urlscan.io logo urlscan.io
SecurityTrails logo

intake.scriptderm.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://intake.scriptderm.com/
Submission: On September 05 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 16 domains to perform 34 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is intake.scriptderm.com.
TLS certificate: Issued by WE1 on September 2nd 2024. Valid for: 3 months.
This is the only time intake.scriptderm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 34.102.180.111 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.224.189.74 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 157.240.0.6 32934 (FACEBOOK)
1 52.92.195.200 16509 (AMAZON-02)
2 172.217.18.2 15169 (GOOGLE)
2 142.250.185.200 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2 142.250.185.162 15169 (GOOGLE)
2 2 172.217.18.4 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 172.64.153.29 13335 (CLOUDFLAR...)
34 17
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
intake.scriptderm.com
2    34.102.180.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.180.102.34.bc.googleusercontent.com
www.bls29trk.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net
dashboard.heatmap.com
1    2606:4700::6812:4e6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.stunning-joking-cotton.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    52.92.195.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
2    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2606:4700:3036::ac43:b89e (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.cdnfonts.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
Apex Domain
Subdomains		 Transfer
7 scriptderm.com
intake.scriptderm.com
1005 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
386 KB
3 heatmap.com
dashboard.heatmap.com — Cisco Umbrella Rank: 67959
31 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 google.nl
www.google.nl — Cisco Umbrella Rank: 9563
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 10
48 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
49 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
76 KB
2 bls29trk.com
www.bls29trk.com
19 KB
1 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 11800
5 KB
1 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 9520
1 KB
1 amazonaws.com
s3-us-west-2.amazonaws.com
24 KB
1 stunning-joking-cotton.com
www.stunning-joking-cotton.com — Cisco Umbrella Rank: 513476
34 KB
34 16
Domain Requested by
7 intake.scriptderm.com intake.scriptderm.com
4 www.googletagmanager.com intake.scriptderm.com
www.googletagmanager.com
3 dashboard.heatmap.com intake.scriptderm.com
dashboard.heatmap.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google.nl intake.scriptderm.com
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net 2 redirects
2 www.facebook.com intake.scriptderm.com
2 www.googleadservices.com www.googletagmanager.com
2 connect.facebook.net intake.scriptderm.com
connect.facebook.net
2 www.bls29trk.com intake.scriptderm.com
www.bls29trk.com
1 cdn.prod.website-files.com
1 p.typekit.net use.typekit.net
1 fonts.cdnfonts.com intake.scriptderm.com
1 use.typekit.net intake.scriptderm.com
1 s3-us-west-2.amazonaws.com intake.scriptderm.com
1 www.stunning-joking-cotton.com intake.scriptderm.com
34 17

This site contains no links.

Subject Issuer Validity Valid
intake.scriptderm.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
bls29trk.com
Starfield Secure Certificate Authority - G2		 2024-04-24 -
2025-04-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
dashboard.heatmap.com
Amazon RSA 2048 M02		 2024-01-07 -
2025-02-05		 a year crt.sh
stunning-joking-cotton.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-07-15 -
2025-07-08		 a year crt.sh
*.googleadservices.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-27 -
2025-09-27		 a year crt.sh
cdnfonts.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
prod.website-files.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://intake.scriptderm.com/
Frame ID: 72356A7D56F3E619A03411A88FFF2697
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Script Derm

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

88 %
HTTPS

50 %
IPv6

16
Domains

17
Subdomains

17
IPs

2
Countries

1592 kB
Transfer

4821 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIt_DNwdWriAMVHYqDBx2izhF2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIt_DNwdWriAMVHYqDBx2izhF2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfrxWouYv0cMiOqWIdf6DaROzEsJiJZw&random=156789561 HTTP 302
  • https://www.google.nl/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIt_DNwdWriAMVHYqDBx2izhF2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfrxWouYv0cMiOqWIdf6DaROzEsJiJZw&random=156789561&ipr=y
Request Chain 21
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJvHsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChAI8K3ltgYQvv7cz52R3Pc7Eh0Agb3GyRKrU5iL0yOuD-MQR2zs7NTDzRaYRPEoZg&pscrd=IhMIiqLYwdWriAMVsouDBx0HdAs6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJvHsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIiqLYwdWriAMVsouDBx0HdAs6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfR5H9dH8_4ahvU4HFnPcp89Ox0m29gUCCG8heFoDGeB-CAELv&eitems=ChAI8K3ltgYQvv7cz52R3Pc7Eh0Agb3GyT-uvQceiWEDCSKt1OXW2uDER4SriEHlcw&random=47029326 HTTP 302
  • https://www.google.nl/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJvHsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIiqLYwdWriAMVsouDBx0HdAs6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfR5H9dH8_4ahvU4HFnPcp89Ox0m29gUCCG8heFoDGeB-CAELv&eitems=ChAI8K3ltgYQvv7cz52R3Pc7Eh0Agb3GyT-uvQceiWEDCSKt1OXW2uDER4SriEHlcw&random=47029326&ipr=y

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
intake.scriptderm.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6886788ae2c57324e509890d7099004e5e03afe019c8aaa410f8e1021e0c4a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8be5c688aebdd355-FRA
content-disposition
inline; filename="index.html"
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 05 Sep 2024 11:10:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAmqmJw9bNQdgRNKItEZux5dgsfOVFMQSn%2F9uKNrrU8jxb6ZDalDer%2BBSXM0qg5Pm0Blr2FU4o9FhXF8AnxfzYp3nYalPJtLXgVt4ZqHt2sWrweDpTshlU14pNlrrm3bqpB1tR3BGqz%2BnKXCEVSBXojRsfw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=7776000
vary
Accept-Encoding
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
everflow.js
www.bls29trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bls29trk.com/scripts/sdk/everflow.js
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.180.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
67b12da2757acb5166036f9079fd67a60374f1ddceec61b0df07340e7ecd0952

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
d21dc1e9-87fb-4d05-a3d9-7755f7c2bff5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.googletagmanager.com/gtag/ 		275 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-663616217
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40bd6d3e572c93c9fe87d2a8d0a1d10c944cc2212aa8ed70f2750c06031b9670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96152
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 11:10:55 GMT
main.c56fdde2.js
intake.scriptderm.com/static/js/ 		3 MB
719 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intake.scriptderm.com/static/js/main.c56fdde2.js
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b54b6867217348d5fa1db18998dce655df06bd9ef279b55026e725c4c514b6
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
strict-transport-security
max-age=7776000
content-disposition
inline; filename="main.c56fdde2.js"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
"1218a268b613253f44e1327d3ba00d74f0475a33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOyEcjro2QX%2F2tIjkZcv8EQEm6K8NoWRauTPoqD1hsS%2FZi6mTOnD9xWHlob2A5j6ggz8d1Z21ZAMCRz5J5aB4RK8wzOWf7%2BwJ0S2SBaT3L%2Buj0y99ZTINtfiEeKZaaRAJLKkON7rlqoUoSOiwRacXWaY%2BTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
private
cf-ray
8be5c68c5bf6d355-FRA
main.c9557b98.css
intake.scriptderm.com/static/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intake.scriptderm.com/static/css/main.c9557b98.css
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c070c42604f00d3dac686a01ba7c864884d90c2ea5d8e6c12548b987a125a1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
strict-transport-security
max-age=7776000
content-disposition
inline; filename="main.c9557b98.css"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
"41d66760b3e75b37896906e68e7db6470b9e9640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uo%2B7YGHWOw2Txpg1CQNgsecUQqHMqOeqqsBjJJx0wBdMGr98z1QpF2%2FNT0o1%2BWzWWvpywc5D%2FyuorPhm22JkDkE%2FOtlI9mHqgs%2Frr56Mn6l1zPuZNVZ2vVDomSuM77kveabsoirYpfO%2FhYH8Oseeb%2B2CmfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
private
cf-ray
8be5c68b2fd3d355-FRA
conversions.js
dashboard.heatmap.com/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.heatmap.com/conversions.js?siteId=1910
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
ed2ccdaf9cfc10dfcfd8201bf90b4e4233b76088c30e5dfc10422e0a630a2e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
29536
x-xss-protection
1; mode=block
pragma
public
referrer-policy
origin
last-modified
Thu, 22 Aug 2024 13:37:20 GMT
server
nginx/1.22.1
etag
"66c73f10-7360"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
NbWoYMieX7k1l664ZWOWcn-XSzQfpdSfWqFRwfIw4G5qSYJNqPgiHg==
expires
Thu, 05 Sep 2024 12:10:55 GMT
-zfVVsUdrttx3kHXQRPWTDAKOM5UwQMgPobRaYvh0xGkA_l_WPWUMgBGjmR_GUMGScFHRmI_ih56gaRu76NtOw~~
www.stunning-joking-cotton.com/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stunning-joking-cotton.com/-zfVVsUdrttx3kHXQRPWTDAKOM5UwQMgPobRaYvh0xGkA_l_WPWUMgBGjmR_GUMGScFHRmI_ih56gaRu76NtOw~~?hid=&uid=&v=3.2.2
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b73f02b783e43267d351cf9e90455e23bfe2d84d8052ae5da303a170c5c9ac48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-backend-connect-time
0.000
content-encoding
gzip
x-backend-status
200
x-backend-server
hydra-mesh8-1
x-xss-protection
0
pragma
no-cache
referrer-policy
never, no-referrer
x-backend-response-time
0.012
server
cloudflare
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-robots-tag
none
cf-ray
8be5c68e2b66d27a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gtm.js
www.googletagmanager.com/ 		260 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFTZFDVL
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cb04c9b35edf51750b64f9128f47bee30a9a44ad89393ebe12b52f475507624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93833
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 11:10:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 05 Sep 2024 11:10:55 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4310, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
St0O/1PMELPxUyA7b6wmHWIeWqkmiVwu0IF50jGseEfhra93Z1JE2nuZ7CCoJDFhMdrmCaIz+bWCGW8Ks944Eg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/8M0H8MN7/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/jsstore/a/8M0H8MN7/ge.js
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.195.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
feef9f7157370f4319923c3fbcfb75291ac191207dd53a5b58970f7606a631b5

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 11:10:56 GMT
Last-Modified
Wed, 04 Sep 2024 14:56:46 GMT
Server
AmazonS3
x-amz-request-id
1WC5WZ4W41C9891D
ETag
"a655c9d233c909bb86561d7e740c669e"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
23698
x-amz-id-2
fZJyYomUCkRWrW03hLY0AQ7kw4hLyJjeF92snJZcujdqhccaeUvo+ZPxAlfMBfHOii1BlCplFmI=
Expires
Fri, 04 Oct 2024 14:56:45 GMT
/
www.googleadservices.com/pagead/conversion/663616217/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/663616217/?random=1725534655491&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-663616217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
68eae46816b442c8b6ebb63eb5f687f135b5785df642ae2b52041ab105bc5b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2542
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
917049193283139
connect.facebook.net/signals/config/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/917049193283139?v=2.9.167&r=stable&domain=intake.scriptderm.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
ba138e5c4cf88d3e814582d4c2e96eba38488e249d917b534b8ac8b3de1a7f26
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 05 Sep 2024 11:10:55 GMT
document-policy
force-load-at-top
x-fb-server-load
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=74, mss=1232, tbw=67012, tp=63, tpl=0, uplat=96, ullat=0
pragma
public
x-fb-debug
AS0jp0W64tTndsI4GWCvlvOqwIpe0byDssuOCAEJP3RHWXriTP4aIOAIepE5F4WiQf/7NrIY7P6JY4Gb49+MeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		328 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KKYQ6SR2T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFTZFDVL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
556ad934af748efce0a0544f0204a21fef1e01207b7457d279a393fd87d2b17e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Sep 2024 11:10:55 GMT
destination
www.googletagmanager.com/gtag/ 		269 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11405995320&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFTZFDVL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb8e41ef62e94e9a5448be10cf6ee95aff58b634e37a7f324d35fb9eae6841de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94726
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 11:10:55 GMT
fpo5xjz.css
use.typekit.net/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/fpo5xjz.css
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/static/css/main.c9557b98.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
19b11ad338065e247ca4271b5953eef461e383a41bd92e032c2272e8f19671ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 05 Sep 2024 11:10:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1073
helvetica-neue-55
fonts.cdnfonts.com/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/helvetica-neue-55
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/static/css/main.c9557b98.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b89e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c028a977045e1dcf22dd4f44ff375d50a19ca81e7c2c3fa79817704c5e140b69

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14388135
cf-polished
origSize=11347
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 22:28:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrG738h%2BI4V05wXQ7jerg6k0DA0f9tEJV0ti6J2BOaMDhS81zJqtQVTRRmCAy%2BlQZqK9KMgQ5MSyCokYLUxrPySBGWrpmOLAJWI3qs7YPuskmfM8SABZjZa1wpO1qF%2FI8EtqGsBp2SoxrbOOpRBlpgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
8be5c68f789a35fe-FRA
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=917049193283139&ev=PageView&dl=https%3A%2F%2Fintake.scriptderm.com&rl=&if=false&ts=1725534655806&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12316&fbp=fb.1.1725534655801.747437133559467768&cs_est=true&pm=1&hrl=18fd8a&ler=empty&cdl=API_unavailable&it=1725534655527&coo=false&cs_cc=1&ccs=934799724673499%2C1142239300520814%2C3185973774871058%2C751911210164103&cas=7888201794608688%2C7436919176412962%2C8717816358270424%2C7025940584175912%2C7788393511230259%2C26195826933342004%2C7723410031074477%2C7600318226682363%2C26214801768118205%2C8326204614108930%2C8599606133391444%2C8117087058337607&rqm=GET
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=2846, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 11:10:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=917049193283139&ev=PageView&dl=https%3A%2F%2Fintake.scriptderm.com&rl=&if=false&ts=1725534655806&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12316&fbp=fb.1.1725534655801.747437133559467768&cs_est=true&pm=1&hrl=18fd8a&ler=empty&cdl=API_unavailable&it=1725534655527&coo=false&cs_cc=1&ccs=934799724673499%2C1142239300520814%2C3185973774871058%2C751911210164103&cas=7888201794608688%2C7436919176412962%2C8717816358270424%2C7025940584175912%2C7788393511230259%2C26195826933342004%2C7723410031074477%2C7600318226682363%2C26214801768118205%2C8326204614108930%2C8599606133391444%2C8117087058337607&rqm=FGET
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3309c948dbf7722b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:7147903001989583","24:7187320388012325","7830:7147903001989583","7830:7187320388012325","10853:7147903001989583","10853:7187320388012325","41:7147903001989583","41:7187320388012325","8046:7147903001989583","8046:7187320388012325"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 05 Sep 2024 11:10:56 GMT
x-fb-server-load
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411114913371221946", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=14, mss=1297, tbw=3164, tp=-1, tpl=-1, uplat=136, ullat=0
pragma
no-cache
x-fb-debug
uyVMQXaMa/5zGJEOS3PkJVI96pAEmfp3fv+WZmP42RmJEhO/ionI7CjVEAcJOLVBRURoZ05xbiMpjs2535wSGA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411114913371221946"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.nl/pagead/1p-conversion/663616217/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=...
  • https://www.google.com/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp...
  • https://www.google.nl/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIt_DNwdWriAMVHYqDBx2izhF2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfrxWouYv0cMiOqWIdf6DaROzEsJiJZw&random=156789561&ipr=y
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-conversion/663616217/?random=861612411&cv=11&fst=1725534655491&bg=ffffff&guid=ON&async=1&gtm=45be4930v9108197149za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=EdKmCMeGvbYZENn1t7wC&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&gtm_ee=1&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIt_DNwdWriAMVHYqDBx2izhF2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfrxWouYv0cMiOqWIdf6DaROzEsJiJZw&random=156789561&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion
www.bls29trk.com/sdk/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.bls29trk.com/sdk/conversion?effp=d9582ee28683176981cd3c39a5e7b6b9&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&transaction_id=&event_id=0&aid=6&event_source_url=intake.scriptderm.com
Requested by
Host: www.bls29trk.com
URL: https://www.bls29trk.com/scripts/sdk/everflow.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.180.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:55 GMT
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
access-control-allow-origin
https://intake.scriptderm.com
access-control-allow-credentials
true
x-eflow-request-id
27aba3ea-2e5a-4634-b419-67fd217327e4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.googleadservices.com/pagead/conversion/11405995320/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11405995320/?random=1725534655853&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11405995320&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
dbd5f23e22dd59b1576233077eb0d677cca973430c3ee0a44cec16249703423c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2576
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1KKYQ6SR2T&gtm=45je4930v9177526614z89177454190za200zb9177454190&_p=1725534655411&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1926484307.1725534656&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725534655&sct=1&seg=0&dl=https%3A%2F%2Fintake.scriptderm.com%2F&dt=Skinny%20RX&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1307
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KKYQ6SR2T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://intake.scriptderm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-conversion/11405995320/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb917745419...
  • https://www.google.com/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dm...
  • https://www.google.nl/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJvHsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIiqLYwdWriAMVsouDBx0HdAs6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfR5H9dH8_4ahvU4HFnPcp89Ox0m29gUCCG8heFoDGeB-CAELv&eitems=ChAI8K3ltgYQvv7cz52R3Pc7Eh0Agb3GyT-uvQceiWEDCSKt1OXW2uDER4SriEHlcw&random=47029326&ipr=y
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-conversion/11405995320/?random=1826176503&cv=11&fst=1725534655853&bg=ffffff&guid=ON&async=1&gtm=45be4930v9194271552z89177454190za201zb9177454190&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fintake.scriptderm.com%2F&label=Qu7DCIKN26QZELja5r4q&hn=www.googleadservices.com&frm=0&tiba=Skinny%20RX&value=0&npa=1&pscdl=noapi&auid=783821735.1725534655&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJvHsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIiqLYwdWriAMVsouDBx0HdAs6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2ludGFrZS5zY3JpcHRkZXJtLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfR5H9dH8_4ahvU4HFnPcp89Ox0m29gUCCG8heFoDGeB-CAELv&eitems=ChAI8K3ltgYQvv7cz52R3Pc7Eh0Agb3GyT-uvQceiWEDCSKt1OXW2uDER4SriEHlcw&random=47029326&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=fpo5xjz&ht=tk&f=14548.18438.18439.18440.18443.18444.18445.49469.49476.51230.51231&a=67884867&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fpo5xjz.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:56 GMT
last-modified
Thu, 21 Mar 2024 06:19:53 GMT
server
nginx
etag
"65fbd189-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
conversions.php
dashboard.heatmap.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.heatmap.com/conversions.php?siteId=1910&dataLayer=populate
Requested by
Host: dashboard.heatmap.com
URL: https://dashboard.heatmap.com/conversions.js?siteId=1910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
719bef2043b02cbccd0efc9d4420b0df2b7094293681f129676480498a7dbdcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:56 GMT
via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
referrer-policy
origin
x-content-type-options
nosniff
server
nginx/1.22.1
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
gMneJSs--A2ZzcovRFIXmYbbI64XJxHIvEr773RJXYR_SQlv4rtIPw==
x-xss-protection
1; mode=block
720d8ee1-8eb4-47e4-a939-e38be359f4bd
https://intake.scriptderm.com/ 		0
0
31248ebc-5f50-4569-a4f5-ba584ad39f8f
https://intake.scriptderm.com/ 		0
0
logoScript.802607c7a86045459032.png
intake.scriptderm.com/static/media/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intake.scriptderm.com/static/media/logoScript.802607c7a86045459032.png
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6c2d9834af038dc39e8d70baa0204421921b31edf225cd7ff984b449e9d31b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:56 GMT
strict-transport-security
max-age=7776000
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
content-disposition
inline; filename="logoScript.802607c7a86045459032.png"
alt-svc
h3=":443"; ma=86400
content-length
52701
server
cloudflare
etag
"a34d95867598baded17fe8760c564a4edca766b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxLBNN5RQJYhdf5DMVZiH4JtyvX9FV3IcNDbp3KFzf7ajM7rtkO9Pyq6MijHawhyN0tRu8aYQOOon3%2FwAd1vL3K%2FxpCUQTSoQCuUOiz%2BjSdTlBJKIM8MlVuIpVEUGPJtUkl8cab8rOf2LTnt2NfcMjpaQuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
accept-ranges
bytes
cf-ray
8be5c6938b8ad355-FRA
overlay.3b7e3a067199c792f21f.png
intake.scriptderm.com/static/media/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intake.scriptderm.com/static/media/overlay.3b7e3a067199c792f21f.png
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/static/css/main.c9557b98.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2884bfca4de06f8cfcdbaa201c4f6bc2badc33b2110b7521ec719dacdcaceee
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/static/css/main.c9557b98.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:56 GMT
strict-transport-security
max-age=7776000
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
content-disposition
inline; filename="overlay.3b7e3a067199c792f21f.png"
alt-svc
h3=":443"; ma=86400
content-length
165283
server
cloudflare
etag
"c52d11c0c8fd5fb6aa1f8a3cfee7a0a2bb2aa66e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEUktS2gj26G%2F6O4XUEzjAM%2F2sqC%2ForQTIRXAMBEkbdYMOEkCM5G4C%2F%2FhgS8FQ03902Mp9%2B4uXIlSAYe%2B465s5fgZaYjkt1RjReHTIXhVwnC1uOlZQZjKPb7KULGpy2UFnv18gno9%2BmERMgz%2FQv22T07T%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
accept-ranges
bytes
cf-ray
8be5c6939bc6d355-FRA
charter_bold.d8ad8bfbb52fef440ce3.woff2
intake.scriptderm.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intake.scriptderm.com/static/media/charter_bold.d8ad8bfbb52fef440ce3.woff2
Requested by
Host: intake.scriptderm.com
URL: https://intake.scriptderm.com/static/css/main.c9557b98.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7c6aadefb1318729ac10048a85faeb6eccfbe4d4ecb2e582747663a3915792
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/static/css/main.c9557b98.css
Origin
https://intake.scriptderm.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:56 GMT
strict-transport-security
max-age=7776000
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
content-disposition
inline; filename="charter_bold.d8ad8bfbb52fef440ce3.woff2"
alt-svc
h3=":443"; ma=86400
content-length
15028
server
cloudflare
etag
"2bced824b75d5867ac3b13ba33ca4ae10d559282"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToeFhxErI7i93J1vJjsrjtAuBq2U8hd6s%2F4gnvI6vD00oiMXSShZKhjrlYVBDR4o1rNBcATwmVPIWdQIdadWCPwDW3H%2FdtdX8r8CEf0Op%2FCoE2eQzvowyNeAnARqYV0FVSE%2B8GuKnU1BKJS3qoKrZxv5CGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
private
accept-ranges
bytes
cf-ray
8be5c693abf2d355-FRA
conversions.php
dashboard.heatmap.com/ 		75 B
385 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dashboard.heatmap.com/conversions.php?siteId=1910&request=debug
Requested by
Host: dashboard.heatmap.com
URL: https://dashboard.heatmap.com/conversions.php?siteId=1910&dataLayer=populate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
c852bcc6a0e8ad680d82ef9dc52c5b222ead775bb17b9cfd292d9a73e80550cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 05 Sep 2024 11:10:57 GMT
via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
referrer-policy
origin
x-content-type-options
nosniff
server
nginx/1.22.1
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JX-aRZ7UWwtVbRyo-SUlIA9-b6XrA2NoBsreP7Ev0AaMzI4SuT38hA==
x-xss-protection
1; mode=block
65e54f2e0d5bd9279992f233_favicon%20script.png
cdn.prod.website-files.com/659408738f3f7a64437267c4/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/659408738f3f7a64437267c4/65e54f2e0d5bd9279992f233_favicon%20script.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73341205beda549a7e5c4cc73f2093714911ed9a7fe7213f7c5ef0403da2d079

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:57 GMT
x-amz-version-id
A7JnyhZmKLl5mlKBidEWPHyot0bf8mYB
cf-cache-status
HIT
x-amz-request-id
2BA14KAF8P195HBE
age
410559
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
5190
x-amz-id-2
61ixXCljQraHe7o1/b3baxMCY9xmdwClK+4IERpTOKYpquWUgW26orcdkfcnnYU1aHela26kftc=
last-modified
Mon, 04 Mar 2024 04:33:52 GMT
server
cloudflare
etag
"8810360636db417db879dfc1e19da7ff"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8be5c6965aab35ee-FRA
favicon.ico
intake.scriptderm.com/ 		261 KB
41 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://intake.scriptderm.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1371c8fd70a0c1183aabba6538962edbb73ff02f87c28b91a3321f213e02e913
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 11:10:57 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
c6baf635-de32-442b-9f3e-824150600193
x-do-orig-status
200
strict-transport-security
max-age=7776000
content-disposition
inline; filename="favicon.ico"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
"a2b5d895c7343272941d86b83accb1e004b5f5d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbGYwzfkeUMl96%2FMDqHE9dXqUreT%2FbbzqoQMSgGwsIOYuaxjTxs9Mr1YFna%2FLYdTIEatWGcJlhXKLixMFvBOfLu91bkGmyOwfcRo6ZclTpNZ6cwRjh3gyG88myJo48rwQX4LL498UaHAtg7hyYwhOPOFWZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
private
cf-ray
8be5c6969df6d355-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1KKYQ6SR2T&gtm=45je4930v9177526614za200zb9177454190&_p=1725534655411&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1926484307.1725534656&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1725534655&sct=1&seg=0&dl=https%3A%2F%2Fintake.scriptderm.com%2F&dt=Skinny%20RX&en=scroll&epn.percent_scrolled=90&_et=24&tfd=6341
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KKYQ6SR2T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://intake.scriptderm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 11:11:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://intake.scriptderm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
intake.scriptderm.com
URL
blob:https://intake.scriptderm.com/720d8ee1-8eb4-47e4-a939-e38be359f4bd
Domain
intake.scriptderm.com
URL
blob:https://intake.scriptderm.com/31248ebc-5f50-4569-a4f5-ba584ad39f8f

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| heatmapLoadConversionSnippet function| getURLParameter function| jumbleberry object| EF object| dataLayer function| insertIframeWithTransactionId function| fbq function| _fbq function| gtag object| geq object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| convObj object| jumbleberryParams string| jumbleberryDomain object| jumbleberryCampaigns object| jumbleberryQueue object| jumbleberryCache object| Snowplow string| previousCookieDomain string| domainHash object| idCookieComponents function| GeAnalytics function| _0x199638 boolean| geqpreprun function| run_ge function| _0x4118 function| _0xe4da object| _geq object| webpackChunkform object| regeneratorRuntime function| _ function| sprintf function| vsprintf string| __reactRouterVersion object| __heic2any__worker function| Inputmask function| loadDataLayer

8 Cookies

Domain/Path Name / Value
.scriptderm.com/ Name: _gcl_au
Value: 1.1.783821735.1725534655
.scriptderm.com/ Name: _fbp
Value: fb.1.1725534655801.747437133559467768
.scriptderm.com/ Name: _ga
Value: GA1.1.1926484307.1725534656
.scriptderm.com/ Name: _ga_1KKYQ6SR2T
Value: GS1.1.1725534655.1.0.1725534655.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmAfDF6hGdD5GzHrLzTD-8SGfRY3Pmw9xvAKFgtNM6KnFUODQudQFh0dNRa
.scriptderm.com/ Name: -zfVVsUdrttx3kHXQRPWTses
Value: *
.scriptderm.com/ Name: -zfVVsUdrttx3kHXQRPWTid
Value: 57ab74d8-05ab-55be-8ded-d1ece5baee99.1725534656.1.1725534656.1725534656.d5e973e1-6691-4c6c-8dda-a28e6895e508
intake.scriptderm.com/ Name: session_id
Value: 6767aa20-2f1b-4819-8340-92018268e4f6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.prod.website-files.com
connect.facebook.net
dashboard.heatmap.com
fonts.cdnfonts.com
googleads.g.doubleclick.net
intake.scriptderm.com
p.typekit.net
region1.google-analytics.com
s3-us-west-2.amazonaws.com
use.typekit.net
www.bls29trk.com
www.facebook.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.stunning-joking-cotton.com
intake.scriptderm.com
13.224.189.74
142.250.185.162
142.250.185.200
157.240.0.6
172.217.18.2
172.217.18.4
172.64.153.29
2001:4860:4802:34::36
2606:4700:3036::ac43:b89e
2606:4700::6812:4e6
2a00:1450:4001:806::2008
2a00:1450:4001:810::2003
2a02:26f0:480:f::213:7ec6
2a02:26f0:780::210:a469
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
34.102.180.111
52.92.195.200
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
1371c8fd70a0c1183aabba6538962edbb73ff02f87c28b91a3321f213e02e913
19b11ad338065e247ca4271b5953eef461e383a41bd92e032c2272e8f19671ff
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31b54b6867217348d5fa1db18998dce655df06bd9ef279b55026e725c4c514b6
40bd6d3e572c93c9fe87d2a8d0a1d10c944cc2212aa8ed70f2750c06031b9670
4cb04c9b35edf51750b64f9128f47bee30a9a44ad89393ebe12b52f475507624
4f6886788ae2c57324e509890d7099004e5e03afe019c8aaa410f8e1021e0c4a
556ad934af748efce0a0544f0204a21fef1e01207b7457d279a393fd87d2b17e
67b12da2757acb5166036f9079fd67a60374f1ddceec61b0df07340e7ecd0952
68eae46816b442c8b6ebb63eb5f687f135b5785df642ae2b52041ab105bc5b10
719bef2043b02cbccd0efc9d4420b0df2b7094293681f129676480498a7dbdcd
73341205beda549a7e5c4cc73f2093714911ed9a7fe7213f7c5ef0403da2d079
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2c070c42604f00d3dac686a01ba7c864884d90c2ea5d8e6c12548b987a125a1
b73f02b783e43267d351cf9e90455e23bfe2d84d8052ae5da303a170c5c9ac48
ba138e5c4cf88d3e814582d4c2e96eba38488e249d917b534b8ac8b3de1a7f26
bf6c2d9834af038dc39e8d70baa0204421921b31edf225cd7ff984b449e9d31b
c028a977045e1dcf22dd4f44ff375d50a19ca81e7c2c3fa79817704c5e140b69
c2884bfca4de06f8cfcdbaa201c4f6bc2badc33b2110b7521ec719dacdcaceee
c852bcc6a0e8ad680d82ef9dc52c5b222ead775bb17b9cfd292d9a73e80550cd
ca7c6aadefb1318729ac10048a85faeb6eccfbe4d4ecb2e582747663a3915792
dbd5f23e22dd59b1576233077eb0d677cca973430c3ee0a44cec16249703423c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2ccdaf9cfc10dfcfd8201bf90b4e4233b76088c30e5dfc10422e0a630a2e21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb8e41ef62e94e9a5448be10cf6ee95aff58b634e37a7f324d35fb9eae6841de
feef9f7157370f4319923c3fbcfb75291ac191207dd53a5b58970f7606a631b5