tooth-replacement-4741609.live Open in urlscan Pro
104.17.157.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tooth-replacement-4741609.live/
Submission: On April 16 via api (April 16th 2024, 10:19:47 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 34 HTTP transactions. The main IP is 104.17.157.1, located in and belongs to CLOUDFLARENET, US. The main domain is tooth-replacement-4741609.live.
TLS certificate: Issued by E1 on April 15th 2024. Valid for: 3 months.

This is the only time tooth-replacement-4741609.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.17.157.1 104.17.157.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:a800:e:52c5:2040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
3	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	54.216.204.156 54.216.204.156	16509 (AMAZON-02) (AMAZON-02)
34	12

2 104.17.157.1 (None, )

ASN13335 (CLOUDFLARENET, US)

tooth-replacement-4741609.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a800:e:52c5:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.system1onesource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

s.flocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.system1onesource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.132 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f163.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.204.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-204-156.eu-west-1.compute.amazonaws.com

soflopxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	flocdn.com s.flocdn.com — Cisco Umbrella Rank: 40578	564 KB
6	system1onesource.com ob.system1onesource.com — Cisco Umbrella Rank: 34835 obs.system1onesource.com — Cisco Umbrella Rank: 32681	39 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	386 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	73 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124 partner.googleadservices.com — Cisco Umbrella Rank: 5156	5 KB
3	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2857	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7551	192 B
3	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	72 B
2	soflopxl.com soflopxl.com — Cisco Umbrella Rank: 23255	405 B
2	tooth-replacement-4741609.live tooth-replacement-4741609.live	3 KB
34	10

	Domain	Requested by
6	s.flocdn.com	tooth-replacement-4741609.live s.flocdn.com
5	www.googletagmanager.com	ob.system1onesource.com www.googletagmanager.com
5	obs.system1onesource.com	ob.system1onesource.com tooth-replacement-4741609.live
4	www.google.com	3 redirects s.flocdn.com
3	www.adsensecustomsearchads.com	www.google.com
3	www.google.de	tooth-replacement-4741609.live
3	googleads.g.doubleclick.net	3 redirects
3	www.googleadservices.com	www.googletagmanager.com
2	soflopxl.com	s.flocdn.com
2	tooth-replacement-4741609.live
1	partner.googleadservices.com	www.google.com
1	ob.system1onesource.com	tooth-replacement-4741609.live
34	12

This site contains no links.

Subject Issuer	Validity	Valid
tooth-replacement-4741609.live E1	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.system1onesource.com Amazon RSA 2048 M03	`2024-01-11` - `2025-02-08`	a year	crt.sh
*.flocdn.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
pxtres.com Amazon RSA 2048 M03	`2024-01-20` - `2025-02-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://tooth-replacement-4741609.live/
Frame ID: C9B93E600A8D06BD6B20AAB4F3C85718
Requests: 34 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Ftooth-replacement-4741609.live%2Fserp%3Fsc%3DDm9insK5bOHR20%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2588225825898081&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301467%2C17301470%2C17301472%2C17301266&client_gdprApplies=1&format=r5&nocache=4851713305983712&num=0&output=afd_ads&domain_name=tooth-replacement-4741609.live&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1713305983712&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Ftooth-replacement-4741609.live%2F
Frame ID: D9E1BB75CCE34D631056678B0B0A8D18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tooth-replacement-4741609.live

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

34
Requests

85 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1072 kB
Transfer

2910 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIiZyllOLHhQMV9YKDBx0eYQHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw HTTP 302
https://www.google.com/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIiZyllOLHhQMV9YKDBx0eYQHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqIzx1MqxwzbYNHpl2fx2eAJYfQi387g&random=650240491 HTTP 302
https://www.google.de/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIiZyllOLHhQMV9YKDBx0eYQHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqIzx1MqxwzbYNHpl2fx2eAJYfQi387g&random=650240491&ipr=y

Request Chain 16

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInfKllOLHhQMVWIqDBx2N7weoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw HTTP 302
https://www.google.com/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInfKllOLHhQMVWIqDBx2N7weoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtquf4igC1yPfX4gjCxU-yLCpYdNaxVow&random=1417590074 HTTP 302
https://www.google.de/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInfKllOLHhQMVWIqDBx2N7weoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtquf4igC1yPfX4gjCxU-yLCpYdNaxVow&random=1417590074&ipr=y

Request Chain 17

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl7mmlOLHhQMVWpCDBx0zYwSyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw HTTP 302
https://www.google.com/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl7mmlOLHhQMVWpCDBx0zYwSyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqrPZNgr_eu3nbtUe2eQ7mQGInOhxcIg&random=829576606 HTTP 302
https://www.google.de/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl7mmlOLHhQMVWpCDBx0zYwSyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqrPZNgr_eu3nbtUe2eQ7mQGInOhxcIg&random=829576606&ipr=y

34 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tooth-replacement-4741609.live/ 7 KB
3 KB 5284ms
230ms Document
text/html 104.17.157.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeae7babd81e33260e687a21c81b205fe6101c0e219d165d188d0d5ca9a34d9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 87578ef6ca192c49-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 22:19:42 GMT
server: cloudflare
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_RMCM9MAHj8X3fsJyZRraEXHDDgxEQUc5fSfx5/j6+r9XkfgQKlMVFXgtlfIO//mEpzoo5yKSNYa0Qivgrv51Vg==

GET
H2 200 35289458b2de2bf5220f730bdbc66486.js Show response
ob.system1onesource.com/i/ 102 KB
38 KB 36ms
8ms Script
text/javascript 2600:9000:206f:a800:e:52c5:2040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:e:52c5:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 03139b38bbe884f0544dad182412babc6761ced7f52971dc1594c569728240ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:47:59 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 9103
etag: "197c6-WC6NHnDQQgZQgxJ7XlV/TeAz1n4"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38144
x-amz-cf-id: JJajBCPog4G8HYqWY6FR4lsUYK-8QHFbAYsSHGhYHIzb3jYO4I2Jyw==
expires: Wed, 17 Apr 2024 07:47:59 GMT

GET
H2 200 deps.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/ 127 KB
42 KB 364ms
339ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/deps.js
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Origin: https://tooth-replacement-4741609.live
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:44 GMT
x-amz-version-id: XSz80XgyxuHKlx3fKBbfbe3LueRetvp5
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 07:41:28 GMT
server: AmazonS3
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: W/"64e5013ef8a5e0bc3cce7af5f7adf182"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: mSgzt-_Qtqylb6UfpDvWHXFf1VC7bv-TXLrof3pXqKUyYbaRAZ_Hyw==

GET
H2 200 runtime.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/ 1 KB
1 KB 351ms
325ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/runtime.js
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Origin: https://tooth-replacement-4741609.live
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:44 GMT
x-amz-version-id: eXcW1hgnrgN2FWdMfoGPfDcWg4QJCW9l
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 07:41:28 GMT
server: AmazonS3
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: W/"1d64d5f0dfaefdd7c95884fc4268f57e"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: FrIkUCt-6jxL5A_J3A-5AriJQWc4I_EYiuFfSF63psuCP4eWlZ1Iug==

GET
H2 200 ct Show response
obs.system1onesource.com/ 4 KB
2 KB 462ms
270ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.system1onesource.com/ct?id=28382&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&sf=0&tpi=&ch=cheq4ppc&uvid=963t2yphmw6vpf15pqnfqkim&tsf=0&tsfmi=&tsfu=&cb=1713305982887&hl=2&op=0&ag=2689156234&rand=130057966261220862666507280012996312204020066009811912628212040256001766079122662906&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQ0MTJdLFsiYm5jaCIsMF0sWyJhYm5jaCIsMF0sWy02OCwiLSJdLFstMTIsIm51bGwiXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTI4LCJlbi1VUyxlbiJdLFstNTUsIjAiXSxbLTQsIjxodG1sIGxhbmc9XCJlblwiPjxoZWFkIGlkPVwiaGVhZFwiPlxuICAgIDxtZXRhIG5hbWU9XCJmYWNlYm9vay1kb21haW4tdmVyaWZpY2F0aW9uXCIgY29udGVudD1cImdoYjl2YmRkZmY4b2phczM4aGpqYzhtN3NrcXdjMlwiPjx0aXRsZT50b290aC1yZXBsYWNlbWVudC00NzQxNjA5LmxpdmU8L3RpdGxlPjxtZXRhIG5hbWU9XCJkZXNjcmlwdGlvblwiIGNvbnRlbnQ9XCJEZXNjcmlwdGlvbiBwbGFjZWhvbGRlclwiPjxtZXRhIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWluaW11bS1zY2FsZT0xXCI%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vb2Iuc3lzdGVtMW9uZXNvdXJjZS5jb20vaS8zNTI4OTQ1OGIyZGUyYmY1MjIwZjczMGJkYmM2NjQ4Ni5qc1wiIGRhdGEtY2g9XCJjaGVxNHBwY1wiIGNsYXNzPVwiY3RfY2xpY2t0cnVlXzI4MzgyXCIgZGF0YS11dmlkPVwiOTYzdDJ5cGhtdzZ2cGYxNXBxbmZxa2ltXCI%2BPC9zY3JpcHQ%2BXG4gIDwvaGVhZD5cbiAgPGJvZHk%2BXG4gICAgPGRpdiBpZD1cInJvb3RcIj48L2Rpdj5cbiAgICBcbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zLmZsb2Nkbi5jb20vQHNlYXJjaC9idW5kbGVzL0BzMS9zeW5kaWNhdGlvbi8wLjEuNy81OGQ2NTdiYWIvZGVwcy5qc1wiIGNyb3Nzb3JpZ2luPVwiXCI%2BPC9zY3JpcHQ%2BPC9ib2R5PjwvaHRtbD4sNjc0Il0sWy01MiwiLSJdLFstNjEsIntcIndnc2xcIjpcIjM7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy0yOSwiLSJdLFstNDQsIjAsMCwwLDUiXSxbLTQwLCIzMyJdLFstNjIsIjgwIl0sWy02NSwiLSJdLFstMzEsImZhbHNlIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0xLCItIl0sWy0zNSwiWzE3MTMzMDU5ODI4MzQsLTJdIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltcIl8wXCIsXCIzNDY3MTU2MDAzXCJdLFwiYlwiOltdLFwic1wiOjF9Il0sWy0zMywiLSJdLFstNTAsIi0iXSxbLTcsIi0iXSxbLTMyLCItIl0sWy0zNCwiLSJdLFstOSwiKyJdLFstNDgsIjAsMCJdLFstOCwiLSJdLFstMTUsIi0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNDksIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxsb2NhbGZvbnRzLG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTUzLCIxMDAiXSxbLTIsIjQsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstNTksImRlZmF1bHQiXSxbLTYwLDIwNF0sWy0xOCwiWzAsMCwwLDFdIl0sWy00NywiRXVyb3BlL0JlcmxpbixkZS1ERSxsYXRuLGdyZWdvcnkiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstMTMsIi0iXSxbLTYzLCIwIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNjEwNjUyMTIsXCJzZWNcIjpcIlwifSJdLFstNTEsIi0iXSxbLTU4LCItIl0sWy0xNiwiMCJdLFstMTcsIjE3Il0sWy0yNiwie1widGpoc1wiOjg3ODQwNDcsXCJ1amhzXCI6NTU1OTQ5NSxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTY3LCIyNTMyMzEyODg4OjE1Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZEtRRXBOWEZRSVZsZGNTbFpNUzFwY0YxcFdWQlpRRmdvTUN3RUFEUXdCV3d0ZFhBdGJYd3dMQ3dsZkRnb0pXMTFiV2c4UERRRVBGMU5LQXdnRER3NElEZ2dRIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zOCwibCwtMSwtMSwwLDAsNTAzNCwwLDAsMjEsMjMwLC0xLDAsLCw1NDE3LDU0MTciXSxbLTY0LCJbMCxcIldpbjMyXCIsW3tcImJcIjpcIkdvb2dsZSBDaHJvbWVcIixcInZcIjpcIjEyM1wifSx7XCJiXCI6XCJOb3Q6QS1CcmFuZFwiLFwidlwiOlwiOFwifSx7XCJiXCI6XCJDaHJvbWl1bVwiLFwidlwiOlwiMTIzXCJ9XV0iXSxbLTUsIi0iXSxbLTI1LCItIl0sWy00NSwiLSJdLFstMTAsIi0iXSxbLTE5LCJbOTIwLDkyMCw5MjAsOTIwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIzLCIrIl0sWy0yMSwiLSJdLFstNiwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMjAsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MSwiLSJdLFstNDYsIjAiXSxbLTE0LCItIl0sWy0yNCwiW10iXSxbImRkYiIsIjAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMiwxLDAsOCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCw1LDEsMCwwLDAsMCwwLDE2LDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDcsMCwwLDAsMCwwLDAsMCwyLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=BANXkKXLft&pto=5420&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1713305982.lWSwBGWNl5VNpnpC&suid=1.1713305982.0SkOJIm9pwxYZzXM&tuid=1.1713305982.6rTNlDbiM9pjfNWb&fbc=-&gtm=-&it=3%2C5288%2C41&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: b69e0e0098212648f5990d84e652452c5eea966479045a767e1243c33915bd33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1375
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 56ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-932435890

Requested by

Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d22d1675fe0c1b02950cd71daf3f7e18fdd51eb4b837f4fc2fa7e3027c6df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77173
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 38ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982246529

Requested by

Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9144318ec2fde40c41ee56ac8b9703064dac246a3aed02ff023f785d40af932d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80194
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 47ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Requested by

Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa9b093802f080d05977e5d5d92d758f0823e11d244eee3b15a5f2e8e37f3ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80219
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H2 200 tc_imp.gif
obs.system1onesource.com/tracker/ 43 B
79 B 95ms
95ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.system1onesource.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bedc435ef4e829e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f674085d58056796b1ef72b25508f3ed66191073051259150070967575bc6b66a1b77be26bb25cb43e2916af05365ac097c7a1bda53ee14f497d7df3dbb2807ff7ecaa8556d8e0e3143714493d60264f160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7978677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1f17f4306fa091406dbcdba9268a00fb43e38410c51dc39d77c23867959e25dd778cc0b6a69de5e0182bff33a4feb875433eae8b27d4f401b95a594588021eddcd93cfd3f28631cf25d792a3c72ebb2a2860d623679a9f85496a90a633ad06a7cb1ed837bf7a415a59c076e75c8d9ce03fb9c760873ac0cf929b67ce011723bd491713261f3087bc64b042c4dc8034e5c625bdde6cdb88a9a63d8ebae04c306c9ae81e0a9bbb0a4e09f1eff43ffb6488e04eb1f232a02bf142c90a814a93d168d51035f9bc8e74696d135f735e0253d3b59e66c01fa5595c0175eabe24dc9b1110fdbad9a6b56cc2ecf8f586f8aced424f3cf95b87b6596e835f641bd7635e6d6df67baf7005c3ebc1638d7cd6258bab24d1b90d99780f3d21027c109ddce5db3c785786194595d7dfa7b1ca530199acbc7d96ca7367dbce0f3f61fa8dc45526be3b985e9c1eff229814dbd40efeba33fe868ed29c5b7fe9e0390e9e64f2c8e9ff04967e35080493694053b1a65687ee0a96fef88f26bae0f96f0b5139fe63eb76b849a0c22ccf66512b533b637ee65b8d823350b067c2b9f55682b037f5297aef563445f5a2b97748f263b1cb498e153b124ba23a2b83acd468ce5e36989b15e3bba3a3f41083205c624fa40942008e8c1e1efa6af5f4aa4093c1ae4a046ea86a3c1a509e53019ac6bd4955c93d2fb1c2d018968aa8c5583ea864ee45785ccf4d2a63c790591099dce2caf0f24eb478b464d626c8931084b0ba393def9a529dddede3d6f9d7d1261dcfb57017893591099442f3bb68fb8ddfdf71ae9484bbe94c7994e0e6ff42dd46d1116f22603495c3626f8232f85783db6aee4265&cri=BANXkKXLft&ts=469&cb=1713305983356
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 263e3b0a-b94f-4db9-b8d1-fc3f50fd3ffd
https://tooth-replacement-4741609.live/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tooth-replacement-4741609.live/263e3b0a-b94f-4db9-b8d1-fc3f50fd3ffd
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ccbd340e90788480f558c327bb4cad308766163ed9a09b95e7c2ddb5065116c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK b2b82376-d0e3-458f-8970-947e04e2fb2d
https://tooth-replacement-4741609.live/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tooth-replacement-4741609.live/b2b82376-d0e3-458f-8970-947e04e2fb2d
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e601b3d9d28a67b8918940a5096212487fae564ad410cdc01615f344c8d20d37

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5aee1c639f8a589403b234d1a3a5d70e2a96acc3800c1339cdd043c0f145f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77168
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/982246529/ 3 KB
2 KB 42ms
24ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/982246529/?random=1713305983443&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

23db7e63da6ddcb4647ce5c6003f66203fce90a80d0fdee60fb1fbda6f2e774c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1567
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fc0793c33a831ec8892882c7c9f37111760fae75cf1538b80e1e3d2690053f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80156
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1058340534/ 3 KB
2 KB 22ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058340534/?random=1713305983473&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c8315f55ffbb217cfb539866ca375669964d8b75304a2933ef4b58d5c2c27409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1566
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/932435890/ 3 KB
2 KB 26ms
26ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/932435890/?random=1713305983483&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

29cea63c89a9fcde7bc9a0dd86b3e9c8300c24b590b3e4c0401acfefee6afa0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1556
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/982246529/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=syp...
https://www.google.com/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h...

42 B
64 B

50ms
26ms

Image
image/gif

216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIiZyllOLHhQMV9YKDBx0eYQHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqIzx1MqxwzbYNHpl2fx2eAJYfQi387g&random=650240491&ipr=y

Requested by

Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/

Protocol

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f163.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tooth-replacement-4741609.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/982246529/?random=498509672&cv=11&fst=1713305983443&bg=ffffff&guid=ON&async=1&gtm=45be44f0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIiZyllOLHhQMV9YKDBx0eYQHWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqIzx1MqxwzbYNHpl2fx2eAJYfQi387g&random=650240491&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1058340534/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&...
https://www.google.de/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...

42 B
64 B

44ms
20ms

Image
image/gif

216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInfKllOLHhQMVWIqDBx2N7weoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtquf4igC1yPfX4gjCxU-yLCpYdNaxVow&random=1417590074&ipr=y

Requested by

Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/

Protocol

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f163.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tooth-replacement-4741609.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1058340534/?random=226843599&cv=11&fst=1713305983473&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInfKllOLHhQMVWIqDBx2N7weoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtquf4igC1yPfX4gjCxU-yLCpYdNaxVow&random=1417590074&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/932435890/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1...
https://www.google.com/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&ur...
https://www.google.de/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url...

42 B
64 B

45ms
21ms

Image
image/gif

216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl7mmlOLHhQMVWpCDBx0zYwSyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqrPZNgr_eu3nbtUe2eQ7mQGInOhxcIg&random=829576606&ipr=y

Requested by

Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/

Protocol

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f163.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tooth-replacement-4741609.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/932435890/?random=1081164330&cv=11&fst=1713305983483&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftooth-replacement-4741609.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tooth-replacement-4741609.live&gtm_ee=1&npa=1&pscdl=noapi&auid=906511874.1713305983&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl7mmlOLHhQMVWpCDBx0zYwSyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vdG9vdGgtcmVwbGFjZW1lbnQtNDc0MTYwOS5saXZlLw&is_vtc=1&cid=CAQSGwB7FLtqrPZNgr_eu3nbtUe2eQ7mQGInOhxcIg&random=829576606&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UiSyndication.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/lib/ 1 MB
335 KB 23ms
8ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/lib/UiSyndication.js
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ac7927c7e69adf96b9530275ddb398e79bc5e28a2424045e036964c3e90c82b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FKYSzu8GxeyLmWHHfLuMnUbSIzNXe5Ih
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 20:33:59 GMT
last-modified: Mon, 15 Apr 2024 20:01:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 6345
etag: W/"62e4efcd5d4c209dd8962d351b07c90b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: p1mbWcfLh7RakbZlCmFS3P00lKUxy-wCJrECt67IyknTH3sYhKt_dg==

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 dpl-search.js Show response
s.flocdn.com/@s1/dpl/4.15.0/ 53 KB
16 KB 13ms
12ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/lib/UiSyndication.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 14 Mar 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id: 7vFAJa757erdk2WKjVQ7yYMc87mDzKPA
last-modified: Wed, 13 Mar 2024 21:54:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2860199
etag: "cbe576251bb163f6c0072e2f2c93f563"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 15985
x-amz-cf-id: TjYFKOsBqsWoF78f6Y0mUw3CldRxoc_guF9HLAnG2rpb-wMyZrxHWg==

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 187 KB
73 KB 25ms
24ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/58d657bab/lib/UiSyndication.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

sffe /

Resource Hash

c701f996a0be4427f9f2517313d8f27db0269f9a50d045a5c4b88c7523137cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "311091886658279868"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Tue, 16 Apr 2024 22:19:43 GMT

GET
H2 200 texture.png
s.flocdn.com/layout/gd05/ 83 KB
83 KB 10ms
10ms Image
image/png 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/gd05/texture.png
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9nrwm6vbihUL1RldyKfYApKff2o.FEKN
date: Tue, 16 Apr 2024 00:12:26 GMT
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2017 22:02:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79638
etag: "57bbfe7c227619d47a41639eba996150"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-version-id: HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-length: 84780
x-amz-cf-id: xX4LSqZyN72Q2F5qv8j8P4N6ovNo6_BAOOsEuIpojlVt2yUleWulgg==

GET
H2 200 arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 86 KB
86 KB 14ms
14ms Image
image/png 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by: Host: tooth-replacement-4741609.live
URL: https://tooth-replacement-4741609.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
date: Tue, 16 Apr 2024 04:07:26 GMT
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 19:08:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 65645
etag: "9ca21edfdf15faf735dad1f024227fbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 87916
x-amz-cf-id: WEgWuNLU6O-DrgDZiJgSLorbHjv5A_CcxiTZ_khkeDxJ73Gdx7m7QA==

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 414 B
280 B 32ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tooth-replacement-4741609.live&client=dp-dotzup27_3ph_js&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ccb240ccbf5d2daab67816610acc22f86af2e64f897b0db3ffe4b0dfafca80df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads
www.adsensecustomsearchads.com/afs/ Frame D9E1 0
0 125ms
97ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Ftooth-replacement-4741609.live%2Fserp%3Fsc%3DDm9insK5bOHR20%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2588225825898081&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301467%2C17301470%2C17301472%2C17301266&client_gdprApplies=1&format=r5&nocache=4851713305983712&num=0&output=afd_ads&domain_name=tooth-replacement-4741609.live&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1713305983712&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Ftooth-replacement-4741609.live%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-X-7G-CSD6DQ-Cy2kk0KI5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tooth-replacement-4741609.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2892
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-X-7G-CSD6DQ-Cy2kk0KI5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 16 Apr 2024 22:19:43 GMT
expires: Tue, 16 Apr 2024 22:19:43 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H2 204 dplpxs
soflopxl.com/ 0
203 B 95ms
30ms Ping
text/plain 54.216.204.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.204.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-204-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tooth-replacement-4741609.live
date: Tue, 16 Apr 2024 22:19:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Tue, 16 Apr 2024 22:19:42 GMT

GET
H2 204 favicon.ico
tooth-replacement-4741609.live/ 0
103 B 118ms
118ms Other
text/plain 104.17.157.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tooth-replacement-4741609.live/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:19:44 GMT
cache-control: public, max-age=14400
cf-cache-status: MISS
server: cloudflare
cf-ray: 87578eff58222c49-FRA
vary: Accept-Encoding
expires: Wed, 17 Apr 2024 02:19:44 GMT

POST
H2 204 dplpxs
soflopxl.com/ 0
202 B 39ms
39ms Ping
text/plain 54.216.204.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.204.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-204-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tooth-replacement-4741609.live
date: Tue, 16 Apr 2024 22:19:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Tue, 16 Apr 2024 22:19:43 GMT

POST
H2 200 mon Show response
obs.system1onesource.com/ 0
157 B 110ms
109ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.system1onesource.com/mon
Requested by: Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tooth-replacement-4741609.live
date: Tue, 16 Apr 2024 22:19:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.system1onesource.com/ 0
16 B 195ms
195ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.system1onesource.com/mon
Requested by: Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tooth-replacement-4741609.live
date: Tue, 16 Apr 2024 22:19:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
907 B 50ms
28ms Image
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=fyw70ji84it4&aqid=f_keZoziL5P9mLAPhuGxkAI&psid=1646507740&pbt=bs&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=623135625&csala=2%7C0%7C136%7C33%7C4&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-77fwOs4ROhIBJBJBMdSj4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-77fwOs4ROhIBJBJBMdSj4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 16 Apr 2024 22:19:45 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
215 B 31ms
31ms Image
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=2py5zhsb80la&aqid=f_keZoziL5P9mLAPhuGxkAI&psid=1646507740&pbt=bv&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=623135625&csala=2%7C0%7C136%7C33%7C4&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-9XyjOCi4TwnBlbXVLDiPlQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9XyjOCi4TwnBlbXVLDiPlQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 16 Apr 2024 22:19:45 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 mon Show response
obs.system1onesource.com/ 0
39 B 103ms
102ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.system1onesource.com/mon
Requested by: Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://tooth-replacement-4741609.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tooth-replacement-4741609.live
date: Tue, 16 Apr 2024 22:19:46 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tooth-replacement-4741609.live/	1969-12-31 23:59:59	Name: _cfuvid Value: L8liKOnFvjTpchjNp2siSUEX9PGQm9HXXjTNZfoJoWo-1713305982741-0.0.1.1-604800000
.tooth-replacement-4741609.live/	1970-01-20 22:06:29	Name: _cq_duid Value: 1.1713305982.lWSwBGWNl5VNpnpC
.tooth-replacement-4741609.live/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1713305982.0SkOJIm9pwxYZzXM
obs.system1onesource.com/	1970-01-21 03:58:56	Name: cg_uuid Value: 97f9aed59cbd8593f30d6227fbc4081d
.tooth-replacement-4741609.live/	1970-01-20 22:04:41	Name: _gcl_au Value: 1.1.906511874.1713305983
.doubleclick.net/	1970-01-20 19:55:06	Name: test_cookie Value: CheckForPermission
.tooth-replacement-4741609.live/	1970-01-21 05:16:41	Name: __gsas Value: ID=657b917dff6f586c:T=1713305983:RT=1713305983:S=ALNI_MacIapJj2qQkq43uaEk2O5la7nGPQ

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://tooth-replacement-4741609.live/263e3b0a-b94f-4db9-b8d1-fc3f50fd3ffd(Line 1) Message: Error
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 220) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tooth-replacement-4741609.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
ob.system1onesource.com
obs.system1onesource.com
partner.googleadservices.com
s.flocdn.com
soflopxl.com
tooth-replacement-4741609.live
www.adsensecustomsearchads.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.157.1
142.250.185.132
142.250.186.130
142.250.186.34
172.217.16.194
18.66.147.49
216.58.212.163
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:206f:a800:e:52c5:2040:93a1
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
54.216.204.156
03139b38bbe884f0544dad182412babc6761ced7f52971dc1594c569728240ea
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1ac7927c7e69adf96b9530275ddb398e79bc5e28a2424045e036964c3e90c82b
23db7e63da6ddcb4647ce5c6003f66203fce90a80d0fdee60fb1fbda6f2e774c
29cea63c89a9fcde7bc9a0dd86b3e9c8300c24b590b3e4c0401acfefee6afa0f
4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020
5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6
6d22d1675fe0c1b02950cd71daf3f7e18fdd51eb4b837f4fc2fa7e3027c6df2a
7d5aee1c639f8a589403b234d1a3a5d70e2a96acc3800c1339cdd043c0f145f6
8ccbd340e90788480f558c327bb4cad308766163ed9a09b95e7c2ddb5065116c
9144318ec2fde40c41ee56ac8b9703064dac246a3aed02ff023f785d40af932d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
9fc0793c33a831ec8892882c7c9f37111760fae75cf1538b80e1e3d2690053f2
aa9b093802f080d05977e5d5d92d758f0823e11d244eee3b15a5f2e8e37f3ac3
b69e0e0098212648f5990d84e652452c5eea966479045a767e1243c33915bd33
c701f996a0be4427f9f2517313d8f27db0269f9a50d045a5c4b88c7523137cea
c8315f55ffbb217cfb539866ca375669964d8b75304a2933ef4b58d5c2c27409
ccb240ccbf5d2daab67816610acc22f86af2e64f897b0db3ffe4b0dfafca80df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e601b3d9d28a67b8918940a5096212487fae564ad410cdc01615f344c8d20d37
eeae7babd81e33260e687a21c81b205fe6101c0e219d165d188d0d5ca9a34d9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

tooth-replacement-4741609.live Open in urlscan Pro 104.17.157.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

85 %HTTPS

33 %IPv6

10 Domains

12 Subdomains

12 IPs

4 Countries

1072 kBTransfer

2910 kBSize

7 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tooth-replacement-4741609.live Open in urlscan Pro
104.17.157.1 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

85 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1072 kB
Transfer

2910 kB
Size

7
Cookies

34 HTTP transactions
1 data transactions