ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-56085fa33919899413a?a=1103226155&sa=1&v=1225.PROD&t=Unnamed%20Transaction&rst=5530&ck=0&s=458b03ce9ecd63bf&ref=https://www.provenskincare.com/&ptid=c647b1fb-0001-b49c-9432-019066148ad4
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230043-FRA

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 102ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=9547eb7b-3665-11ef-9253-510779360d48&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
149 B 102ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=33h2kma&ct=0:21w047g&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

OPTIONS
H2 200 track
cdn.builder.io/api/v1/ Frame 0
0 122ms
31ms Preflight
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.provenskincare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
age: 5559315
cache-control: max-age=100000000
content-length: 19
content-type: application/json
date: Fri, 26 Apr 2024 14:03:46 GMT
server: CloudFront
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-id: Pl2L4arli5wTklr2S7TUn-w8vFcQosBGrK37wqgJdYGHoHqyVpZFWg==
x-amz-cf-pop: LHR61-P1
x-cache: Hit from cloudfront

GET
H2 200 wlpwgwvFAVdoq2_v-6QU82RHaA.woff2
fonts.gstatic.com/s/lexend/v16/ 35 KB
36 KB 307ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v16/wlpwgwvFAVdoq2_v-6QU82RHaA.woff2

Requested by

Host: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~43dd7041.e8fcd1286044bcc1d51c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59543165cb5ba49f57339246a6c26666eee40df8647a2880dc8bdb7dc1cc6567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 17:32:00 GMT
x-content-type-options: nosniff
age: 362821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36244
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:58:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 17:32:00 GMT

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F52e11f3e169a4c25af6e0cdcd2498db3
cdn.builder.io/o/ 170 KB
171 KB 67ms
36ms Font
application/octet-stream 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/o/assets%2F9be7b3a343374be9b104de2868ae6f69%2F52e11f3e169a4c25af6e0cdcd2498db3?alt=media&token=e96e1fc1-adab-4117-92be-f607d0f4d317&apiKey=9be7b3a343374be9b104de2868ae6f69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3bed23cd072a87d1b6ec052591cf2507255a5a1a4416ff973b26d93b8c945797

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jul 2023 09:19:00 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 29854801
x-guploader-uploadid: ADPycdvac7SWw5vX7MG7VBt24l5VLSQw94V5CRDORA7c1vOVEsbKNw-aTILrKxWuhorr3g-Nrqx_rMaQrBPIk2TdnAmiQYI3yhGt
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''52e11f3e169a4c25af6e0cdcd2498db3
content-length: 173916
last-modified: Thu, 13 Oct 2022 04:39:53 GMT
server: UploadServer
etag: "1f1b76eb823ef156bef75942bdd551f0"
x-goog-generation: 1665635993048560
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=0RizWQ==, md5=Hxt264I+8Va+91lCvdVR8A==
cache-control: public, max-age=2592000000, s-maxage=5184000000, stale-while-revalidate=5184000000, stale-if-error=5184000000
access-control-allow-methods: GET
x-goog-stored-content-length: 173916
x-goog-meta-firebasestoragedownloadtokens: e96e1fc1-adab-4117-92be-f607d0f4d317
accept-ranges: bytes
x-amz-cf-id: s2pijtk6Arx5ATqfXZVZSWFZ4tbe_c2IxjJQK6lPfv3bOxdikp_VwA==
expires: Thu, 20 Jul 2023 09:19:00 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfFukDQZNLo_U2r.ttf
fonts.gstatic.com/s/playfairdisplay/v37/ 189 KB
91 KB 302ms
23ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfFukDQZNLo_U2r.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3d44cf5860c5545767ca68f10a928c0530622032314ddbdda4f2bce376c530d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93535
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:56:55 GMT

GET
H3 200 546b0e02c76d44dcc1a4.otf
www.provenskincare.com/dist/ 68 KB
27 KB 139ms
137ms Font
font/otf 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/546b0e02c76d44dcc1a4.otf
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 20a3d8ce15e889a91a6bd54831a81e95f53b54516159f124349d72270cb2a42e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719436051&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W5b112W84pMwZ4hvodcvIJoEXziQg7L00FWvyg9aUNE%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"111a0-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719436051&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W5b112W84pMwZ4hvodcvIJoEXziQg7L00FWvyg9aUNE%3D"}]}
content-type: font/otf
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
cf-ray: 89b94bb58f4a3aa3-FRA

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsukDQZNLo_U2r.ttf
fonts.gstatic.com/s/playfairdisplay/v37/ 189 KB
89 KB 288ms
9ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsukDQZNLo_U2r.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540eca2ea1a777cc1476e41ec20aaabd5de607e936fceed83895d5cef8945e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90561
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:56:55 GMT

GET
H3 200 4b7de9ff57fa747f31e1.woff2
www.provenskincare.com/dist/ 28 KB
28 KB 419ms
418ms Font
application/font-woff2 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.provenskincare.com/dist/4b7de9ff57fa747f31e1.woff2
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3808d783c90f7e80499abbd3aa363157574df658c7820ababb64d391588af368

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/dist/main~25dc9f7d.c4a9050d0224238d6bf4.css
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 28204
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719436051&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W5b112W84pMwZ4hvodcvIJoEXziQg7L00FWvyg9aUNE%3D
last-modified: Wed, 26 Jun 2024 17:54:53 GMT
server: cloudflare
etag: W/"6e2c-19055afa5c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719436051&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=W5b112W84pMwZ4hvodcvIJoEXziQg7L00FWvyg9aUNE%3D"}]}
content-type: application/font-woff2
cache-control: public, max-age=657000, s-maxage=30, s-maxage=30
accept-ranges: bytes
cf-ray: 89b94bb58f4f3aa3-FRA

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
408 B 44ms
31ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345750
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: YhGeSa0XdoylH5Q1BSW1LXsfgS4vzB-dwAbnqPMuuNH5y0k567upZA==

GET
H3 200 icon-kit-get-product-for-you-system.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 891 B
896 B 94ms
92ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/icon-kit-get-product-for-you-system.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d0d9cf0d9b1effadc37c4850c9bb61b8053af449203353294ee4ba25812f2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=7+0 c=0+0 v=2024.4.0 l=891
last-modified: Wed, 22 Jun 2022 21:12:36 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfwe3yzE5nZgkIuViL3r6Oxkyv1gWqs-rDoNB_ezzVDQ:f1d5166a7f36a339c16d945b39bb56ad"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f2a3aa3-FRA

GET
H3 200 icon-kit-get-product-for-you-eye.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 1 KB
952 B 68ms
65ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/icon-kit-get-product-for-you-eye.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66731c17a6c4c93a6daf139d9115ee222a9e6175771eed55827d6135a66a4da0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 ad8435b5d8ce6330cfea09301a17c5b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=13+0 c=0+0 v=2024.3.2 l=1071
last-modified: Wed, 22 Jun 2022 21:12:36 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfcsv_Yhd2bLvHEqqGCI8oyNnO1gWqs-rDoNB_ezzVDQ:f9250c114f85ee5abd93fc3d29352df5"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f2e3aa3-FRA

GET
H3 200 icon-kit-get-product-for-you-serum.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 924 B
855 B 60ms
57ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/icon-kit-get-product-for-you-serum.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98be514ab974f44d8e8e83e2640e6dd1dbc87043d1b0d1d4765b45ccdd70a849

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=7+0 c=0+0 v=2024.3.2 l=924
last-modified: Tue, 17 Oct 2023 16:04:47 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfwgjYpvKWyDpRHZjay4rwZ-kW1gWqs-rDoNB_ezzVDQ:7ed2a2ece7cc1a3710fc12d3c4576490"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f313aa3-FRA

GET
H2 200 pixel
cdn.builder.io/api/v1/ 35 B
946 B 251ms
170ms Image
image/gif 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/pixel?apiKey=9be7b3a343374be9b104de2868ae6f69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926
date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-cache: Miss from cloudfront
content-length: 35
x-served-by: cache-lcy-eglc8600072-LCY
server: Google Frontend
x-timer: S1719699541.452520,VS0,VE135
vary: cookie,accept-encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type: image/gif
access-control-allow-origin: *
x-cloud-trace-context: bcea137d864162e585a69d371d17c512
cache-control: public, max-age=15, s-maxage=600, stale-if-error=259200
function-execution-id: ki13ifo1san5
origin-trial: AofGPSvOEBwNTsONiWgsQDentPPwgWkTFpAxoQocYSzbXKnh43+evaYOWRmzNSbrxEQMwgHMKnVqHU0N9uOMMwsAAAB0eyJvcmlnaW4iOiJodHRwczovL2J1aWxkZXIuaW86NDQzIiwiZmVhdHVyZSI6IlVucmVzdHJpY3RlZFNoYXJlZEFycmF5QnVmZmVyIiwiZXhwaXJ5IjoxNzA5ODU1OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: 0IcC4NsIzjbKHVSRHcSym8R4suuJyTxh_nti_597evWP8PHziO-JIQ==
x-country-code: GB
x-cache-hits: 0

GET
H3 200 social-desktop-instagram-white-default.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 2 KB
1 KB 68ms
66ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/social-desktop-instagram-white-default.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfc7f1a78182666686aa3f021c18258cb020b50b966929b2fd297cd521b846f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=37+0 c=0+0 v=2024.6.0 l=2294
last-modified: Tue, 13 Sep 2022 16:18:07 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfOHWLOcyFbLrD6OUJdjoVw_KQ1gWqs-rDoNB_ezzVDQ:308731b1b4c3577533d31a5a9503d7db"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f363aa3-FRA

GET
H3 200 social-desktop-facebook-white-default.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 590 B
732 B 58ms
56ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/social-desktop-facebook-white-default.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ceb6012a64743a3364ea1f848736a0239fb68db056822ef46f3264cb6ae11ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=8+0 c=0+0 v=2024.6.0 l=590
last-modified: Tue, 13 Sep 2022 16:18:02 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfQdXOiAuWzWppjoEdzVbxt1u91gWqs-rDoNB_ezzVDQ:c577f76a6c27aed9518c742e47666f76"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f383aa3-FRA

GET
H3 200 social-desktop-youtube-white-default.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 751 B
775 B 119ms
116ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/social-desktop-youtube-white-default.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35bffabaf1678dcbe8807390ffff8a392c67da3193ccd1ccff0bb52b797329d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/h q=0 n=3+0 c=0+0 v=2024.3.2 l=751
last-modified: Tue, 13 Sep 2022 16:18:11 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfdLnLNwAyTI3n9exOipxljWgB1gWqs-rDoNB_ezzVDQ:51e55292d85d8b4c9f6d065614bf59ea"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f3a3aa3-FRA

GET
H3 200 social-desktop-tiktok-white-default.svg
www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/ 2 KB
1 KB 62ms
60ms Image
image/svg+xml 2606:4700:10::6816:1b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/icons/social-desktop-tiktok-white-default.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32db5baa6a07476ffdeccd60aeab28bb3b5c8521a98e877282a365522118ec11

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
via: 1.1 666d579f2d35d088c1597f0bdc2238be.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
cf-resized: internal=ok/r q=0 n=30+0 c=0+0 v=2024.5.3 l=2207
last-modified: Mon, 12 Jun 2023 13:09:28 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: W/"cfWp-hfTW2mc2OFezPhilwCGFd1gWqs-rDoNB_ezzVDQ:4cbebd1846025c42e7de8afd309a52b5"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89b94bb57f3b3aa3-FRA

GET
H/1.1 200
OK notification-bar Show response
proven-api-production.herokuapp.com/api/cms/ 5 KB
3 KB 110ms
109ms XHR
application/json 54.235.77.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proven-api-production.herokuapp.com/api/cms/notification-bar?includeRefs=false&noTraverse=false&limit=20&offset=0&userAttributes.appEdition=proven&query.name=NB+April+2024+GLOWSKIN
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.77.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-77-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 72a4730b94c57c309cda230cba7402048773395195f6e71935b1b6aff96634df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 22:19:01 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: origin,accept-encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719699541&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=kyEqyxaghsNF0gtSX0xhnAvFzw7oqtWCFEvL8bSJLuY%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provenskincare.com
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719699541&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=kyEqyxaghsNF0gtSX0xhnAvFzw7oqtWCFEvL8bSJLuY%3D

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F181d47c2e1384633bf18b7a1a953b0bf
cdn.builder.io/api/v1/image/ 36 KB
36 KB 88ms
24ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F181d47c2e1384633bf18b7a1a953b0bf?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

0481ce2326c77cc89a75e52937d02ceeb9ce7c1a9f22ea9779f5f0e2aed8b32e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Fri, 14 Jun 2024 05:30:00 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 1356541
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 36496
x-request-id: 25014150-2a0f-11ef-90cf-fb0b552b952e
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 8cfd30a1067055f5abcf7f9291af0f72
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: zz7p8mlr8cdh
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: ZD0agfZeTg0jjB-cyG_rBXR_sB6ccJfF9009HscjeBrsbtkju-PUDg==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
179 B 499ms
161ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provenskincare.com
date: Sat, 29 Jun 2024 22:19:01 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 A2241056-177d-4088-9b22-3c908eaca2c61.js Show response
d.impactradius-event.com/ 39 KB
16 KB 204ms
129ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2241056-177d-4088-9b22-3c908eaca2c61.js
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5f2eb0c43ace7f3dff483ff473e610c4cbf5397087fd13d2f0313c8c1e39edc3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:01 GMT
content-encoding: gzip
x-guploader-uploadid: ACJd0NrIqX3nHC3y5Y4QiwbluNp_OdgiQNfcb9OXkvEUWGgKKiq5yklUukg4HSye75fMtE8fSfp7r9wXAw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15926
last-modified: Fri, 21 Jun 2024 08:27:16 GMT
server: UploadServer
etag: "b5bd116f290f7c4a02d6c42ec49032c3"
vary: Accept-Encoding
x-goog-generation: 1718958436178308
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=LxUKiQ==, md5=tb0RbykPfEoC1sQuxJAyww==
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15926
accept-ranges: bytes
expires: Sat, 29 Jun 2024 22:24:01 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 121ms
39ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 29 Jun 2024 22:19:01 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C142609EFE094CA0A44A5C8BD0DFB33F Ref B: FRAEDGE1112 Ref C: 2024-06-29T22:19:01Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
54 B 34ms
3ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91WG9T9YM4&gtm=45je46q0v874113536z879326618za200zb79326618&_p=1719699537855&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1055823592.1719699538&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dp=%2F&dt=Personalized%203%20Step%20Skincare%20Set&sid=1719699541&sct=1&seg=0&dl=https%3A%2F%2Fwww.provenskincare.com%2F&en=page_view&_fv=1&_ss=1&ep.appEdition=proven&tfd=5894&_z=fetch
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 46ms
15ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91WG9T9YM4&cid=1055823592.1719699538&gtm=45je46q0v874113536z879326618za200zb79326618&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91WG9T9YM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
ct.pinterest.com/user/ 35 B
64 B 62ms
51ms XHR
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22name%22%3A%22home%22%2C%22event_id%22%3A%227f32e910-c798-4470-bea7-89d88c646fbf%22%7D&tid=2613287502723&pd=%7B%22pin_unauth%22%3A%22dWlkPU1ESTNPVEpqTnpFdE5tVmhPUzAwTldSbExUaGlOMk10WVRVNFpUQTVOVFl5WVRkbA%22%7D&cb=1719699541464&dep=4%2CTAGS_RECEIVED&stc=true

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

quic-version: 0x00000001
date: Sat, 29 Jun 2024 22:19:01 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.36d53e17.1719699541.566a9be
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 35
x-pinterest-rid: 6116635714302592
pin-unauth: dWlkPU1ESTNPVEpqTnpFdE5tVmhPUzAwTldSbExUaGlOMk10WVRVNFpUQTVOVFl5WVRkbA
pragma: no-cache
referrer-policy: origin
content-type: image/gif
access-control-allow-origin: https://www.provenskincare.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 58ms
13ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=101684010396000&ev=PageView&dl=https%3A%2F%2Fwww.provenskincare.com%2F&rl=&if=false&ts=1719699541397&sw=1600&sh=1200&ud[external_id]=d3c1912c43e87b274bedb585570e4731163c19d1c6919deda0db938d2f5ad1a2&v=2.9.159&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1719699541392.631401853866844&cs_est=true&ler=empty&cdl=API_unavailable&it=1719699537948&coo=false&dpo=&eid=ajs-next-1719699541145-1180b938-b66d-4f7a-b626-6c241b32aab2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 29 Jun 2024 22:19:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 213ms
169ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=101684010396000&ev=PageView&dl=https%3A%2F%2Fwww.provenskincare.com%2F&rl=&if=false&ts=1719699541397&sw=1600&sh=1200&ud[external_id]=d3c1912c43e87b274bedb585570e4731163c19d1c6919deda0db938d2f5ad1a2&v=2.9.159&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1719699541392.631401853866844&cs_est=true&ler=empty&cdl=API_unavailable&it=1719699537948&coo=false&dpo=&eid=ajs-next-1719699541145-1180b938-b66d-4f7a-b626-6c241b32aab2&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdc88819982f09068","source_keys":["1","2"]},{"key_piece":"0x75da6d6c2fec6882","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 29 Jun 2024 22:19:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386053288194712710", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1328, tbw=3112, tp=-1, tpl=-1, uplat=157, ullat=0
pragma: no-cache
x-fb-debug: d4IuY3mIA9rdODfl1pL0KohBF7tqeUqPv7HS3KaA2SXuyN/fkpXczAaB7bYSei1MBnuS1TVMMrcawBtWm0jwvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386053288194712710"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=45.141.152.72;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=45.141.152.72;cuidchk=1

42 B
721 B

50ms
48ms

Image
image/gif

95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=45.141.152.72;cuidchk=1

Protocol

HTTP/1.1

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.provenskincare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jun 2024 22:19:01 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/conv/ppt=11401;g=sitewide;gid=33168;ord=[uniqueid];ip=45.141.152.72;cuidchk=1
Date: Sat, 29 Jun 2024 22:19:01 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
24ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91WG9T9YM4&cid=1055823592.1719699538&gtm=45je46q0v874113536z879326618za200zb79326618&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=355328191

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 212ms
196ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9fe1614.53beaf96
date: Sat, 29 Jun 2024 22:19:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406292219015873E0A5DCD76C5E2B45-6117E5794C55D8DE-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 129,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406292219015873E0A5DCD76C5E2B45
x-cache-remote: TCP_MISS from a23-218-223-69.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.218.223.69
x-tt-trace-host: 016f188ec6c4b24d6b5b7285ae76c25c3365e2f1dfa97fc70fa60e16e151ba0c2c251246049c2ee6c4d7f074d4301bb3ac16e1efc161d14e947e64cbadea1518e17465e9f2e6147f638d2799b9dc450041c6c586e7e30027c8c66749e145a9af6b274af73d17be2147a54f7bc207a9162b
access-control-allow-headers: Authorization,*
expires: Sat, 29 Jun 2024 22:19:01 GMT

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
409 B 45ms
39ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345750
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: 8R92d56jx1GAfcZPzjmOX4qQtFHlyxnrAFvHd-DHPXc-wGZRZ5QsoA==

GET
H3 200 slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/ 1 KB
2 KB 30ms
18ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1403111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2RjkLjFv7mH5lwLtixAqSxRzkoyLy1xQIhGmpTjxhiQVFH%2FBtZvTOpvu2U%2FJKmo4X9HDCKS%2BQg7KInSZQknYTT4rtz8YYKP5KBj%2F%2BdAG0fHLvKE9oPtUu5GMRycHXNm9LtmxRJfkWhGViJWqSU4oTMt"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89b94bb9d82f1b35-FRA
expires: Thu, 19 Jun 2025 22:19:02 GMT

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
409 B 46ms
46ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345750
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: mLc60FYyrH8V8FGkiV4mL-BFHK67XYGtkonM_pLN5y8WxkCkuKWPTg==

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
408 B 34ms
34ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345750
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: 7Clg0xL5URKxc6X4N9eneS1Ju2UtB5r8JluCV-VqLBrQt9XDf954gQ==

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
407 B 38ms
37ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345750
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: NzaS_OYOW20NEG-i_0_n2O-rk5dE9DT84NFKtu5R9lArbpt28jznNQ==

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
408 B 34ms
33ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345751
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: nftYqwMDy8SBiKgzYAeWkE8_eI38cM7CYesvOoTYgOMB3lB9IahPJA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F4d64a618ecbc484fa57bc930913af458
cdn.builder.io/api/v1/image/ 20 KB
21 KB 280ms
269ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F4d64a618ecbc484fa57bc930913af458?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

d0c6ebe3a94a344a8b23fc67e28f602c0dac0529dd4368a1a8f1a2c9ffe090e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 20868
x-request-id: 96ce3d30-3665-11ef-a840-6301c7eaa66c
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: d3447257bfd19ed1308b2c0b759bc1d4
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: zftrjd7dlmgk
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: lD6OFakrkfWWzOGDlkD8fnutiZJuq5_BPYI15DxdGJYbYl11sBboYQ==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fb5ccb2b258524b1e8042427570f54a1f
cdn.builder.io/api/v1/image/ 22 KB
23 KB 326ms
315ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fb5ccb2b258524b1e8042427570f54a1f?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

19e5b22ff5dc558545f415c3a5fcc8a0fe511d7d3b1aba49f63efa2a588c4071

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 22828
x-request-id: 96ce8b50-3665-11ef-934c-79aaf0dfe44c
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 3af4f652842e91b7a3f4b09c2c705e22
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: dv8cr4b1noh7
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: fq7raIPsdjgg7fnvb-xMFCCjEe_I6MYkPlbXbJ9wVRofveZ64Q1_wQ==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fc4daac7a08ca436c9ad7396b9b0ddd91
cdn.builder.io/api/v1/image/ 17 KB
18 KB 306ms
296ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fc4daac7a08ca436c9ad7396b9b0ddd91?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

8e6ce17c0f54cb011208e8efcea1882366e4b13f694e2a4fef065e90381205e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 17510
x-request-id: 96cf75b0-3665-11ef-9159-396bb424d787
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 4485d58e05d50b9da78b77daceb2aa93;o=1
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: ds8ojv1uk3j9
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: WRNaxHdzsH1F4egvS0RypRoFgnuudiaoqdSSKNB6ZtJ6nfiBIdeITA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F44b4e5fcfb0b45908ec78b2ebd762122
cdn.builder.io/api/v1/image/ 8 KB
9 KB 334ms
324ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F44b4e5fcfb0b45908ec78b2ebd762122?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

b6d6dabe6e08c83dc1ca00876874dbb8d8688fae0955bb4a9054b85784eb3b87

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 8048
x-request-id: 96d40990-3665-11ef-b744-f914dd67ccd8
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 6e7d7605c0afbd99a40226793bd0fa18
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: orbzo6zbllde
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: crKes6oFo6vzucaB3g05lhxOAShjB7HI7IJ-ejy7HrJsJXjaeHK_jA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F1b2995e67c0f4cbca2477027db52d890
cdn.builder.io/api/v1/image/ 11 KB
12 KB 35ms
25ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F1b2995e67c0f4cbca2477027db52d890?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

5d9f09a29faca1d345876f03cbca7e1b870e3731c35cf3c63e2ba654818ad8a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 20 Jan 2024 11:07:24 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 13950697
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 11044
x-request-id: 173995c0-b784-11ee-90ff-214ac6f14868
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: b051a4abdfb095cb1fc57e9b467547ca
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: wfdw8qxbhxfs
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: XiLX9-b-gdUYE-0FH81rdVzeNis5DKuTg-jmlUln1CGHrxha3dGTmw==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fd4186e78169742309b4101996f142d3c
cdn.builder.io/api/v1/image/ 7 KB
8 KB 35ms
26ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fd4186e78169742309b4101996f142d3c?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

b3b9681901e818d3595ed5f235b8e73b7e99a8e11d1cf23a1965ec692b097dc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Thu, 20 Jun 2024 03:32:39 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 845183
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 7342
x-request-id: be564da0-2eb5-11ef-b236-1d82eb0c4ca1
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 5d15464f79fb6f7a3d0e2e6c02318e79
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 9y4cyh3kwkkg
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: auvPExvKBDjZvR0bVmfhDCtKcrRexR0LzQ8CHV20al9GCcwUFcIB_w==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F7fe059566d474430b3b06db667c1b068
cdn.builder.io/api/v1/image/ 7 KB
8 KB 47ms
38ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F7fe059566d474430b3b06db667c1b068?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

7c76ea60746ff55c8dcdcf9cccda0da926948335f84fc58040058b613d8ca38f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Mon, 22 Jan 2024 14:52:15 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 13764407
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 7010
x-request-id: d5332c50-b935-11ee-99ce-4b88fe726afe
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: c110766d1db19a927cbc3d46362a62e2
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 014yhp80c0e4
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: F3v6_zqlVU9RuLGWN_j2F1gnxBJQ4RNJOxMsebY0jpS-nk4LWESulA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F212c30f88a7f4214b9849f706ad81fb2
cdn.builder.io/api/v1/image/ 36 KB
37 KB 40ms
31ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F212c30f88a7f4214b9849f706ad81fb2?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

bb5902e984f3007eb018623b9ce8f1b8f2437646a5a801f3c5220aef4e33c2a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Thu, 20 Jun 2024 03:32:39 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 845183
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 36840
x-request-id: be710190-2eb5-11ef-b2db-f5ae9a641743
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 35778bcc70ce7f063b3c2a7ee8ca34cb
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 3zq06q6tuznb
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: XnHx53ezGYWDQBK_K54uJPyLAwVTMOE3qj_T5a6zXqJfL9WPlX-OAA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F2b4d9a89b0fa4d2c849e3ae3f867697c
cdn.builder.io/api/v1/image/ 38 KB
39 KB 383ms
375ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F2b4d9a89b0fa4d2c849e3ae3f867697c?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

df0f09b229a94d4bdc2e2e12b202cc2b256406aecb648ec6fad09a88fedcfac0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 39422
x-request-id: 96cf75b0-3665-11ef-b857-5b82e05c8783
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: e0b3131946b00691c1c9469683c5084a
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 0rsvwmx3t034
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: DwK5dJykKd-GEOZFaQuAjA27DiD-XR3hBiz6tAqcsNXIJZqwHyYokA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F128cfdfd16fc40d6b785642b83765a42
cdn.builder.io/api/v1/image/ 34 KB
35 KB 53ms
46ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F128cfdfd16fc40d6b785642b83765a42?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

3c045befedb5050a7d745afed2c0824494a2fda8fdce16f08582f47371098d79

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Tue, 18 Jun 2024 15:01:23 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 976659
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 34866
x-request-id: a0c2a050-2d83-11ef-9c16-e32e06a7150e
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 4668ad45d2d421bdb6bf846ac7a92d92
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: k3sb8iuh919g
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: GGU90f3qdgUVhrK7PhBYz1tzcaG2U_3R0xCXvMPnp_nD4EUm75SDtw==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fb38e37c01fbd4448a5bcb72cb5cd560b
cdn.builder.io/api/v1/image/ 26 KB
27 KB 307ms
299ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fb38e37c01fbd4448a5bcb72cb5cd560b?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

1f73ab71ff786feecb32714b3d7eda4febbc7d8a28567aa40f3fa9c6eb43dc6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 27132
x-request-id: 96d36d50-3665-11ef-ad2c-c1cc0dab2c67
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: c04fabc57b539c17ae998e9d1a4781ab
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: phsrkvc289l9
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: PYJJO9GHK9_e2c6VsE-BsqxNIt3bQoPEfgnaR_74uN53i0NBDAg15g==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F8c7914761c664ca7a3f391854c917f79
cdn.builder.io/api/v1/image/ 29 KB
30 KB 317ms
310ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F8c7914761c664ca7a3f391854c917f79?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

97e3d9de57b35aaded14fd2f013711e7ea0e2e0a2a9a9dd678ccd2d7db55692b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Sat, 29 Jun 2024 22:19:02 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Miss from cloudfront
content-length: 29954
x-request-id: 96d430a0-3665-11ef-9249-e7eff95496f5
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: de61bed0b21711daff7965ceb5c1d30f
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: dupmehm1z2ab
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: c8Tr9d9iFkOLX6lHjDJ45vOF_czLrgbC_Ypp_x4gUjEuKM7kj5ahHQ==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F844c0003c9e84382b3c3fba612412d5f
cdn.builder.io/api/v1/image/ 50 KB
51 KB 62ms
55ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F844c0003c9e84382b3c3fba612412d5f?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

5e874f1ac191adce259c9cc8672397a58b2e5489aca39caf62f7ff2785c02489

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Wed, 27 Dec 2023 23:54:48 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 15978253
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 51656
x-request-id: 51a87420-a513-11ee-a99e-cf276344b106
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 4075e9d4bcdccd66a9261032efceac14
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: sc5louefzwwv
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: _6EmPETYgWw6LUlGC9CH4vGYXG0uxpVBnS8pehazXMYRmuhKAlFn5w==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F8a34df7ef40040738db5f0f8cef934cc
cdn.builder.io/api/v1/image/ 41 KB
42 KB 80ms
73ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F8a34df7ef40040738db5f0f8cef934cc?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

70c5b694c870877806b7af2d069edcde76fadf534b385c57fcf131f9b6a0458a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Fri, 05 Jan 2024 09:14:01 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 15253501
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 42404
x-request-id: c3bf53b0-abaa-11ee-8e36-4d949248fbbf
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: 7df6f7cee838c26d054a0a1fcd2af2c2
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: ztqxf2k7eaiu
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: TWNrVKPp_Jl4pEF-GMiriq_g3r312jVf8WKQc8zwefQIL-5xo8hOTQ==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F77400bf01abc43ad9ab09049c52e5c64
cdn.builder.io/api/v1/image/ 27 KB
28 KB 102ms
95ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F77400bf01abc43ad9ab09049c52e5c64?format=webp&width=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

244dcf21022ed205b4f01b0b652fca6591b9a75d66aab3926afa02bd3c8757c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Thu, 20 Jun 2024 18:28:54 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 791408
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 27572
x-request-id: f32d3070-2f32-11ef-8c24-0b53d6765238
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: d4af593ef8ee6af0156df2b9429c187a
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: djp5oakeqp4i
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: fWo_1cW6mQW8WdwMTMFOcic7ZM9vwuw1n3ZraBdfSEKNL3EOXoHBYA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fbf59f24be9904f81bbd73dbbb5e41479
cdn.builder.io/api/v1/image/ 2 KB
2 KB 78ms
72ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fbf59f24be9904f81bbd73dbbb5e41479?width=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 87aa275cf2223a76cba9ed1c6be67d53ed6034b60469e7165cc039739a310122

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jul 2023 08:33:55 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 30548707
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: d6885d90-208e-11ee-b703-cb87a6b45317
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: f79ee2ffd4f4e5a25b7796dcbc3d2fc5
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 4cjs3raczevd
x-robots-tag: noindex
x-amz-cf-id: 40j3r-zEyA0TMchF_bwNmSKGBDGSpF6xhiMhRODszsL_Dj2PadXeTA==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F87dcdff98d444f918ec8b9936ae68106
cdn.builder.io/api/v1/image/ 9 KB
5 KB 79ms
73ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F87dcdff98d444f918ec8b9936ae68106?width=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: aff7de1c31800240c3a617cf4f1b2471abe4eec8636db6cad10c1d3644374a20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 08 Aug 2023 16:16:11 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 28188171
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: e3cbec00-3606-11ee-a7ed-251dace57010
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 2404517d9052b8c977df9ea8da86475b
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: vw4rlph2pn9c
x-robots-tag: noindex
x-amz-cf-id: 30mPwQu8NFJ8DHKsb7R886qIHD3AZ6vGkYCi46GOULyCEAeJWdbi1Q==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F187406f5eb1f41b0bb9fa3bf83fbe5a4
cdn.builder.io/api/v1/image/ 20 KB
10 KB 105ms
99ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F187406f5eb1f41b0bb9fa3bf83fbe5a4?width=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 3b02f553c77183b86b196ab7986df6bb6241579023e4258663157355817f8707

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 08 Aug 2023 13:07:31 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 28199491
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: 8894ef40-35ec-11ee-9e01-819c8974b464
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: c7799166e0a570051b5f9691776d483f
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 74luzcdxpmak
x-robots-tag: noindex
x-amz-cf-id: p9ADyUJ8kLCbFTQU-54Sss_ggsmX41ZY09g_Ra96FjakT3M2c9Tbsw==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F7e8e812eedc5402ea152727bd20a3aac
cdn.builder.io/api/v1/image/ 11 KB
5 KB 93ms
87ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F7e8e812eedc5402ea152727bd20a3aac?width=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: b64c7aae991b4f0d066bc7a238958cd3c3fb619b0993c9ee382147e556808a2f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jul 2023 14:00:17 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 29578724
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: 414520c0-2961-11ee-8115-2fb388ba6ce5
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 06c828812d43d836de47ad77123a728c
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: pbbnt2ucjcw2
x-robots-tag: noindex
x-amz-cf-id: mbNjPmefpeKX_Zv8aYEpXg-gtwxE3cyEJRnw8yRtZg-fj_R04t_kSQ==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F52c727485e084bbb909ebba492277024
cdn.builder.io/api/v1/image/ 10 KB
5 KB 92ms
86ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F52c727485e084bbb909ebba492277024?width=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 9c89e59fb9c7b91ba6209fd1fa2e4d0ba0748e38fb80d7329596174b8dd07e98

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 31 Jul 2023 10:34:07 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 28899895
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: c7447270-2f8d-11ee-9f4d-63c60ce9cbde
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 379e8665c94c960c4077439fc499b408
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: 9zb1u9r3zncs
x-robots-tag: noindex
x-amz-cf-id: fJHsFxW_nEjOwJhvhpYgfPHiFnSVICPFqLKbz4YYUJhcRdqLyv2i_Q==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F6855b492bd3246c389702bae75c86e05
cdn.builder.io/api/v1/image/ 5 KB
2 KB 93ms
88ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F6855b492bd3246c389702bae75c86e05?width=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 05e8af61d944ce72c310dbf1204a05d0941e6ff5569e246a82bc13ab6f23cbda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jul 2023 17:00:28 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 29567914
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: 6ce092f0-297a-11ee-a10e-83ce171f15d2
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: b6f3a282861f5692e4bf577405849933
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: frrejzr00shs
x-robots-tag: noindex
x-amz-cf-id: L_-fltdxuNDPW8V5FSsXnE7WJws8qEjkAk7tBK8UrXggFAFC-hNHQw==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Faffd66b0df0742c08d20017bfc175d61
cdn.builder.io/api/v1/image/ 3 KB
2 KB 97ms
92ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Faffd66b0df0742c08d20017bfc175d61?width=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

f7f7c9a0c094b56793f41edde4eb6e0dec0c3e41421822cfaddef13696382594

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
date: Mon, 17 Jun 2024 14:59:34 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
access-control-allow-private-network: true
x-amz-cf-pop: LHR61-P1
age: 1063168
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: 359ff7b0-2cba-11ef-8ade-efad949d6051
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 6cfbbdf8f9fdde2fc15c26fe9502e066
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: d4j8gj713hrk
x-robots-tag: noindex
access-control-allow-headers: content-type, accept, authorization
x-amz-cf-id: ewf4cgURdp3XQqp4IXcOXuX-nlPjVueypKB4tUmh50fkKpW7tJo9rw==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2Fd8b99ebf92b546ecb7c446f72a07ceb8
cdn.builder.io/api/v1/image/ 3 KB
2 KB 98ms
93ms Image
image/svg+xml 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2Fd8b99ebf92b546ecb7c446f72a07ceb8?width=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8961de7bce519741044658fa53bab58d511985f3b5f447407c4d4a4b98c225d2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 05 Aug 2023 09:36:42 GMT
content-encoding: gzip
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 28471340
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
x-request-id: 95bd4990-3373-11ee-ac10-e7442ca323bc
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 2dc3892c278edf01be51bc43d9544d0d;o=1
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: nqy1wqmzulxw
x-robots-tag: noindex
x-amz-cf-id: iQZgJzkdv81D0hmjEbqH7P5tErhA0chm-14tMtm4guXyNO10ajF2_Q==

GET
H2 200 assets%2F9be7b3a343374be9b104de2868ae6f69%2F4205044dac7b4881b747ba15bd1772bf
cdn.builder.io/api/v1/image/ 4 KB
5 KB 99ms
94ms Image
image/webp 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.builder.io/api/v1/image/assets%2F9be7b3a343374be9b104de2868ae6f69%2F4205044dac7b4881b747ba15bd1772bf?format=webp&width=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 0d79b6d111db00a1a53aa4f416e7b5d026002e990cf0fddea16feecef99b1c65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 09 Aug 2023 23:01:31 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
age: 28077451
x-powered-by: Express
surrogate-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache: Hit from cloudfront
content-length: 4140
x-request-id: ae3355d0-3708-11ee-ba68-abb3758c7608
server: Google Frontend
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-cloud-trace-context: f3726d9e799c9a03b2f5a4e820b5f1d2
cache-control: public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: gxx7iipgv8hy
x-robots-tag: noindex
x-amz-cf-id: spAAFEpj4dzjA12w0gJ9f9v3qvTwjtwujwpgy5WNQNIkoP2DzXJpvQ==

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
408 B 37ms
37ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345751
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 3
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: tJuE0mNxAjvuTGRkHmTrm5JI37vGV0lOi1FnEwWBQ_cQylGIo1mI_w==

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
0 38ms
38ms Fetch
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22home%22%2C%22event_id%22%3A%227f32e910-c798-4470-bea7-89d88c646fbf%22%7D&tid=2613287502723&pd=%7B%22pin_unauth%22%3A%22dWlkPU1ESTNPVEpqTnpFdE5tVmhPUzAwTldSbExUaGlOMk10WVRVNFpUQTVOVFl5WVRkbA%22%7D&cb=1719699542087&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.provenskincare.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.126%22%2C%22ecm_enabled%22%3Atrue%7D

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

quic-version: 0x00000001
date: Sat, 29 Jun 2024 22:19:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.36d53e17.1719699542.566abc7
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 35
x-pinterest-rid: 1538350962226890
pragma: no-cache
referrer-policy: origin
content-type: image/gif
access-control-allow-origin: https://www.provenskincare.com
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/6a/intl/de_ALL/ 255 KB
56 KB 45ms
3ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/6a/intl/de_ALL/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e33d8314880570eac69416e54206eeb24c57d80af3117a4b680c78c280bc0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56897
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 22:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:16:13 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/6a/intl/de_ALL/ 185 KB
57 KB 46ms
5ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/6a/intl/de_ALL/util.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b687c24b5362a6f2ccc273ba17c3307a241180c21a20d7e1c050ce50e1dc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57850
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 22:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:16:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jun 2024 21:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2281
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 29 Jun 2024 23:41:01 GMT

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
409 B 39ms
37ms Fetch
application/json 2600:9000:225d:b800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225d:b800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Jun 2024 18:43:11 GMT
via: 1.1 43334d331c518c3406b3d27e1a927864.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P1
age: 2345751
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: Miss from cloudfront
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: l-Z9xdk5R54uuTG_fRD7_qT3xefEXnQzQ7PuUaPjnxViB_LD9sF7XA==

GET
H2 204 17424522.js Show response
bat.bing.com/p/action/ 0
115 B 31ms
31ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17424522.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 29 Jun 2024 22:19:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0558AA452600426587A1A9E2F946CE91 Ref B: FRAEDGE1112 Ref C: 2024-06-29T22:19:02Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 35ms
34ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17424522&Ver=2&mid=3fa0c635-ee44-4ad3-bf89-e727b5ff3bf3&sid=96f44350366511efadebcb2be05a87b3&vid=96f49c90366511efb54f8bf50acf25cc&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Personalized%203%20Step%20Skincare%20Set&p=https%3A%2F%2Fwww.provenskincare.com%2F&r=&lt=1161&evt=pageLoad&sv=1&rn=100521

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jun 2024 22:19:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6B9174E4F344A23A463B6AEFA65DD9D Ref B: FRAEDGE1112 Ref C: 2024-06-29T22:19:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 15ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=252176124&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provenskincare.com%2F&dp=%2F&dh=www.provenskincare.com&ul=de-de&de=UTF-8&dt=Personalized%203%20Step%20Skincare%20Set&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACgGKC~&jid=230835657&gjid=2127789889&cid=1055823592.1719699538&tid=UA-109841154-3&_gid=1983347359.1719699542&_slc=1&gtm=45He46q0n81KBQ57K4v79326618za200&cd5=&cd6=https%3A%2F%2Fwww.provenskincare.com%2F&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd2=1055823592.1719699538&cd3=20240630%7C07996888&cd4=00%3A19%3A02&npa=1&z=742691135

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109841154-3&cid=1055823592.1719699538&jid=230835657&gjid=2127789889&_gid=1983347359.1719699542&npa=1&_u=YCDAiEABBAAAAGgGKCC~&z=1389289539

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jun 2024 22:19:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-3&cid=1055823592.1719699538&jid=230835657&npa=1&_u=YCDAiEABBAAAAGgGKCC~&z=1293739457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109841154-3&cid=1055823592.1719699538&jid=230835657&npa=1&_u=YCDAiEABBAAAAGgGKCC~&z=1293739457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/domain_key/yotpononproductrelatedwidget/widget/ 968 B
909 B 20ms
20ms XHR
application/json 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/domain_key/yotpononproductrelatedwidget/widget/bottomline

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e95540eacb7f98b1db159f40571faec2f51e1212ff35ff24acd17bb4287c6278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.provenskincare.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1719699543340_388391753_320275890_703_5909_6_0_219";dur=1
content-length: 346
x-xss-protection: 1; mode=block
x-request-id: 4962fcce4415aef0cb42608ccbf77466
x-runtime: 0.016015
etag: W/"13d468b718a0843c7d0dee2caf49fd1d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=9620
access-control-allow-credentials: true
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/domain_key/823500/widget/ 964 B
919 B 156ms
155ms XHR
application/json 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/domain_key/823500/widget/bottomline

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0da6af0301b45fd397265f0b9843f70d9183f8146386410a91d17652a6b7ea5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.provenskincare.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=131, ak_p; desc="1719699543346_388391753_320275891_13804_5376_6_0_219";dur=1
content-length: 347
x-xss-protection: 1; mode=block
x-request-id: 16b639760ed8c128eaf352dcbc4ae72d
x-runtime: 0.029545
etag: W/"af676a49545ebdbbff7c13142e8d3caf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=10750
access-control-allow-credentials: true
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-headers: *

POST
H2 200 serum-all Show response
staticw2.yotpo.com/batch/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/ 962 B
906 B 23ms
23ms XHR
application/json 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/serum-all

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a714973fb5c2dc347d36ed94301d1f868c8c3c759f6eb839c00c2580d5381514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.provenskincare.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1719699543346_388391753_320275892_648_5365_6_0_219";dur=1
content-length: 343
x-xss-protection: 1; mode=block
x-request-id: 6e3b2704b0ce654ab64abeff3561fbd3
x-runtime: 0.038601
etag: W/"f679ad6e79b1ff2675a2979dd422ff25"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: public, max-age=9583
access-control-allow-credentials: true
access-control-allow-origin: https://www.provenskincare.com
access-control-allow-headers: *

GET
H2 200 yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 12 KB
12 KB 30ms
15ms Font
application/font-woff 2a02:26f0:480:ba9::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2023-07-30_08-44-12
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2023-07-30_08-44-12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:ba9::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://staticw2.yotpo.com/Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG/widget.css?widget_version=2023-07-30_08-44-12
Origin: https://www.provenskincare.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 22:19:03 GMT
last-modified: Sun, 19 May 2024 13:21:58 GMT
etag: "6649fcf6-3000"
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719699543372_388391753_320275894_31_7918_6_8_255";dur=1
accept-ranges: bytes
content-length: 12288
expires: Sat, 06 Jul 2024 22:19:03 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 174ms
172ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=F2508&UserId=2ace5032-86b1-4317-b324-e666639b0b29&SessionId=2fc6c373-ee4b-4b76-beed-78a40348da07&PageId=5123564d-3857-40a7-af94-3250663eb02c&Seq=2&ClientTime=1719699543409&PageStart=1719699538382&PrevBundleTime=1719699540966&LastActivity=3017&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e933b457304a941e174b078a016fdfc0cf83127eb91cf4aadbef8b300a9a5815

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provenskincare.com
date: Sat, 29 Jun 2024 22:19:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 7ms
7ms Image
image/gif 18.156.51.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=category_page&se_va=Q4D3FiO5xLBrnszPbwSG1fTibVqXmh7i1uctCZtG&cx=eyJwdl91dWlkIjo1MjE2MzA0OTQsImRvbWFpbl9rZXkiOlsic2VydW0tYWxsIiwiODIzNTAwIl0sImNvdW50X3Byb2R1Y3RzIjoyLCJkYXRhX3NvdXJjZSI6ImRlZmF1bHQiLCJwaXhlbF9pZCI6IjQ4MzAxNWJhLWQ2OWEtNGFmYi1iNzlkLTU0MmZjMTM1ODQzMCJ9&dtm=1719699544497&tid=521531&vp=1600x1200&ds=1600x4344&vid=1&duid=4c91403a42ea769b&p=web&tv=js-0.13.2&fp=3554096492&aid=onsite_v2&lang=de-DE&cs=UTF-8&tz=Europe%2FBerlin&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.51.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-51-183.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Sat, 29 Jun 2024 22:19:04 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Sun, 30 Jun 2024 22:19:04 GMT

POST
H3 204 collect Show response
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91WG9T9YM4&gtm=45je46q0v874113536za200zb79326618&_p=1719699537855&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1055823592.1719699538&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&dl=https%3A%2F%2Fwww.provenskincare.com%2F&dr=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&sid=1719699541&sct=1&seg=1&dt=Personalized%203%20Step%20Skincare%20Set&en=page_view&_et=102&tfd=11003&_z=fetch
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect Show response
region1.analytics.google.com/g/ 0
17 B 14ms
13ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WG031FR1CX&gtm=45je46q0v879258545za200zb79326618&_p=1719699537855&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1055823592.1719699538&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&dl=https%3A%2F%2Fwww.provenskincare.com%2F&dr=https%3A%2F%2Fwww.provenskincare.com%2Fauth%2Fuser%2Fpasswordless%2F%3Ftoken%3D%26email%3Dsjohnson%2540backcountry.com%26promo%3DCLEARSKINSUMMER%26utm_source%3DIterable%26utm_medium%3Demail%26utm_campaign%3Dba_20240628_free_spot_treatment_1_pros_lap%26utm_term%3Dskin&sid=1719699538&sct=1&seg=1&dt=Personalized%203%20Step%20Skincare%20Set&en=page_view&_et=3363&tfd=11010&_z=fetch
Requested by: Host: www.provenskincare.com
URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.provenskincare.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 22:19:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provenskincare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~ef7d455c-c0b887cc7dd6f46755a0.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~7bd12dde-a7d20543187c06e87e89.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~102ff935-5c2505f211e0abc5db0c.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~1019d6e1-9470e656a8f4b62fcbdd.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~cecaaa2b-4738dc2a0cd9e1232124.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~d605314e-ac88af59d67700a76428.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~a3f6583e-8d56e6a5d410b9d2386a.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~157645a8-efe0eabfd73b6b0ced82.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~52f0199e-4651321baefc94959a90.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~ed126cf3-c35fff0b5bcf0bb6bff8.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~5601a669-73757b676e685d17d14b.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~362bd4e4-d47e8ad05b1e0dbc1dba.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~25dc9f7d-c00b06a2c28e0df2029f.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~b2c1640e-d3eedbde5f7774bf3acc.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/main~43dd7041-84073a273d2c6ce0a747.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/7016-3da27dd4b0936d36659b.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/9856-c6f84dca68f28c359673.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/896-4939e19b8998e180b9e0.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/8796-52699ebd0532fece684c.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2363-f1bd42350c1d46b473f4.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/5984-70b4effecb281de2731e.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2964-b9d3de3072959a54cfc7.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/1428-bfa6b79840a1d0b8373b.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/4516-292879b389f6ca8ea3d6.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/5664-963365335dc1f3595b9e.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/4320-986e270844a736123282.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/9560-8597622c4be85ae684d4.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/6768-9f0459ddaedd3f5bc5c9.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/9748-3328cba39e613fecfd9f.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/7412-ca367a1ae2a69d792d98.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/3064-e0836eb7e9e5695f8d3b.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/1540-77f596381419667b64fb.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/840-c855e93e7785e45ce378.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/5248-7c67c46757173a40ef53.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/4552-be9c8ab9d64a80413879.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/3472-ddcf2e78d5a07c3acc59.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/5752-1ac395be7e90729f76ff.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/3568-b44049acb732232ef4cf.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2780-a83e405b839de128a8f8.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/8196-309ee510542710e9c985.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2520-1363e28628ee87538e01.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/9552-36ba2ca6ffec7b6fb401.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/1584-0aa9738ab7f6fd2b21c7.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/9112-9fe5a0d831dcee25bb40.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/3984-a7248cd53952ef3c20c5.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2788-ba2a53eb44e7ed5c3c0c.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/7184-0bc02c3dc6eb9fc37a17.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/4724-f2948fb4cebd72511029.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/5028-c7ec5cf2c8c4e059f990.js

Domain: www.provenskincare.com
URL: https://www.provenskincare.com/dist/2396-e7183a3a664c225cede9.js

Domain: cdn.pbbl.co
URL: https://cdn.pbbl.co/r/2693.js

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.provenskincare.com/	1970-01-20 21:43:05	Name: iterableEmailCampaignId Value: 10297466
.provenskincare.com/	1970-01-20 21:43:05	Name: iterableTemplateId Value: 13578583
.provenskincare.com/	1970-01-20 21:43:05	Name: iterableMessageId Value: 7734fc665f8d41b8b44a010aff2b03f5
.provenskincare.com/	1970-01-21 06:27:15	Name: iterableEndUserId Value: sjohnson%40backcountry.com
links.provenskincare.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: d23c4f121d0be91b3f5284b83e14787922d85f7a-1719699535913-ff5d89a20f5284214865dd05
.provenskincare.com/	1970-01-20 21:41:41	Name: __cf_bm Value: 5Z8kNUfea5YJnIZ5868uc5UqbGKGDqYaLvX1sGyRTmo-1719699535-1.0.1.1-V9JFYWSt.rz4JJEVtDFLtLSVCxtPoXJJUyqtklB.MsKpzmMz0rOLzgmh9MII3vlx17Hm6euFKOGVa8MO8fAgZg
.google.com/	1970-01-21 02:05:10	Name: NID Value: 515=SEu5f24VJHuLHHDlDX2FwlVuih2GP84KaweASE315ZakaBPIUbQY3PMJrSXKGnK_J8TAVZU9gcKGsjEvz4loW8Rari7sAtafhlArNan9ngsj3Qj9zq2fHY6aDeyDNw7MGObr2yYjF2BEFBZI-JlVKlgFjSdtXXFxhQQy7PCMUDM
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: OvLLKFrl1UCMlBSMxQpXnv.jrs_cVZwjSTJF22mrusI-1719699536857-0.0.1.1-604800000
www.provenskincare.com/	1970-01-20 21:42:11	Name: yotpo_pixel Value: 483015ba-d69a-4afb-b79d-542fc1358430
www.provenskincare.com/	1970-01-20 21:41:41	Name: _sp_ses.38a3 Value: *
.yotpo.com/	1970-01-21 06:27:15	Name: pixel Value: ffb70563-2f62-47f9-5ff8-fb1381d11f96
.fbot.me/	1970-01-21 07:17:39	Name: globalId Value: 67907a6f-4ae1-451e-97fb-72e31c78a7c4
.provenskincare.com/	1970-01-21 06:27:15	Name: ajs_anonymous_id Value: fa1180b9-38b6-4daf-baf6-266c241b32aa
.api.lightboxcdn.com/	1970-01-20 21:41:43	Name: TiPMix Value: 40.67558817169091
.api.lightboxcdn.com/	1970-01-20 21:41:43	Name: x-ms-routing-name Value: self
.provenskincare.com/	1970-01-20 23:51:15	Name: _gcl_au Value: 1.1.1046571491.1719699538
.tiktok.com/	1970-01-21 07:03:15	Name: _ttp Value: 2iZYOtJGePQ77MUms5oDIDcAtfW
.provenskincare.com/	1970-01-21 07:03:15	Name: _tt_enable_cookie Value: 1
.provenskincare.com/	1970-01-21 07:03:15	Name: _ttp Value: EOFzQg3K7mTQFwE3H9y7g6xNl6G
.pinterest.com/	1970-01-21 06:27:15	Name: ar_debug Value: 1
.provenskincare.com/	1970-01-21 06:27:15	Name: _pin_unauth Value: dWlkPU1ESTNPVEpqTnpFdE5tVmhPUzAwTldSbExUaGlOMk10WVRVNFpUQTVOVFl5WVRkbA
.provenskincare.com/	1970-01-20 21:41:41	Name: fs_lua Value: 1.1719699538381
.provenskincare.com/	1970-01-21 06:27:15	Name: fs_uid Value: #F2508#2ace5032-86b1-4317-b324-e666639b0b29:2fc6c373-ee4b-4b76-beed-78a40348da07:1719699538381::1#/1751235539
.mountain.com/	1970-01-21 06:27:15	Name: guid Value: 9547eb7b-3665-11ef-9253-510779360d48
.provenskincare.com/	1970-01-20 21:41:41	Name: builderSessionId Value: 4da243cca68a47148e339c4ba89e0abc
.provenskincare.com/	1970-01-21 06:27:15	Name: cf_clearance Value: g6_tlZMdUvcmI6tBJHbZYnaEjgq.eZxyX5cu0cc8BcE-1719699539-1.0.1.1-X9Ni7F3qb2_QNuXX.nfjISfI0FdK9.oPZ1P0PhDKEeOjoPP7T1TuI5kF6djAmJHFEHMseX4HkBkGAHE2XV_AQQ
api2.hcaptcha.com/	1970-01-20 21:41:41	Name: __cflb Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCzptjmwzDxAR
.provenskincare.com/	1970-01-20 23:51:15	Name: _fbp Value: fb.1.1719699541392.631401853866844
.px.mountain.com/	1970-01-21 06:27:15	Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYyNbGMN7IwtlCyMtBRKlOyMtJRQhY0NDe0NLO0NDUxNDa01EHSYm5pDNRSCwDnyOmURgAAAA=="
.mountain.com/	1970-01-21 06:27:15	Name: rt Value: "MzI1NDk6MTcxOTY5OTU0MQ=="
.trkn.us/	1970-01-21 06:27:15	Name: barometric[cuid] Value: cuid_66808855-99d0-4170-b232-a8b0aaba6efc
.provenskincare.com/	1970-01-21 07:17:39	Name: _ga_91WG9T9YM4 Value: GS1.1.1719699541.1.1.1719699541.60.0.0
.provenskincare.com/	1970-01-21 07:17:39	Name: _ga_WG031FR1CX Value: GS1.1.1719699538.1.1.1719699541.57.0.0
.ct.pinterest.com/	1970-01-21 06:27:15	Name: _pinterest_ct_ua Value: "TWc9PSZEa0pWTGRLVjR6YnIrWUxjUmNvWmpsazdoMVhMNGtUUXFTSE54c0ZlM2lJejQrZlRnVGI3QWlrU01LVlhsSVFYRk1Ed2ZEYkI0d0N6OUM3ek50VTFObitLM1V2dEpYRCtMQ3F2UUtiYWEzaz0mdjFLZmtDWjlRRXA0WE9RVVJhcThoVEMxY0ZZPQ=="
.provenskincare.com/	1970-01-20 21:43:05	Name: _uetsid Value: 96f44350366511efadebcb2be05a87b3
.provenskincare.com/	1970-01-21 07:03:15	Name: _uetvid Value: 96f49c90366511efb54f8bf50acf25cc
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_gbd Value: provenskincare.com
.provenskincare.com/	1969-12-31 23:59:59	Name: IR_11470 Value: 1719699542383%7C0%7C1719699542383%7C%7C
.bing.com/	1970-01-21 07:03:15	Name: MUID Value: 39145FB599E1604809FE4B18988A6183
.provenskincare.com/	1970-01-20 21:41:46	Name: _ga Value: GA1.2.1055823592.1719699538
.provenskincare.com/	1970-01-20 21:41:46	Name: _gid Value: GA1.2.1983347359.1719699542
.www.provenskincare.com/	1970-01-20 21:41:41	Name: _gaclientid Value: 1055823592.1719699538
.www.provenskincare.com/	1970-01-20 21:41:41	Name: _gasessionid Value: 20240630\|07996888
.www.provenskincare.com/	1970-01-20 21:41:41	Name: _gahitid Value: 00:19:02
.provenskincare.com/	1970-01-20 21:41:46	Name: _dc_gtm_UA-109841154-3 Value: 1
www.provenskincare.com/	1970-01-21 07:17:39	Name: _sp_id.38a3 Value: 4c91403a42ea769b.1719699537.1.1719699544.1719699537

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
javascript	warning	URL: https://www.provenskincare.com/auth/user/passwordless/?token=&email=sjohnson%40backcountry.com&promo=CLEARSKINSUMMER&utm_source=Iterable&utm_medium=email&utm_campaign=ba_20240628_free_spot_treatment_1_pros_lap&utm_term=skin Message: The resource https://www.provenskincare.com/cdn-cgi/image/f=auto,onerror=redirect/https://media.provenskincare.com/img/home/desktop/hp-v1hero-bg-desktop.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.lightboxcdn.com
api.segment.io
bam.nr-data.net
bat.bing.com
campaign.fbot.me
cdn.builder.io
cdn.pbbl.co
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
dx.mountain.com
edge.fullstory.com
fonts.gstatic.com
gs.mountain.com
insight.adsrvr.org
js-agent.newrelic.com
js.braintreegateway.com
js.chargebee.com
links.provenskincare.com
maps.googleapis.com
match.adsrvr.org
p.yotpo.com
pay.google.com
proven-api-production.herokuapp.com
proven-pay-production.herokuapp.com
public.fbot.me
px.mountain.com
region1.analytics.google.com
rs.fullstory.com
s.pinimg.com
static.fbot.me
staticw2.yotpo.com
stats.g.doubleclick.net
trkn.us
tvspix.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lightboxcdn.com
www.provenskincare.com
cdn.pbbl.co
www.provenskincare.com
104.126.37.178
13.35.58.20
13.35.58.60
143.204.215.128
162.247.243.29
18.156.51.183
18.239.94.83
192.229.221.25
2.19.224.184
20.40.202.0
2001:4860:4802:32::36
23.22.144.165
2600:9000:225d:b800:2:cea4:aa80:93a1
2602:816:5001::39
2606:4700:10::6816:1b5c
2606:4700::6811:180e
2606:4700::6813:d383
2620:1ec:c11::237
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
2a00:1450:400c:c0d::5c
2a02:26f0:3500:88b::1931
2a02:26f0:480:ba9::1d72
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.165.246.143
3.33.220.150
35.186.194.58
35.186.249.72
35.201.112.186
35.81.162.201
35.82.126.224
35.85.106.161
44.212.189.233
44.240.52.117
52.22.50.55
52.222.236.107
52.7.151.245
54.235.77.118
67.202.51.57
95.101.111.153
00e57d05069f8818b6f243ad2e6ab6b37dfef16f1d2b12369a4f1149c5617eaa
0172e03f3b5de0028f0661772f6347a814cb235430e628e2a9a3ef5fd16760fc
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
0481ce2326c77cc89a75e52937d02ceeb9ce7c1a9f22ea9779f5f0e2aed8b32e
04b6f64026c4628a6e0085c9a5ae4f915973090961a82c315b1eccc8886d4cfd
055fd2d2b3684ee9ee1db9c8571a042135ab0d9b7327632a93428850af10638a
05e8af61d944ce72c310dbf1204a05d0941e6ff5569e246a82bc13ab6f23cbda
06862b7a15bd7e681bf6c6970cfc0624919ef1c2e86c4693763b942a2a37dc94
07cb39a7a66298b9d67fa4e4fef0998a5eae544d862d23bab4dd773f30eff9fb
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ceb6012a64743a3364ea1f848736a0239fb68db056822ef46f3264cb6ae11ef
0d79b6d111db00a1a53aa4f416e7b5d026002e990cf0fddea16feecef99b1c65
0da6af0301b45fd397265f0b9843f70d9183f8146386410a91d17652a6b7ea5f
0ded27b516d740f2481a88563d5cd997e54bb05de2d3814444e3298237810f10
1182703d14fb4aa33711014cdb2203be511e6e7d852d7cdb7e57b6a282d33c12
11cb69f8b850c942767c25acfe66e8f1b709be34151e6b70de8b2e50e8e99d58
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13575b73cac87583ac763ca4c7686f8afa32e1073005708e2cbe60c7f6ebb24a
14efdf2ae8e4003dbd1301377d838335e8160997af9b4f88ef0453a1048efcdf
19e5b22ff5dc558545f415c3a5fcc8a0fe511d7d3b1aba49f63efa2a588c4071
1a7695f7a5a2af5d4b6bdf002208ee912d1db8bbd5fd3de0df9e80180d0198bb
1b35a6ffa194f412a8f15c0b15c218a4cef102d2fb8b201086a344952f19d686
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d60a13a61acc5da40cb2dd7018545857e73176315baf7812772129380ca5b9c
1f73ab71ff786feecb32714b3d7eda4febbc7d8a28567aa40f3fa9c6eb43dc6f
20a3d8ce15e889a91a6bd54831a81e95f53b54516159f124349d72270cb2a42e
20a7a56877a96f53e3231e28a239a4a1bf45ad5dadc7dd967996d3686441a3fe
226e62698265217367601fe856e84663e7e55ad4368ea0e171c1ece30e287eaf
228ce2fd816156544c5b08546c917bda86b1b6a08a872f5bb4b31008d67c0735
244dcf21022ed205b4f01b0b652fca6591b9a75d66aab3926afa02bd3c8757c3
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26b687c24b5362a6f2ccc273ba17c3307a241180c21a20d7e1c050ce50e1dc9d
298ab7fe85a9903e413d721701fe084d79c8beea5e94902d52298f8989213fbc
2d2a5bb1ed8c417836073f9ed83bef000d41786d35c16c81e10fd1d527e566f9
2d38532dcea04825948e20591c4a683d3d5d204c322e93cd34791fdcb480f7d7
2e1d37eede31b28e70a5ad04013b247aa16c1f1461e62a5d5db141a4bad735ee
2e88a016af4a68e0bf52697ab0efab8e6514590ffae7b981cbc03edea71d9268
300ae542faf3f32b9d58da96b716861e7c130c7339b411ce831fecc6b57eab36
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
32db5baa6a07476ffdeccd60aeab28bb3b5c8521a98e877282a365522118ec11
331b9d4aaa2a3173132067d7d0b5bd429bb355f5d36c0d5f732beb00f50c3951
3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5
35bffabaf1678dcbe8807390ffff8a392c67da3193ccd1ccff0bb52b797329d2
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
379d6ad8b4f4e47e37d76b0ba51c668a63fb228b3ead9136e37301ccda3b3778
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3808d783c90f7e80499abbd3aa363157574df658c7820ababb64d391588af368
3a8755ab56e3c7cd7089fa1fde1dece24ffe64031dcac80a692fcdfb76bb1940
3b02f553c77183b86b196ab7986df6bb6241579023e4258663157355817f8707
3bed23cd072a87d1b6ec052591cf2507255a5a1a4416ff973b26d93b8c945797
3c045befedb5050a7d745afed2c0824494a2fda8fdce16f08582f47371098d79
3c9dfbaf23f8a2138b0d18970b9ac7bab94b384366a5a5015a3ea757902a0c65
3ca9c98a73b76f077ffe2a01d2c349a29b3427736dded92c21c930b0fff4d16d
3d909cba7f07ed84605c2ea8d01b21334b299accb6361c753888b93954856587
3e4ba438125438814aa10d6e9b11fd6e6d73f9b56296b0f386921174323ace61
3f1ec2b737a51ea868107d991b8729460b1af2b6ac2b41f8cc0c237175357b99
3f65f3b4d9b9567bae631b25707af69f14859b91cd5c34b3eeed1eacebdf80ee
4037bc488cf1b24e172f63bdf3e8b16b3800ad7319809002aa6cfb25ec12252d
41c22b023fcdbd1ec0e590a756fd24e81db8b0983a6af71031428560edc121f8
47d5067a1161ebe6de6e533dc21eaad185af2a35f39e628bbca1630aaecaba92
493f22a91749bba7175ce86f046b816abe0647386a792b1c26cec7bd0a9bee46
4a1a408fa7e640e36392053bc555da262a9e9c4bb7c1bc3a01f23c91b8b722cc
4d29f5bc8393f25ae465dd1e664be1cafbf02cef1b92bfd492e18aa4c78a3736
4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483
511b731aed6a8aa3e5f3e0e6e7c3500a760032e376d92ddeeca9e5c4c6bbe99d
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
540eca2ea1a777cc1476e41ec20aaabd5de607e936fceed83895d5cef8945e52
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
59525b235de8c4064af5b57c8366cd2406af73fb027f3481e3067a0f5b174a48
59543165cb5ba49f57339246a6c26666eee40df8647a2880dc8bdb7dc1cc6567
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5b1b81eea11e41a0a6c715fb6e85f1a6f1bae505b10dcb1d630a157b849779f1
5d348c5bab93b85544aa2047fa6bf0d57a51e8cbcad1b6a76934d17ad598f0cf
5d906023f35fe18a30dbd1b76a2870de37cfe538430dfb8a6ec2817a3d9bfa22
5d9f09a29faca1d345876f03cbca7e1b870e3731c35cf3c63e2ba654818ad8a1
5e68b3c338a1567da9bad2b7015d68e4e725f2057238e815e5614c2739094b1f
5e874f1ac191adce259c9cc8672397a58b2e5489aca39caf62f7ff2785c02489
5f2eb0c43ace7f3dff483ff473e610c4cbf5397087fd13d2f0313c8c1e39edc3
62f8742791ccf1a725ef42925fbd6d985cd3408e19d21571261d7e1b6423faea
66731c17a6c4c93a6daf139d9115ee222a9e6175771eed55827d6135a66a4da0
6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92
698ab064d795191da9d84b8e481d33a3e5c4cd06ccbea239a4eb5c8be892083c
6a3024b1047c265cf9765ee572e062f7516f1ad4d1d8a2cc390b00b9833e9eda
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba70fa76abab827769c160f6f8b39665413af8154788be558e45daff1f615a6
6c583215c38cc92f6f99d66305c05ae8460302acaffe9a961f48623a5a28a29a
6c90363db21af9013c2fe455dfbf0f1a74fb60b813823a37affa99df8c67f0b8
6d603d84f4aafcb9d6ccfbd8179facc3d53aeccd012ea1d5a822644cb7c98690
6f8816336d997b5ac75b2c03c8f373c2264432667bc48636f7995c644dfbad37
705ddcb5d26f038d85969e092f581f692fc6feaf857cf27d11dc9608ee827d19
70c5b694c870877806b7af2d069edcde76fadf534b385c57fcf131f9b6a0458a
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
72a4730b94c57c309cda230cba7402048773395195f6e71935b1b6aff96634df
759aef0f5346c3c624826710dff2ce0fcea2b6c35884bfdf3b739bd8d27c9c95
77278ec6ffa3bc379d1d63440197f0d9b29589fedfb584cf78cb2dd7a15dfaf1
797bd652cbd43bd0b45c9bead0e560448320ea9026788c1a3044f6ffd872498e
7b82c085820bfd85aaf26c9af590f9eaad9b38362e847b0913c27e2fd6f09ace
7c76ea60746ff55c8dcdcf9cccda0da926948335f84fc58040058b613d8ca38f
818a439ac8b418c626e873091193b4c60d376e94efe5d1c3df977f00012a2d58
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
829c330240c369ce3820b1510abcf7433909c28abba09f514df4436ea844e7b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86f34590131aee1781c3458ff08e606fcb22c09a51bf330454b1ecae503c0c5f
872c892280a968d0e02e0c3348062c9155d1d9e1ac8feb221eb596f3133a36fb
8773a7062aa20f197eccf7537570d77d0d8fb080f26f2b3df37e0854fd6a70a0
87aa275cf2223a76cba9ed1c6be67d53ed6034b60469e7165cc039739a310122
8961de7bce519741044658fa53bab58d511985f3b5f447407c4d4a4b98c225d2
8aa0cbd2f8a168192722f787611860a11be3d6a3ac9ab6a000bfad6f7626770c
8aec8e47d01a356c10a18f9ce92f7b37598bd58f2bfd3d14c4b24f5fe207762d
8bef07d994738e7e0521b0ed4af73a9e2f51f4db01f33b2b565b378bed7a8d7f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e33d8314880570eac69416e54206eeb24c57d80af3117a4b680c78c280bc0a7
8e6ce17c0f54cb011208e8efcea1882366e4b13f694e2a4fef065e90381205e3
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
90ae73cd3f743f43487bdaea1b9583dd797ef488ab010fa2bf226ddf9832439b
92e1a81b56c33beb8b603f84dada92eb39ebf3e188624991f3ee9b79614666b3
9440d2546b2c4b3ece7ffa601c7a5128da0e473e06b832a3049b5ebc719a8217
964bdf1c8f5ecf297c0e7b739a97bc49f5792504532e8e9a56b2b164750984e0
970b41c7b91e24fdedd379e95edddece68399a53af803e2c9ab314f38410f681
97af10e459a3e2861e7f1c0b1248df09cedb857732f9c4114ebe9db32d8db7dc
97e3d9de57b35aaded14fd2f013711e7ea0e2e0a2a9a9dd678ccd2d7db55692b
983acf3ef5c106a8e903cbddc3c53c08f2b8b98313ea22e41a0acf7ca3a18150
98be514ab974f44d8e8e83e2640e6dd1dbc87043d1b0d1d4765b45ccdd70a849
9b012582173efa3ce4fc263115248edd10c4696fa3a5bc1b20e5a503067bddd4
9bbae7070510131b0b0db1a17dae64a05b54bd1c672acf29e7e0f463f2923534
9c89e59fb9c7b91ba6209fd1fa2e4d0ba0748e38fb80d7329596174b8dd07e98
9da159d8bc1a02afb166a01ee2a66244694bafad5ff9f87af9ec4e7898955d89
9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
9e64eba566798c6bd106c9d6f64622c65505e7f2f6756eea6c5e7b86122ef7c9
9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3
a1361446afd051dcc9778aebc1209f1c818fe76c8b50b721cb8b1fc5102d8089
a38be85daeb6788a0b0516a2f6009b31e418cfa8d1e9b3d52401b467ff622b9a
a714973fb5c2dc347d36ed94301d1f868c8c3c759f6eb839c00c2580d5381514
a7360ad72ac30937dd05b84b90fb9532b07a2755dbda33e4933b9015f3e9adb6
a764ae9cc0f16bce92623938b2e9ee1510d1389266bdaa0f56d2a7b5a43b4fc4
a7682d493d5e7b9377e272e480f083d1c3c3c1821ec8199cdfdb75e00975b511
a792206f777d956dac09721d217db4a7c00b9d327cd9ae9f013155ee4e6d284d
a7ac8c15d460be3734c36db62ac7d5486fdb78018ad49b45c6f93db14bfa1b30
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b
adf00edf0781b68b8acd900c70a2d34928b221dea44fc1db095f93c3cc109552
aff7de1c31800240c3a617cf4f1b2471abe4eec8636db6cad10c1d3644374a20
b2d7c5406cd5476cc832d78d9965ac1370bea2ccd700512d91512bd93bb4cac7
b35ceb43c26ca430d4ec7d176b33d9d3ff393cc7d1ea9ba94791745f3caeacc0
b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6
b3b9681901e818d3595ed5f235b8e73b7e99a8e11d1cf23a1965ec692b097dc9
b5b7252063e89b5df199e5fa646c6fe1b66a1c27aaf50c8c9dcebcbfd2bf14b0
b64c7aae991b4f0d066bc7a238958cd3c3fb619b0993c9ee382147e556808a2f
b6d6dabe6e08c83dc1ca00876874dbb8d8688fae0955bb4a9054b85784eb3b87
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
b978621102fa918109d282e47537f8e8f6c00cf67eb409bec588291e27af8427
bb5902e984f3007eb018623b9ce8f1b8f2437646a5a801f3c5220aef4e33c2a9
bf53bd9038544e5ad04d32d05281be924967578cb52a6a59b85ba88cc59015dd
bf8400afa36bbaf1cd13dd8455807898e5f80981a96c7a2fc6d67f7e5c7313a9
bffdcbd236475b96ecc0666f5ecbb2dff52de99ef06f850c8d575165e28d9dfc
c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7efbfbf3a28d21c90fb6ec1de6b326ebe5e1313555d66da638c728a025ec37
cb3c87f38d2059c5a359dab6527aa4520f7fe0d2d681dca45cb874918bb8a566
cb4aaec276ed7b55d6f569f413803c586ec3364efef4f121e704d7e8650aaeb8
cbca2c0c6f4f60aa66042f6789715274ecdd6bceb3b6f62ef7d27d749c864e6b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce176d531b1ae35c5d5276c3cfe0d6062460a255035cf7b73fbe1aed0cbf0a5d
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d0072b5b09bdb547252d7fdb602e3d0c6411d009368d83c12eb24c1a281cdc79
d0b55e9528830a1ad9833c1dcf9a17940a9ee0cf04f2d8d4b0c53ffc76e4310c
d0c6ebe3a94a344a8b23fc67e28f602c0dac0529dd4368a1a8f1a2c9ffe090e0
d5c5cf7a606a3ce46ad3c144b733be4dbc20582195c581fccdbbd1b957826c6f
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dc487339befe359b0400bc85bd0c7a1e3b7f97ff1c23c8452a634b305c3e03b1
dcfc7f1a78182666686aa3f021c18258cb020b50b966929b2fd297cd521b846f
ddeb5172e7a260ab87d19262f7502eab2be66acc3346a9bc5c16e633a67c1ba1
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
df0f09b229a94d4bdc2e2e12b202cc2b256406aecb648ec6fad09a88fedcfac0
e11767221d3944d7c96a571f7183663a440f026322a6c79b760f905cf32d4899
e2dc647304fa8cc9b33bfb0167335861969b270f04a19fef6dc0c416c1edbbc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d658cd2db623598c5c968f10bfa50b6fca71457a07ac88562201c899a8cba7
e4b11f22e7064be1312e7ae122bf6c19c33eb8c35ea8d67a0d9e3c4cf9f53316
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e841021029208d687295fd953796004ecd288795db43802e46158f1997de8609
e88321fc921e1a049cf5fbf9e21c406acd3a61166b10b6e62bb01fd4980a1601
e8f523ec5065772bfeda1c2d43219e2a1bc198448886f988746b27dfeebf7ebb
e933b457304a941e174b078a016fdfc0cf83127eb91cf4aadbef8b300a9a5815
e95540eacb7f98b1db159f40571faec2f51e1212ff35ff24acd17bb4287c6278
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
e9fda204818eb76752b45ba07f2a3357507dfbd1ffac18a8badebda6f96feab7
eb9ded273eb670fb69a7063d6df6f6fd3aa3b4b185703f2c1e97dd5936138a8e
ec483724261ff1995e8649a217553592ba42f34fa045610332cff892c24987c8
ed36d25a27682cab3d5a1492f22ee436d3de97a8217fd1cd4d6f9bcec14e04b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2568e0e8ccd500dfb11a979b0b2c433632ae9340d3b65d64e15329066871ec
f075261966d03035bb64d490f69903652c110be6d1d253ada612540359bd52c0
f3d44cf5860c5545767ca68f10a928c0530622032314ddbdda4f2bce376c530d
f5d0d9cf0d9b1effadc37c4850c9bb61b8053af449203353294ee4ba25812f2d
f7f7c9a0c094b56793f41edde4eb6e0dec0c3e41421822cfaddef13696382594
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
fa9ab0a5917d148ccee3bc2ecfb5f2e4cc66ccf62b1f4caca411070d94b83d0e
fb5a41a8c294c9b69776072b7420bef5efce9d378f8ab004cf1927f92ff1cb96
fbac6c8fce43ae88b5d7545d5916464e40e2951a9c269392ba64cd86f9c806e0
ff8013d1fc889bd5833ad624fc2166aa3e55d0d9869f31704783c18f0a374b7d

www.provenskincare.com Open in urlscan Pro 2606:4700:10::6816:1b5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

310 Requests

83 %HTTPS

43 %IPv6

34 Domains

47 Subdomains

48 IPs

3 Countries

4022 kBTransfer

12658 kBSize

46 Cookies

5 Outgoing links

Page URL History

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.provenskincare.com Open in urlscan Pro
2606:4700:10::6816:1b5c Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

83 %
HTTPS

43 %
IPv6

34
Domains

47
Subdomains

48
IPs

3
Countries

4022 kB
Transfer

12658 kB
Size

46
Cookies

310 HTTP transactions
1 data transactions