consultation.grubaughortho.com Open in urlscan Pro
20.49.97.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://consultation.grubaughortho.com/
Submission: On January 10 via api (January 10th 2025, 3:48:02 am UTC) from US — Scanned from CH

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 26 domains to perform 104 HTTP transactions. The main IP is 20.49.97.24, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is consultation.grubaughortho.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on January 8th 2025. Valid for: 6 months.

This is the only time consultation.grubaughortho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	20.49.97.24 20.49.97.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.33.219.205 13.33.219.205	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:272... 2600:9000:2724:e00:17:d012:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:24e... 2600:1f18:24e6:b900:1933:3aac:154f:f044	14618 (AMAZON-AES) (AMAZON-AES)
1	20.150.88.164 20.150.88.164	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.27.50 104.18.27.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.245.60.48 18.245.60.48	16509 (AMAZON-02) (AMAZON-02)
4	18.194.6.240 18.194.6.240	16509 (AMAZON-02) (AMAZON-02)
3	35.177.168.187 35.177.168.187	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:1200:15:141a:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b902:e624:b6ab:b063:5e49	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223c:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.227.107.50 54.227.107.50	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
104	36

18 20.49.97.24 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

consultation.grubaughortho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.219.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-219-205.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2724:e00:17:d012:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.devexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b900:1933:3aac:154f:f044 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.88.164 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stappsmiledoctorscom.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-48.fra60.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.6.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-6-240.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.168.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com

ruler.nyltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.nyltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:1200:15:141a:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.leadsigma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:e624:b6ab:b063:5e49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.107.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-107-50.compute-1.amazonaws.com

call-tracking.leadsigma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	grubaughortho.com consultation.grubaughortho.com	444 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	844 B
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 359 c.bing.com — Cisco Umbrella Rank: 205	18 KB
6	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3036 session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 10448	1 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2020 ka-p.fontawesome.com — Cisco Umbrella Rank: 3310	99 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 c.clarity.ms — Cisco Umbrella Rank: 1269 o.clarity.ms — Cisco Umbrella Rank: 7829	31 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2701	10 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	685 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	374 KB
3	nyltx.com ruler.nyltx.com — Cisco Umbrella Rank: 125380 analytics.nyltx.com — Cisco Umbrella Rank: 111701	57 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 51440	11 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	86 KB
3	devexpress.com cdn3.devexpress.com — Cisco Umbrella Rank: 72687	1 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415	33 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	73 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 31394	562 B
2	leadsigma.com cdn.leadsigma.com call-tracking.leadsigma.com	3 KB
2	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1279	68 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	1 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 10001	558 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 5206	448 B
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7737	21 KB
1	windows.net stappsmiledoctorscom.blob.core.windows.net	10 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	7 KB
104	26

	Domain	Requested by
18	consultation.grubaughortho.com	consultation.grubaughortho.com
10	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
8	www.facebook.com	consultation.grubaughortho.com
5	bat.bing.com	www.googletagmanager.com bat.bing.com consultation.grubaughortho.com
5	rum.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
4	tags.srv.stackadapt.com	consultation.grubaughortho.com tags.srv.stackadapt.com www.datadoghq-browser-agent.com
4	ka-p.fontawesome.com	www.datadoghq-browser-agent.com
4	www.googletagmanager.com	consultation.grubaughortho.com www.googletagmanager.com
3	connect.facebook.net	consultation.grubaughortho.com connect.facebook.net
3	cdn3.devexpress.com	consultation.grubaughortho.com
3	cdn.jsdelivr.net	consultation.grubaughortho.com
2	c.clarity.ms	1 redirects
2	analytics.nyltx.com	ruler.nyltx.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.ch	consultation.grubaughortho.com
2	region1.analytics.google.com	www.datadoghq-browser-agent.com
2	td.doubleclick.net	www.googletagmanager.com
2	www.google.com	www.googletagmanager.com consultation.grubaughortho.com
2	fonts.googleapis.com	consultation.grubaughortho.com
2	kit.fontawesome.com	consultation.grubaughortho.com www.datadoghq-browser-agent.com
2	www.datadoghq-browser-agent.com	consultation.grubaughortho.com
1	o.clarity.ms	www.datadoghq-browser-agent.com
1	c.bing.com	1 redirects
1	pixel-ssn.quantserve.com	consultation.grubaughortho.com
1	pixel.quantserve.com	1 redirects
1	call-tracking.leadsigma.com	www.datadoghq-browser-agent.com
1	rules.quantcount.com	secure.quantserve.com
1	session-replay.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.leadsigma.com	www.googletagmanager.com
1	ruler.nyltx.com	consultation.grubaughortho.com
1	cdn.callrail.com	www.googletagmanager.com
1	tag.simpli.fi	www.googletagmanager.com
1	secure.quantserve.com	consultation.grubaughortho.com
1	cdn.mouseflow.com	www.googletagmanager.com
1	stappsmiledoctorscom.blob.core.windows.net	consultation.grubaughortho.com
1	ajax.googleapis.com	consultation.grubaughortho.com
1	maxcdn.bootstrapcdn.com	consultation.grubaughortho.com
104	39

This site contains no links.

Subject Issuer	Validity	Valid
consultation.grubaughortho.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-01-08` - `2025-07-08`	6 months	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
fontawesome.com WE1	`2024-12-30` - `2025-03-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.devexpress.com Go Daddy Secure Certificate Authority - G2	`2024-04-02` - `2025-04-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-14` - `2025-05-17`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 08	`2024-10-25` - `2025-04-23`	6 months	crt.sh
*.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
cdn.mouseflow.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-19` - `2025-01-17`	3 months	crt.sh
quantserve.com R11	`2024-12-21` - `2025-03-21`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-13` - `2025-12-14`	a year	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
ruler.nyltx.com R10	`2024-12-07` - `2025-03-07`	3 months	crt.sh
*.leadsigma.com Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.google.ch WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
analytics.nyltx.com R11	`2025-01-09` - `2025-04-09`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://consultation.grubaughortho.com/
Frame ID: 2801F0F25A461CD6D673F9D48CABA385
Requests: 100 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fconsultation.grubaughortho.com
Frame ID: CA1677B91EB9DAE8447E573F1B25A2B0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/840274230?random=1736480877464&cv=11&fst=1736480877464&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190v9100522884z877260475za201zb77260475&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&hn=www.googleadservices.com&frm=0&tiba=New%20Patient%20Booking&npa=0&pscdl=noapi&auid=1909209309.1736480877&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 6F545040B2242429C4F22A9EFEA84CBD
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QXFC9B1DW6&gacid=956684005.1736480878&gtm=45je5190v871494641z877260475za200zb77260475&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1851646732
Frame ID: 64269FC3575578E56150F282C1754647
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Patient Booking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

104
Requests

96 %
HTTPS

53 %
IPv6

26
Domains

39
Subdomains

36
IPs

7
Countries

2732 kB
Transfer

10344 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://pixel.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=1;et=1736480877648;tzo=-60;ogl=;ses=fd683530-6e85-47ae-b4db-e9312a0a4058;d=grubaughortho.com;uht=2;fpan=1;fpa=P0-337235436-1736480877649;pbc=;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=1;et=1736480877648;tzo=-60;ogl=;ses=fd683530-6e85-47ae-b4db-e9312a0a4058;d=grubaughortho.com;uht=2;fpan=1;fpa=P0-337235436-1736480877649;pbc=;gdpr=0;mdl=;dip=075dd197-2d80-4b0b-98f9-da546d60e273

Request Chain 85

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&RedC=c.clarity.ms&MXFR=04C40071C79462EF1B721501C3946CBE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&MUID=2131B974F2D360091051AC04F3586159

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
consultation.grubaughortho.com/ 13 KB
5 KB 1137ms
372ms Document
text/html 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3aee3c80ec364fa0445196f4ca91dade3d5d54f62a0a77e511537bd775148801

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Jan 2025 03:47:55 GMT
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Powered-By: ASP.NET

GET
H2 200 datadog-logs-v4.js Show response
www.datadoghq-browser-agent.com/ 51 KB
18 KB 151ms
29ms Script
application/javascript 13.33.219.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-219-205.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

vary: accept-encoding
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
content-encoding: gzip
etag: W/"44c5d2c58c3f065730a026e0868767da"
age: 49
via: 1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: T-QcMX4GyD9s5APysgMpz8bSquhQc14Rofw-QWkGmVHCODFBiAfOnA==
date: Fri, 10 Jan 2025 03:47:09 GMT
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
50 KB 168ms
47ms Script
application/javascript 13.33.219.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-219-205.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

vary: accept-encoding
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
content-encoding: gzip
etag: W/"2630b3d7ad4a41fac67742216e506d83"
age: 42
via: 1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: gO3Jd6LIB-hAWpBHfNAoWzW79_ownvxxAnbVFAGvXcXDFhW7d1tU8g==
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK reset.css
consultation.grubaughortho.com/css/ 1 KB
1 KB 119ms
115ms Stylesheet
text/css 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/css/reset.css

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

89213b63a3f2812c1876ce945beb01fc0672ae48fb5a5f4646db54b0f8e56c42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118cbadf0"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/ 191 KB
30 KB 70ms
21ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/bootstrap.min.css

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://consultation.grubaughortho.com
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2fbaa-t81XpP1qH65hJhUPQn7yFzlyk+Q"
age: 2069937
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-lin1730035-LIN
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30372
x-jsd-version: 5.2.1

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 54ms
24ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "4083f5d376eb849a458cc790b53ba080"
age: 1385152
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 03:47:56 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/13/2024 00:51:43
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5e5d18001b0e52b721892e74e0b1b13c
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8ff9b043d93bbc54-ZRH
access-control-allow-origin: *
cdn-edgestorageid: 864
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 576d24729a.js Show response
kit.fontawesome.com/ 13 KB
5 KB 339ms
262ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/576d24729a.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca2273be88a5129b771bdbf3345b10d6495c282bd1fe23a8d8b5550b37112a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://consultation.grubaughortho.com
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-max-age: 3000
x-request-id: GBk4KB3T56FzRRUyfePi
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8ff9b0442c1d974f-FRA
access-control-allow-origin: *
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 148ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 03:47:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 03:47:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK material-icons.min.css
consultation.grubaughortho.com/css/ 93 KB
24 KB 236ms
117ms Stylesheet
text/css 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/css/material-icons.min.css

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e20895cba5461222599ac06fe26d6d2fef879fedfd90967542803ad8c7aacb8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118cadb07"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 dx.common.css
cdn3.devexpress.com/jslib/22.1.5/css/ 312 B
646 B 158ms
26ms Stylesheet
text/css 2600:9000:2724:e00:17:d012:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.devexpress.com/jslib/22.1.5/css/dx.common.css
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:e00:17:d012:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 804bf2f0676a8aecfef8c83eb5b8766e348ced01cc49fb1206fbb0e43fb556a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

etag: "de726f3c40dd0cf577dddfe9b7bd5b3e"
age: 83202
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 312
x-amz-cf-id: iNQsmGauuJhcJe2a5R2RbAblISHWdjUFP_e583o7HEkSZ6lbJlfKVw==
date: Thu, 09 Jan 2025 04:44:48 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:26:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: accept-encoding

GET
H2 200 dx.light.css
cdn3.devexpress.com/jslib/22.1.5/css/ 835 KB
105 KB 156ms
24ms Stylesheet
text/css 2600:9000:2724:e00:17:d012:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.devexpress.com/jslib/22.1.5/css/dx.light.css
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:e00:17:d012:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9de5267867ac2412000bf351a5290c4087047e90e1c4fbbaf0dd4d076d3afaca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
etag: W/"a3d9776387f4f68b22d4a0b50742bf91"
age: 83202
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: TP0QtLWGtYvT_ljpf1La-Jn331JFo2jCqbKOswCYBjPV1B0soNaL0Q==
date: Thu, 09 Jan 2025 04:47:10 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:26:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: accept-encoding

GET
H/1.1 200
OK Grubaugh%20Orthodontics.css
consultation.grubaughortho.com/Themes/ 1 KB
934 B 574ms
240ms Stylesheet
text/css 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/Themes/Grubaugh%20Orthodontics.css

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

75260a1750c581bc957216db7889677d3b7fd48c392d39c7e810ac4355e638fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
X-Powered-By: ASP.NET
Content-Encoding: gzip
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: text/css
Last-Modified: Fri, 10 Jan 2025 03:47:56 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK global.css
consultation.grubaughortho.com/css/ 26 KB
8 KB 470ms
129ms Stylesheet
text/css 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e4120ff43c6fe8963641115bdce1814413b0b3e9b2368364d190eaed07ea0907

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1db4a94e4b12eff"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2024 23:48:49 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK site.js Show response
consultation.grubaughortho.com/js/ 702 B
1 KB 464ms
123ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/site.js?v=Qx71G3s5E9d9zqFMqJZVmWlqabuwkl_hjYqHTomw1Qk

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3db234c2724cd71a68341a34d4a10f99dff11cee3ec0a8b7988a96cc94117dfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c71196442be"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:36 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.js Show response
consultation.grubaughortho.com/js/devextreme/ 292 KB
113 KB 471ms
130ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/devextreme/jquery.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a28d76c983b06d87eb2c6d6deaff7e1d4faf32f12794a92bd5e21c754c06ed9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c711960ce06"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:36 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.js Show response
consultation.grubaughortho.com/js/devextreme/ 145 KB
40 KB 472ms
126ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/devextreme/bootstrap.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

488b085dcf202d6539e93ced4501be26c264ee4a468de2fe1c08db7502c2d7e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118c9eb08"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/js/ 79 KB
25 KB 65ms
19ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://consultation.grubaughortho.com
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13a49-d7zwyIL6S+j76tNQUsOalE+QNeM"
age: 881941
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220118-FRA, cache-lin1730035-LIN
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24655
x-jsd-version: 5.2.1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 144ms
26ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
age: 41537
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 09 Jan 2026 16:15:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 16:15:39 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK jszip.js Show response
consultation.grubaughortho.com/js/devextreme/ 377 KB
126 KB 462ms
116ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/devextreme/jszip.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d5fbb34aca5f785a88b8159a8be78256a67f1777260cce019af6dc33855650e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c711961a2e7"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:36 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 dx.all.js Show response
cdn3.devexpress.com/jslib/22.1.4/js/ 5 MB
1 MB 155ms
25ms Script
application/javascript 2600:9000:2724:e00:17:d012:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.devexpress.com/jslib/22.1.4/js/dx.all.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:e00:17:d012:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2960d8b7f850294418b5a922fa63b672203a11af92b1e919a2bba5a908c17b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
etag: W/"6b6512b15b15ade49abd953bc8ae05a4"
age: 7770
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 8VVPFht8JHIvrKAD1TJT2A4C3xijKDU3oFdH2MPP0uuoQBMMjV_FeA==
date: Fri, 10 Jan 2025 01:49:00 GMT
content-type: application/javascript
last-modified: Thu, 28 Jul 2022 09:09:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: accept-encoding

GET
H/1.1 200
OK dx.aspnet.mvc.js Show response
consultation.grubaughortho.com/js/devextreme/aspnet/ 9 KB
3 KB 586ms
115ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/devextreme/aspnet/dx.aspnet.mvc.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

51c27af1ef7ba6e024927665c5a00e38b49dd6eddfac2f7e3828d9c3019e9e6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118cb8a03"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H/1.1 200
OK dx.aspnet.data.js Show response
consultation.grubaughortho.com/js/devextreme/aspnet/ 14 KB
4 KB 601ms
124ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/devextreme/aspnet/dx.aspnet.data.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0b680692bdbddadc58dd8c8263d7b29cae9847a8968dd7ec0f8245e836c1209f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118cb9ea6"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 moment.min.js Show response
cdn.jsdelivr.net/npm/moment@2.29.4/ 58 KB
19 KB 67ms
22ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/moment@2.29.4/moment.min.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb1932b5f97c1cbdcebc4d89fabc6516977ba8a85939cbd1f280e365a1168ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"e945-PrddvpcJjkPQ3KhFNmLmCFGxS5Q"
age: 1431855
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230145-FRA, cache-lin1730043-LIN
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18482
x-jsd-version: 2.29.4

GET
H/1.1 200
OK breadcrumbslogic.js Show response
consultation.grubaughortho.com/js/ 3 KB
2 KB 689ms
115ms Script
application/javascript 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/js/breadcrumbslogic.js?v=Hi0aYaLQ0c_tG9PTtWY-0RuSoT5f_cUZUxZC3Y5yY9E

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6f3df8d70541482a6797e590622f7562b6e059c06995c2a57c43eecd4f3e539

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
X-Powered-By: ASP.NET
Content-Encoding: gzip
ETag: "1da7c7118cba3b4"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Date: Fri, 10 Jan 2025 03:47:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 453 KB
138 KB 115ms
56ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a25a2a801e2d01d4a0d5760df8b15646e1e50947ab7a5109250c5685a5438e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 03:47:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140973
x-xss-protection: 0
server: Google Tag Manager

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.7.2/css/ 472 KB
81 KB 871ms
851ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.7.2/css/pro.min.css?token=576d24729a
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d337d11501960ed43bce88c7d244685acc2131fc0216154da8cc1c7423f632

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "676048a5-14217"
cf-ray: 8ff9b045fcc4974f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 82455
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.7.2/css/ 21 KB
4 KB 541ms
520ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-shims.min.css?token=576d24729a
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49c87c75bbfc7ff6fc8d0102a969b152cca0aad522f2883cd14354ce47b3c5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "676048a5-ff8"
cf-ray: 8ff9b045fcc1974f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4088
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.7.2/css/ 50 KB
7 KB 579ms
559ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.7.2/css/pro-v5-font-face.min.css?token=576d24729a
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207393902fc5b673424da0b95213a3446c40ddf9aeb2b24b48e8a1eaa9d6a834

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "676048a5-1c15"
cf-ray: 8ff9b045fcc2974f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7189
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.7.2/css/ 7 KB
2 KB 500ms
479ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-font-face.min.css?token=576d24729a
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fbb17bdd8a33539ce8cbff8e5cf6e8fa7ed468b7430e95dbe56d30fd050f6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: "676048a4-6c9"
cf-ray: 8ff9b045fcc3974f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1737
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 15:35:00 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/576d24729a/83150810/ 547 B
410 B 140ms
139ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/576d24729a/83150810/kit-upload.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ba3f6070c7ad58690304e3f1d8fac68f1e8ba9429cb9ff9b355e94750b736a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-max-age: 3000
x-request-id: GBk4KCxnpn6WoveViamh
cache-control: max-age=31556926, public, must-revalidate
content-encoding: gzip
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8ff9b045dcb2974f-FRA
access-control-allow-origin: *
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 css
fonts.googleapis.com/ 12 KB
972 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,700,500|Ubuntu:400,700,500

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d1123cde26edcad063ce8ee7fb9eb805bda93474c57857978a446ecfcd9446c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 03:47:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 03:47:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
286 B 649ms
329ms Fetch
application/json 2600:1f18:24e6:b900:1933:3aac:154f:f044
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=faeed88e-0669-4c5c-81ac-8f03281be811&batch_time=1736480876620

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

589d66402e16eec27fea79da1dd927fa8393c00338f2d49de63a20bfe388a0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:56 GMT
content-type: application/json
dd-request-id: faeed88e-0669-4c5c-81ac-8f03281be811

GET 5f4b7468-d3ae-43b0-b70a-eaa84c6b1500
https://consultation.grubaughortho.com/ Frame 0
0

GET
H/1.1 200
OK sd-client-logo.svg
stappsmiledoctorscom.blob.core.windows.net/patientportal-public/Logo/SmileDoctors/ 10 KB
10 KB 517ms
119ms Image
image/svg+xml 20.150.88.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stappsmiledoctorscom.blob.core.windows.net/patientportal-public/Logo/SmileDoctors/sd-client-logo.svg
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.88.164 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3e748a1f68b545c58ca11c22a3d05c31642a0e86714703956438fa3ce1258371

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Content-MD5: L9JHunii7zd3ik27mfr4dA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DB2FB338CA9DBE
x-ms-request-id: 1e0f5b85-201e-0056-2912-63bbec000000
Content-Length: 10022
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 28 Mar 2023 17:38:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H/1.1 200
OK SmileDoctorsMabry-Bold.woff2
consultation.grubaughortho.com/fonts/ 57 KB
58 KB 116ms
115ms Font
font/woff2 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/fonts/SmileDoctorsMabry-Bold.woff2

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

44c1c3cfd7bdb601183514f2e4c9492bae1edfb20fda4d2a76cb8bd08007af53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://consultation.grubaughortho.com
Referer: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Response headers

Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
ETag: "1da7c7118cb4dc4"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Content-Length: 58436
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: font/woff2
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

GET
H/1.1 200
OK SmileDoctorsMabry-Regular.woff2
consultation.grubaughortho.com/fonts/ 57 KB
58 KB 115ms
115ms Font
font/woff2 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/fonts/SmileDoctorsMabry-Regular.woff2

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b67895193a082270359c6de81ae484f10d6f6175bce897880aa1a09e1b972ee4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://consultation.grubaughortho.com
Referer: https://consultation.grubaughortho.com/css/global.css?v=5BIP9Dxv6JY2QRFb3OGBRBOws-myNoNk0ZDq7QfqCQc

Response headers

Strict-Transport-Security: max-age=2592000
X-Powered-By: ASP.NET
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: public,maxAge=31536000
ETag: "1da7c7118cb4dbc"
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Accept-Ranges: bytes
Content-Length: 58428
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: font/woff2
Last-Modified: Fri, 22 Mar 2024 15:53:35 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 423 KB
134 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QXFC9B1DW6&l=dataLayer&cx=c&gtm=45He5190v77260475za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

322595ef8eb7eb9512e35e580e1c7890e64f6e15bb6df1fa8d264e36a5edfd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 10 Jan 2025 03:47:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137129
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 95ms
38ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1014655539.1736480877&dt=New%20Patient%20Booking&auid=1909209309.1736480877&navt=n&npa=0&gtm=45He5190v77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1736480877369&tfd=2411&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 296 KB
101 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-840274230&l=dataLayer&cx=c&gtm=45He5190v77260475za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32cb9979e53790c917d5466f448a24afd95213163c11a1661b26635192284005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 10 Jan 2025 03:47:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103589
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 117ms
48ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 506C0E043C3848419B81BAD6CDAF62B0 Ref B: FRA31EDGE0510 Ref C: 2025-01-10T03:47:57Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 1a1d56d7-6181-4b47-9ce4-d74d19c9eb8a.js Show response
cdn.mouseflow.com/projects/ 71 KB
21 KB 59ms
30ms Script
application/javascript 104.18.27.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/1a1d56d7-6181-4b47-9ce4-d74d19c9eb8a.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.50 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9349b7e98d8dfefc95f1d1ccc079c14ef2a28f282b75dd3d2e1c165faf1c06af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b27f9246d061db1:0"
age: 27226
x-mf-country: CH
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 03:47:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Jan 2025 13:21:50 GMT
priority: u=3,i=?0
x-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-mf-continent: EU
cache-control: public, max-age=86400
cf-ray: 8ff9b04bca8f01df-ZRH
access-control-allow-origin: *
x-mf-script-region: enforced-privacy
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 50ms
25ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-45ud7ARh' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-45ud7ARh' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4492, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: O3DgLvK5fn0RFUfsH2GhE3WDoW/yHcGagxdTkRHon6HCfuT8ssm+k5r9JnM3kIzC7eAHzWnM3gfjDOa7xYz/Xw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 135ms
27ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1a348b534e8a564459688fd0583aa1e018a107b6c224bb43a3a1c25aa53c647f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "bBg4Fg3dLUEmkKIA6FaCzg=="
expires: Fri, 17 Jan 2025 03:47:57 GMT
accept-ranges: bytes
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 f74a86f0-5deb-0136-ee6f-06659b33d47c Show response
tag.simpli.fi/sifitag/ 0
448 B 114ms
35ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/f74a86f0-5deb-0136-ee6f-06659b33d47c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

x-request-id: GBk4KGT0FD3QqempUrSB
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=utf-8
server: openresty

GET
H2 200 swap.js Show response
cdn.callrail.com/group/221726427/7eb32e995582b69361f7813a/12/ 32 B
558 B 201ms
126ms Script
text/javascript 18.245.60.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/group/221726427/7eb32e995582b69361f7813a/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-48.fra60.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

x-request-id: df1e4313-2138-45cd-b971-d4486a79cbe3
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: R3w10eJUERSRWeR35ROFy7e-52oY1TuTFAggFkFLcHIhqafnZqrtFA==
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.009031
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
content-length: 32
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P5

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 183ms
118ms Script
text/javascript 18.194.6.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.6.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-6-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1cd89b8eb1d8b6240e5a112f399632437dade61e847d61e83b6ae8f74d1103b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/javascript

GET
H/1.1 200
OK ra-bootstrap.min.js Show response
ruler.nyltx.com/lib/1.0/ 56 KB
56 KB 191ms
77ms Script
application/javascript 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Requested by: Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5d31f7743a001630f1b475202793a71e6cc011fdde69a2724a47f964e826b60a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Cache-Control: public, max-age=3600
ETag: "677e9a34-e092"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57490
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Jan 2025 15:31:00 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H2 200 swap.min.js Show response
cdn.leadsigma.com/swap/ 2 KB
3 KB 157ms
27ms Script
application/javascript 2600:9000:2724:1200:15:141a:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadsigma.com/swap/swap.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:1200:15:141a:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d257ce4c739f994285392c9a8556fa8e1cdbb7e77794a16d80a9d9571d96ae7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

x-amz-version-id: 5Xo0x6l16Jv1lcVLExv4mLn2S5m1qd4n
etag: "ff0e9f5c843bb9488eb7bebb07f390ac"
age: 45940
via: 1.1 ea7cd71b17e29a29176686830f1a76c4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2519
x-amz-cf-id: f7AyECvEJmQePiQTfOQf7OBI77oNiJwGCkkcc-eGcn0Fxzn0-15n-g==
date: Thu, 09 Jan 2025 15:02:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Jan 2024 05:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/5190/ Frame CA16 0
0 93ms
34ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fconsultation.grubaughortho.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 03:47:57 GMT
expires: Sat, 10 Jan 2026 03:47:57 GMT
last-modified: Thu, 09 Jan 2025 17:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/840274230/ 5 KB
2 KB 84ms
37ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/840274230/?random=1736480877464&cv=11&fst=1736480877464&bg=ffffff&guid=ON&async=1&gtm=45be5190v9100522884z877260475za201zb77260475&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&hn=www.googleadservices.com&frm=0&tiba=New%20Patient%20Booking&npa=0&pscdl=noapi&auid=1909209309.1736480877&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-840274230&l=dataLayer&cx=c&gtm=45He5190v77260475za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a3496e0c167bdf977c014625eff7848e3d7bd913a6faefc0f067fbab7d74700b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2258
date: Fri, 10 Jan 2025 03:47:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 840274230
td.doubleclick.net/td/rul/ Frame 6F54 0
0 101ms
42ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/840274230?random=1736480877464&cv=11&fst=1736480877464&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190v9100522884z877260475za201zb77260475&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&hn=www.googleadservices.com&frm=0&tiba=New%20Patient%20Booking&npa=0&pscdl=noapi&auid=1909209309.1736480877&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-840274230&l=dataLayer&cx=c&gtm=45He5190v77260475za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://consultation.grubaughortho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 03:47:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1584362238315778 Show response
connect.facebook.net/signals/config/ 72 KB
15 KB 123ms
123ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1584362238315778?v=2.9.179&r=stable&domain=consultation.grubaughortho.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

00d6d1850a6218b99de8a73d0794035b42e43f72d1320cb21d5d9b2af2b4bdfb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-1Q30lG1N' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1Q30lG1N' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=77, mss=1232, tbw=71301, tp=68, tpl=0, uplat=101, ullat=0
pragma: public
x-fb-debug: F735ZrpQuOYK8jauOQRa/jNN/tNXXaxX9O1Ht5N3cI1dqIuQiZn98q9l1qK4/9LxUvSe1yt/oVQlKfT1esrDWQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
564 B 110ms
40ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QXFC9B1DW6&gtm=45je5190v871494641z877260475za200zb77260475&_p=1736480876117&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=956684005.1736480878&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&dr=&sid=1736480877&sct=1&seg=0&dt=New%20Patient%20Booking&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-PKMTQDQ&ep.gtm_container_version=167&ep.previous_url=&ep.gtm_tag_name=GA4%20-%20Page%20View&tfd=2563
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://consultation.grubaughortho.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
564 B 126ms
35ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QXFC9B1DW6&cid=956684005.1736480878&gtm=45je5190v871494641z877260475za200zb77260475&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFC9B1DW6&l=dataLayer&cx=c&gtm=45He5190v77260475za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://consultation.grubaughortho.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 6426 0
0 41ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-QXFC9B1DW6&gacid=956684005.1736480878&gtm=45je5190v871494641z877260475za200zb77260475&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1851646732

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFC9B1DW6&l=dataLayer&cx=c&gtm=45He5190v77260475za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://consultation.grubaughortho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 03:47:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 98ms
38ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QXFC9B1DW6&cid=956684005.1736480878&gtm=45je5190v871494641z877260475za200zb77260475&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1364462149

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 03:47:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
287 B 1101ms
186ms XHR
application/json 2600:1f18:24e6:b902:e624:b6ab:b063:5e49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=385e711f-30f0-49ee-8036-d1bc2bd7c55c

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:e624:b6ab:b063:5e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

00d8037e4cddef94d55426afa7e9ef92fd3f005a1f1f8e60833ecc26958ab4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuS9T3eYI5yAg0ihw
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:58 GMT
content-type: application/json
dd-request-id: 385e711f-30f0-49ee-8036-d1bc2bd7c55c

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
112 B 351ms
348ms Fetch
application/json 2600:1f18:24e6:b900:1933:3aac:154f:f044
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=ccc5780e-1f86-41cc-9a93-013a7f471cec&batch_time=1736480877540

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

83a5d63a8b151a416f5f6a6b0fcb2b6cac308550e6eb0afedd4c99fca670c100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/json
dd-request-id: ccc5780e-1f86-41cc-9a93-013a7f471cec

GET
H2 200 rules-p-bnNn6tD4Bm_HP.js Show response
rules.quantcount.com/ 2 KB
1 KB 92ms
24ms Script
application/javascript 2600:9000:223c:5c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-bnNn6tD4Bm_HP.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d8e0118ebcd9399cc63c746e104cd89a2fa4caa1063c3c0d45edeca06b9a4da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
etag: W/"30fe4381ef8d18b669f2e42b545af785"
age: 33
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: aFheHRqTabNwSOsYIQ4gECXZCu2LYmLTocArRGYP0HDRgbWk_x9e7w==
date: Fri, 10 Jan 2025 03:47:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 15:06:08 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 13016864.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 48ms
48ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13016864.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d162582109b0cd34024d985cd1fc61f9a8d2d8ba75a491821a41086f24ac9528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E6B7B7B2C7C4214A7D6A11B249CB08F Ref B: FRA31EDGE0510 Ref C: 2025-01-10T03:47:57Z
x-cache: CONFIG_NOCACHE
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 187162783.js Show response
bat.bing.com/p/action/ 363 B
392 B 48ms
48ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187162783.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80CF19C940F842F0AC6F552E34EE2B03 Ref B: FRA31EDGE0510 Ref C: 2025-01-10T03:47:57Z
x-cache: CONFIG_NOCACHE
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.google.com/pagead/1p-user-list/840274230/ 42 B
64 B 38ms
37ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/840274230/?random=1736480877464&cv=11&fst=1736478000000&bg=ffffff&guid=ON&async=1&gtm=45be5190v9100522884z877260475za201zb77260475&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&hn=www.googleadservices.com&frm=0&tiba=New%20Patient%20Booking&npa=0&pscdl=noapi&auid=1909209309.1736480877&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dhqTscfBLCuNe5f3LSRocGj0o2mDcDQ&random=3799836668&rmt_tld=0&ipr=y

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 03:47:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.ch/pagead/1p-user-list/840274230/ 42 B
154 B 81ms
39ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/840274230/?random=1736480877464&cv=11&fst=1736478000000&bg=ffffff&guid=ON&async=1&gtm=45be5190v9100522884z877260475za201zb77260475&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&hn=www.googleadservices.com&frm=0&tiba=New%20Patient%20Booking&npa=0&pscdl=noapi&auid=1909209309.1736480877&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dhqTscfBLCuNe5f3LSRocGj0o2mDcDQ&random=3799836668&rmt_tld=1&ipr=y

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 03:47:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 118ms
118ms Stylesheet
text/css 18.194.6.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.6.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-6-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5798ec760f8006134f5ecbca66b053bbd2b7256332d1a6122bc965324100d156

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 651 B
2 KB 171ms
118ms Fetch
image/jpeg 18.194.6.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.6.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-6-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f6dab0419fcfa1a495cbeb35c5d2c83ab8a38ca97bb848217be8e2c2013aa80b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: image/jpeg

GET
H2 200 swap Show response
call-tracking.leadsigma.com/ 66 B
369 B 647ms
380ms XHR
application/json 54.227.107.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://call-tracking.leadsigma.com/swap?&url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&referrer_url=&swap[]=1584362238&swap[]=1597425107
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.227.107.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-107-50.compute-1.amazonaws.com
Software: /
Resource Hash: 622be33be1d1571a1a932fb735bf0f1d9fe117e0cf075f292b0e3cebf52f0e80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

x-amz-apigw-id: EJzBPFY-oAMEWdQ=
x-amzn-trace-id: Root=1-6780986d-05897238628cf3f45eeda3ae;Parent=130230da05fffe19;Sampled=0;Lineage=1:93696658:0
access-control-allow-methods: GET
x-amzn-requestid: 8965dd3f-0ff4-4d83-aefc-e64a4f932b82
access-control-allow-origin: *
content-length: 66
date: Fri, 10 Jan 2025 03:47:58 GMT
content-type: application/json
access-control-allow-headers: Content-Type

GET
H2 204 0
bat.bing.com/action/ 0
288 B 48ms
48ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187162783&tm=gtm002&Ver=2&mid=dc0be768-c460-40c2-aac8-bce68bda3d40&bo=1&sid=ae31ffa0cf0511efac84e79364a33ea0&vid=ae31fcd0cf0511efa5a2397090e1c590&vids=1&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=New%20Patient%20Booking&p=https%3A%2F%2Fconsultation.grubaughortho.com%2F&r=&lt=2400&evt=pageLoad&sv=1&cdb=AQAQ&rn=295978

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E50ACAAB26F04173B16D3E4BCB97B37A Ref B: FRA31EDGE0510 Ref C: 2025-01-10T03:47:57Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 10 Jan 2025 03:47:57 GMT

GET
H2 200 13016864 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 308ms
213ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/13016864
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13016864.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 19ff61dd89da031a455c5ae117ed36a2e54895f337e6cc3fd629e20c1aecfc64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 1031
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/x-javascript
x-azure-ref: 20250110T034757Z-15464c697c5c7dj6hC1FRArk680000000zdg00000000d8ct

GET
H2 204 0
bat.bing.com/action/ 0
229 B 109ms
108ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13016864&tm=gtm002&Ver=2&mid=8c26e65f-d5cc-4bf4-81da-ae8742467777&bo=1&sid=ae31ffa0cf0511efac84e79364a33ea0&vid=ae31fcd0cf0511efa5a2397090e1c590&vids=0&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=New%20Patient%20Booking&p=https%3A%2F%2Fconsultation.grubaughortho.com%2F&r=&lt=2400&evt=pageLoad&sv=1&cdb=AQAQ&rn=39429

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F563071FFCCA4AD5A18A504F27BDB306 Ref B: FRA31EDGE0510 Ref C: 2025-01-10T03:47:57Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 10 Jan 2025 03:47:57 GMT

GET
H/1.1 200
OK ra-tracker.js.php Show response
analytics.nyltx.com/lib/1.0/ 459 B
665 B 179ms
80ms Script
application/x-javascript 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nyltx.com/lib/1.0/ra-tracker.js.php?ref=&href=https%3A%2F%2Fconsultation.grubaughortho.com%2F&__sid=FS1736480877611&__pid=1736480877611&__dnt=false&visitid=NULLVID&__doc_title=New%20Patient%20Booking&__clientcapturetime=2025-01-10T03:47:57.611Z&__capturetimetzoffset=-60&uid=62cd8a4b04b1c&action=track
Requested by: Host: ruler.nyltx.com
URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80aeb14c615f71c4fbdaf41c5deb4099b45f05d2ad2fd9e127fb4ac379748d54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Transfer-Encoding: chunked
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: application/x-javascript; charset=utf-8
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive

GET
H3 200 1597425107238763 Show response
connect.facebook.net/signals/config/ 50 KB
10 KB 224ms
224ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1597425107238763?v=2.9.179&r=stable&domain=consultation.grubaughortho.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C154%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

231003c330da04c47678a3846e90bf58cc7ce1bd4a436bcc4024ab66bbf50a73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-oNWD9AS6' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-oNWD9AS6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=91, mss=1232, tbw=87749, tp=84, tpl=0, uplat=201, ullat=0
pragma: public
x-fb-debug: CS5fh+H4kUxB6i0dF+4bXaDPtdbGBOlq02sJsKODaLKs6w/leWRpweJjdSNBTJgHv/xSS+TLU17bDMIiADZ68A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 46ms
22ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1584362238315778&ev=PageView&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877629&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=bc0766&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&cs_cc=1&cas=1704533899650342&rqm=GET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4536, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 241ms
217ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1584362238315778&ev=PageView&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877629&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=bc0766&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&cs_cc=1&cas=1704533899650342&rqm=FGET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458128577906792603"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ZVbvsteiItiIj7UG0XYaSGuFRuqwjfOACwgfzu3PAb+HHZHwJ9YRDrPpgq8ZDwp56BquNEB4XUBrMFgabDOTtg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458128577906792603", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4904, tp=13, tpl=0, uplat=194, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
136 B 215ms
211ms Fetch
application/json 2600:1f18:24e6:b900:1933:3aac:154f:f044
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=177c7548-d742-424d-91c6-14fb837bbd16&batch_time=1736480877632

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

9971f1c7515410ebf7833fe01e427a7ac97ccd0ca79cc89c64dfe232b273fbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/json
dd-request-id: 177c7548-d742-424d-91c6-14fb837bbd16

GET
H2

200

pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=1;et=1736480877648;tz...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;r...
https://pixel-ssn.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-202501071224...

35 B
355 B

119ms
26ms

Image
image/gif

91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=1;et=1736480877648;tzo=-60;ogl=;ses=fd683530-6e85-47ae-b4db-e9312a0a4058;d=grubaughortho.com;uht=2;fpan=1;fpa=P0-337235436-1736480877649;pbc=;gdpr=0;mdl=;dip=075dd197-2d80-4b0b-98f9-da546d60e273

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Fri, 10 Jan 2025 03:47:57 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["rEW6de1saqtKmzEW62WB/Q=="],"pcode":["p-bnNn6tD4Bm_HP"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantserve.com/pixel;r=1707334067;labels=_fp.event.Consultation;rf=0;a=p-bnNn6tD4Bm_HP;url=https%3A%2F%2Fconsultation.grubaughortho.com%2F;ns=0;ce=1;qjs=1;qv=b20766c7-20250107122429;ref=;dst=1;et=1736480877648;tzo=-60;ogl=;ses=fd683530-6e85-47ae-b4db-e9312a0a4058;d=grubaughortho.com;uht=2;fpan=1;fpa=P0-337235436-1736480877649;pbc=;gdpr=0;mdl=;dip=075dd197-2d80-4b0b-98f9-da546d60e273
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Fri, 10 Jan 2025 03:47:57 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["rEW6de1saqtKmzEW62WB/Q=="],"pcode":["p-bnNn6tD4Bm_HP"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
297 B 117ms
117ms XHR
text/plain 18.194.6.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=Keo48_4ECCAF-kUtd8Sxaw&is_js=true&landing_url=https%3A%2F%2Fconsultation.grubaughortho.com%2F&t=New%20Patient%20Booking&tip=U4keaROaRwmZ6-bLF53qkhZ48uVDYfrQ70eEN4YJZT4&host=https%3A%2F%2Fconsultation.grubaughortho.com&sa_conv_data_css_value=%270-e4d90888-68a9-5b01-4e8a-8879ead9e512%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9e4d9088868a95b014e8a8879ead9e51295581b51&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKINEyqovjuXl0LGo8jCOJeqLPOwXn81JZCANX0DB5kdJbENYBGAQg7bCCvAYwAToExbdv9kIEOPwwfQ.hMraY8d5TGO7nzIlffyNzVhRxIxOjz3lTp6p3p46sf8&sa-user-id-v2=s%253A5NkIiGipWwFOioh56tnlEpVYG1E.H4dbr8XSxgt3x5nHTtwG8tvhjIqR%252Bf2CQ8ermt3Oigo&sa-user-id=s%253A0-e4d90888-68a9-5b01-4e8a-8879ead9e512.FFBcVvgKy3fGjjK8t05uuSQ5SCFq0Mc2Zv%252Bm8G3frSg
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.6.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-6-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://consultation.grubaughortho.com
content-length: 94
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H/1.1 200
OK ra-collect
analytics.nyltx.com/lib/2.0/ 2 B
347 B 43ms
42ms Ping
text/plain 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nyltx.com/lib/2.0/ra-collect?d=1736480877794
Requested by: Host: ruler.nyltx.com
URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 2
Date: Fri, 10 Jan 2025 03:47:57 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 23ms
23ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1597425107238763&ev=PageView&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877864&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=fc8063&ler=empty&cdl=API_unavailable&cs_est=true&it=1736480877493&coo=false&cs_cc=1&cas=7114405391997331%2C9316246081739527%2C24257061780575817%2C3237791966340187%2C3556020587793388%2C3310327612393458&rqm=GET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=8376, tp=22, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 92ms
92ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1597425107238763&ev=PageView&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877864&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=fc8063&ler=empty&cdl=API_unavailable&cs_est=true&it=1736480877493&coo=false&cs_cc=1&cas=7114405391997331%2C9316246081739527%2C24257061780575817%2C3237791966340187%2C3556020587793388%2C3310327612393458&rqm=FGET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458128578182850963"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BusDTSIpHq+TYekVd7PdE99KwkYMgfAjdOp10057k6YYS7J7lXsFwFuCkFkYx+o3lWtFRsaOMLouREcjjW4Uhg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458128578182850963", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=27, mss=1232, tbw=10904, tp=32, tpl=0, uplat=67, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 23ms
23ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1584362238315778&ev=scroll&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877865&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=13f300&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&eid=19f83974-e973-47a9-a297-2affbd816c44_1736480876117.43&cs_cc=1&cas=1704533899650342&rqm=GET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=8568, tp=24, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 79ms
78ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1584362238315778&ev=scroll&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877865&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=13f300&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&eid=19f83974-e973-47a9-a297-2affbd816c44_1736480876117.43&cs_cc=1&cas=1704533899650342&rqm=FGET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458128576868739533"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: uI0ExUMsCFndbsj7Om0hpR8Pdo9U7tS6x/Qt1yKLKoSuh0fmbuA9knw7XS5FfkmjXb1uV1ysN1uTMOP0G37CjQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458128576868739533", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=27, mss=1232, tbw=9000, tp=29, tpl=0, uplat=55, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 24ms
23ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1597425107238763&ev=scroll&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877865&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=1&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=97e5be&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&eid=19f83974-e973-47a9-a297-2affbd816c44_1736480876117.43&cs_cc=1&cas=24257061780575817%2C3237791966340187%2C3556020587793388%2C3310327612393458&rqm=GET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=8760, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 89ms
88ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1597425107238763&ev=scroll&dl=https%3A%2F%2Fconsultation.grubaughortho.com&rl=&if=false&ts=1736480877865&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=1&o=12316&fbp=fb.1.1736480877628.920332152734765748&pm=1&hrl=97e5be&ler=empty&cdl=API_unavailable&it=1736480877493&coo=false&eid=19f83974-e973-47a9-a297-2affbd816c44_1736480876117.43&cs_cc=1&cas=24257061780575817%2C3237791966340187%2C3556020587793388%2C3310327612393458&rqm=FGET

Requested by

Host: consultation.grubaughortho.com
URL: https://consultation.grubaughortho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458128577971797084"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 3ZakhlWnNgftC2LG0O0BbVbu5WzyACCoL6uW+Dt8GPFGJoJUHDXaFqpE9d1Qszj5pv29YWgiYmFvF/mJLBIt6w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458128577971797084", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=27, mss=1232, tbw=10024, tp=31, tpl=0, uplat=65, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
112 B 200ms
195ms Fetch
application/json 2600:1f18:24e6:b900:1933:3aac:154f:f044
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=7b9d7dfd-40f3-4ddc-a663-65c9c8effb10&batch_time=1736480877867

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

042438951a47ab00bfdc664cbee049756939e489301e2cdf3f115f33c358d7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/json
dd-request-id: 7b9d7dfd-40f3-4ddc-a663-65c9c8effb10

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.59/ 67 KB
28 KB 44ms
44ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/13016864
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

x-azure-ref: 20250110T034757Z-15464c697c5c7dj6hC1FRArk680000000zdg00000000d8d9
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD2FD8C5BBA94B"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: e0ddd032-801e-0067-3f07-623e27000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 08 Jan 2025 11:37:03 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&RedC=c.clarity.ms&MXFR=04C40071C79462EF1B721501C3946CBE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&MUID=2131B974F2D360091051AC04F3586159

42 B
465 B

46ms
46ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&MUID=2131B974F2D360091051AC04F3586159
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "dda11c98eb61db1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Fri, 10 Jan 2025 03:47:58 GMT
content-type: image/gif
last-modified: Wed, 08 Jan 2025 16:37:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CAD49680D5384CC5B658F12D87FBB801&MUID=2131B974F2D360091051AC04F3586159
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20D630A578DB4372B69F25801C78304E Ref B: FRA31EDGE0522 Ref C: 2025-01-10T03:47:58Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 10 Jan 2025 03:47:57 GMT
x-powered-by: ASP.NET

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
21ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKMTQDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

content-encoding: gzip
age: 3825
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 04:44:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 02:44:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 404
Not Found favicon.svg
consultation.grubaughortho.com/ 0
317 B 131ms
131ms Other
text/plain 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/favicon.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Strict-Transport-Security: max-age=2592000
Content-Security-Policy: frame-ancestors 'self'
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Content-Length: 0
Date: Fri, 10 Jan 2025 03:47:57 GMT
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 689ms
332ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://consultation.grubaughortho.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://consultation.grubaughortho.com
Date: Fri, 10 Jan 2025 03:47:58 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
369 B 36ms
36ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=1&_u=YADAAEABAAAAACAAI~&jid=2010638216&gjid=1333522817&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&_r=1&_slc=1&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=441407577

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://consultation.grubaughortho.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:47:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://consultation.grubaughortho.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 23ms
22ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=10&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1751073488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 22ms
21ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=25&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1449288171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 24ms
23ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=40&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2059479335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 25ms
24ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=50&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=721096102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 26ms
25ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=60&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1264602470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 29ms
29ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=75&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=761229127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 27ms
26ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=85&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=998119223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 28ms
27ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2017739409&t=event&ni=1&_s=1&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&ul=de-ch&de=UTF-8&dt=New%20Patient%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20tracking&ea=https%3A%2F%2Fconsultation.grubaughortho.com%2F&el=100&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=956684005.1736480878&tid=UA-77327638-1&_gid=1170098980.1736480878&gtm=45He5190n81PKMTQDQv77260475za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1631410128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

age: 14764
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Jan 2025 23:41:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
112 B 189ms
185ms Fetch
application/json 2600:1f18:24e6:b900:1933:3aac:154f:f044
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Abooking-flow&dd-api-key=pub806610d40273e3c9949beee60f9651ba&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=12fab68a-03ec-40c2-ad7e-5c9b85a65b9a&batch_time=1736480878135

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

89c913ee7fb457ed0097adc44c2ba41de788009a0aba54f514e67ead22a13f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://consultation.grubaughortho.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Fri, 10 Jan 2025 03:47:57 GMT
content-type: application/json
dd-request-id: 12fab68a-03ec-40c2-ad7e-5c9b85a65b9a

GET
H/1.1 404
Not Found favicon.png
consultation.grubaughortho.com/ 0
317 B 122ms
122ms Other
text/plain 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Strict-Transport-Security: max-age=2592000
Content-Security-Policy: frame-ancestors 'self'
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Content-Length: 0
Date: Fri, 10 Jan 2025 03:47:57 GMT
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

GET
H/1.1 404
Not Found favicon.jpg
consultation.grubaughortho.com/ 0
317 B 123ms
123ms Other
text/plain 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/favicon.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Strict-Transport-Security: max-age=2592000
Content-Security-Policy: frame-ancestors 'self'
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Content-Length: 0
Date: Fri, 10 Jan 2025 03:47:57 GMT
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

GET
H/1.1 404
Not Found favicon.ico
consultation.grubaughortho.com/ 0
317 B 123ms
122ms Other
text/plain 20.49.97.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://consultation.grubaughortho.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.97.24 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

Strict-Transport-Security: max-age=2592000
Content-Security-Policy: frame-ancestors 'self'
Request-Context: appId=cid-v1:d736acac-9e56-4b94-86e6-72758f9935f4
Content-Length: 0
Date: Fri, 10 Jan 2025 03:47:58 GMT
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
57 B 41ms
40ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QXFC9B1DW6&gtm=45je5190v871494641za200zb77260475&_p=1736480876117&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=956684005.1736480878&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fconsultation.grubaughortho.com%2F&dr=&sid=1736480877&sct=1&seg=0&dt=New%20Patient%20Booking&en=scroll&ep.gtm_container_id=GTM-PKMTQDQ&ep.gtm_container_version=167&ep.previous_url=&epn.percent_scrolled=90&_et=26&tfd=7591
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://consultation.grubaughortho.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://consultation.grubaughortho.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 03:48:02 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTBJTTJNGTM-PHBN5XX

Domain: consultation.grubaughortho.com
URL: blob:https://consultation.grubaughortho.com/5f4b7468-d3ae-43b0-b70a-eaa84c6b1500

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.consultation.grubaughortho.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 95de550bdaea1d0572f0b83b701edd9a47f84c19c36b34865b04b616284393bb
.consultation.grubaughortho.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 95de550bdaea1d0572f0b83b701edd9a47f84c19c36b34865b04b616284393bb
.grubaughortho.com/	1970-01-21 04:30:56	Name: _gcl_au Value: 1.1.1909209309.1736480877
.simpli.fi/	1970-01-21 11:08:23	Name: suid Value: 1A613ED9C00F44F29766D0F144E754AD
.grubaughortho.com/	1970-01-21 11:57:20	Name: _ga_QXFC9B1DW6 Value: GS1.1.1736480877.1.0.1736480877.60.0.0
.doubleclick.net/	1970-01-21 02:21:21	Name: test_cookie Value: CheckForPermission
tags.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id Value: s%3A0-e4d90888-68a9-5b01-4e8a-8879ead9e512.FFBcVvgKy3fGjjK8t05uuSQ5SCFq0Mc2Zv%2Bm8G3frSg
.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id Value: s%3A0-e4d90888-68a9-5b01-4e8a-8879ead9e512.FFBcVvgKy3fGjjK8t05uuSQ5SCFq0Mc2Zv%2Bm8G3frSg
tags.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id-v2 Value: s%3A5NkIiGipWwFOioh56tnlEpVYG1E.H4dbr8XSxgt3x5nHTtwG8tvhjIqR%2Bf2CQ8ermt3Oigo
.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id-v2 Value: s%3A5NkIiGipWwFOioh56tnlEpVYG1E.H4dbr8XSxgt3x5nHTtwG8tvhjIqR%2Bf2CQ8ermt3Oigo
tags.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id-v3 Value: s%3AAQAKINEyqovjuXl0LGo8jCOJeqLPOwXn81JZCANX0DB5kdJbENYBGAQg7bCCvAYwAToExbdv9kIEOPwwfQ.hMraY8d5TGO7nzIlffyNzVhRxIxOjz3lTp6p3p46sf8
.srv.stackadapt.com/	1970-01-21 11:06:56	Name: sa-user-id-v3 Value: s%3AAQAKINEyqovjuXl0LGo8jCOJeqLPOwXn81JZCANX0DB5kdJbENYBGAQg7bCCvAYwAToExbdv9kIEOPwwfQ.hMraY8d5TGO7nzIlffyNzVhRxIxOjz3lTp6p3p46sf8
consultation.grubaughortho.com/	1970-01-21 11:06:56	Name: sa-user-id Value: s%253A0-e4d90888-68a9-5b01-4e8a-8879ead9e512.FFBcVvgKy3fGjjK8t05uuSQ5SCFq0Mc2Zv%252Bm8G3frSg
consultation.grubaughortho.com/	1970-01-21 11:06:56	Name: sa-user-id-v2 Value: s%253A5NkIiGipWwFOioh56tnlEpVYG1E.H4dbr8XSxgt3x5nHTtwG8tvhjIqR%252Bf2CQ8ermt3Oigo
consultation.grubaughortho.com/	1970-01-21 11:06:56	Name: sa-user-id-v3 Value: s%253AAQAKINEyqovjuXl0LGo8jCOJeqLPOwXn81JZCANX0DB5kdJbENYBGAQg7bCCvAYwAToExbdv9kIEOPwwfQ.hMraY8d5TGO7nzIlffyNzVhRxIxOjz3lTp6p3p46sf8
.grubaughortho.com/	1970-01-21 02:22:47	Name: _uetsid Value: ae31ffa0cf0511efac84e79364a33ea0
.grubaughortho.com/	1970-01-21 11:42:56	Name: _uetvid Value: ae31fcd0cf0511efa5a2397090e1c590
.grubaughortho.com/	1969-12-31 23:59:59	Name: __rafm Value: FS1736480877611
.grubaughortho.com/	1970-01-21 04:30:56	Name: _fbp Value: fb.1.1736480877628.920332152734765748
.quantserve.com/	1970-01-21 11:51:35	Name: mc Value: 6780986d-a858a-928e1-10bf1
.bing.com/	1970-01-21 11:42:56	Name: MUID Value: 2131B974F2D360091051AC04F3586159
.grubaughortho.com/	1970-01-21 11:57:20	Name: __rasesh Value: RA:1736480877.2505579345.28F7E41692F8E55AB21C7A5609D3630030F4B1F9
.grubaughortho.com/	1970-01-21 11:45:49	Name: __qca Value: P0-337235436-1736480877649
www.clarity.ms/	1970-01-21 11:06:56	Name: CLID Value: be3ef0f26d324cd29af79f547b631c12.20250110.20260110
.grubaughortho.com/	1970-01-21 11:06:56	Name: _clck Value: 1xp7ipd%7C2%7Cfsg%7C0%7C1836
.grubaughortho.com/	1970-01-21 11:57:20	Name: _ga Value: GA1.2.956684005.1736480878
.grubaughortho.com/	1970-01-21 02:22:47	Name: _gid Value: GA1.2.1170098980.1736480878
.grubaughortho.com/	1970-01-21 02:21:20	Name: _gat_UA-77327638-1 Value: 1
.c.bing.com/	1970-01-21 02:31:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:42:56	Name: SRM_B Value: 2131B974F2D360091051AC04F3586159
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:42:56	Name: MUID Value: 2131B974F2D360091051AC04F3586159
.c.clarity.ms/	1970-01-21 02:31:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 02:21:21	Name: ANONCHK Value: 0
.grubaughortho.com/	1970-01-21 02:22:47	Name: _clsk Value: 1kjacih%7C1736480878783%7C1%7C1%7Co.clarity.ms%2Fcollect
consultation.grubaughortho.com/	1970-01-21 02:21:21	Name: _dd_s Value: logs=1&id=59353de5-797d-49f4-911f-acd5ac567149&created=1736480876264&expire=1736481776283&rum=1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://consultation.grubaughortho.com/favicon.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://consultation.grubaughortho.com/favicon.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://consultation.grubaughortho.com/favicon.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://consultation.grubaughortho.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.nyltx.com
bat.bing.com
c.bing.com
c.clarity.ms
call-tracking.leadsigma.com
cdn.callrail.com
cdn.jsdelivr.net
cdn.leadsigma.com
cdn.mouseflow.com
cdn3.devexpress.com
connect.facebook.net
consultation.grubaughortho.com
fonts.googleapis.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
o.clarity.ms
pixel-ssn.quantserve.com
pixel.quantserve.com
region1.analytics.google.com
ruler.nyltx.com
rules.quantcount.com
rum.browser-intake-datadoghq.com
secure.quantserve.com
session-replay.browser-intake-datadoghq.com
stappsmiledoctorscom.blob.core.windows.net
stats.g.doubleclick.net
tag.simpli.fi
tags.srv.stackadapt.com
td.doubleclick.net
www.clarity.ms
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
consultation.grubaughortho.com
www.googletagmanager.com
104.18.10.207
104.18.27.50
13.33.219.205
13.74.129.1
142.250.186.68
142.250.74.194
157.240.0.35
157.240.253.1
18.194.6.240
18.245.60.48
20.150.88.164
20.49.97.24
2001:4860:4802:32::178
2001:4860:4802:32::36
2600:1f18:24e6:b900:1933:3aac:154f:f044
2600:1f18:24e6:b902:e624:b6ab:b063:5e49
2600:9000:223c:5c00:6:44e3:f8c0:93a1
2600:9000:2724:1200:15:141a:1fc0:93a1
2600:9000:2724:e00:17:d012:4f00:93a1
2606:4700:4400::ac40:93bc
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:33:1::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c0a::9a
2a04:4e42:400::485
35.177.168.187
35.204.89.238
52.152.143.207
54.227.107.50
91.228.74.200
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00d6d1850a6218b99de8a73d0794035b42e43f72d1320cb21d5d9b2af2b4bdfb
00d8037e4cddef94d55426afa7e9ef92fd3f005a1f1f8e60833ecc26958ab4e5
042438951a47ab00bfdc664cbee049756939e489301e2cdf3f115f33c358d7b3
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0b680692bdbddadc58dd8c8263d7b29cae9847a8968dd7ec0f8245e836c1209f
11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499
19ff61dd89da031a455c5ae117ed36a2e54895f337e6cc3fd629e20c1aecfc64
1a348b534e8a564459688fd0583aa1e018a107b6c224bb43a3a1c25aa53c647f
1ca2273be88a5129b771bdbf3345b10d6495c282bd1fe23a8d8b5550b37112a0
1cd89b8eb1d8b6240e5a112f399632437dade61e847d61e83b6ae8f74d1103b2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
207393902fc5b673424da0b95213a3446c40ddf9aeb2b24b48e8a1eaa9d6a834
231003c330da04c47678a3846e90bf58cc7ce1bd4a436bcc4024ab66bbf50a73
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
322595ef8eb7eb9512e35e580e1c7890e64f6e15bb6df1fa8d264e36a5edfd9d
32cb9979e53790c917d5466f448a24afd95213163c11a1661b26635192284005
3aee3c80ec364fa0445196f4ca91dade3d5d54f62a0a77e511537bd775148801
3db234c2724cd71a68341a34d4a10f99dff11cee3ec0a8b7988a96cc94117dfe
3e748a1f68b545c58ca11c22a3d05c31642a0e86714703956438fa3ce1258371
44c1c3cfd7bdb601183514f2e4c9492bae1edfb20fda4d2a76cb8bd08007af53
488b085dcf202d6539e93ced4501be26c264ee4a468de2fe1c08db7502c2d7e9
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4d8e0118ebcd9399cc63c746e104cd89a2fa4caa1063c3c0d45edeca06b9a4da
51c27af1ef7ba6e024927665c5a00e38b49dd6eddfac2f7e3828d9c3019e9e6f
5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5798ec760f8006134f5ecbca66b053bbd2b7256332d1a6122bc965324100d156
57fbb17bdd8a33539ce8cbff8e5cf6e8fa7ed468b7430e95dbe56d30fd050f6d
589d66402e16eec27fea79da1dd927fa8393c00338f2d49de63a20bfe388a0d1
5d31f7743a001630f1b475202793a71e6cc011fdde69a2724a47f964e826b60a
622be33be1d1571a1a932fb735bf0f1d9fe117e0cf075f292b0e3cebf52f0e80
6ba3f6070c7ad58690304e3f1d8fac68f1e8ba9429cb9ff9b355e94750b736a2
75260a1750c581bc957216db7889677d3b7fd48c392d39c7e810ac4355e638fd
7d1123cde26edcad063ce8ee7fb9eb805bda93474c57857978a446ecfcd9446c
804bf2f0676a8aecfef8c83eb5b8766e348ced01cc49fb1206fbb0e43fb556a1
80aeb14c615f71c4fbdaf41c5deb4099b45f05d2ad2fd9e127fb4ac379748d54
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a5d63a8b151a416f5f6a6b0fcb2b6cac308550e6eb0afedd4c99fca670c100
89213b63a3f2812c1876ce945beb01fc0672ae48fb5a5f4646db54b0f8e56c42
89c913ee7fb457ed0097adc44c2ba41de788009a0aba54f514e67ead22a13f86
9349b7e98d8dfefc95f1d1ccc079c14ef2a28f282b75dd3d2e1c165faf1c06af
96d337d11501960ed43bce88c7d244685acc2131fc0216154da8cc1c7423f632
9971f1c7515410ebf7833fe01e427a7ac97ccd0ca79cc89c64dfe232b273fbb9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9de5267867ac2412000bf351a5290c4087047e90e1c4fbbaf0dd4d076d3afaca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a25a2a801e2d01d4a0d5760df8b15646e1e50947ab7a5109250c5685a5438e9b
a28d76c983b06d87eb2c6d6deaff7e1d4faf32f12794a92bd5e21c754c06ed9b
a3496e0c167bdf977c014625eff7848e3d7bd913a6faefc0f067fbab7d74700b
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b2960d8b7f850294418b5a922fa63b672203a11af92b1e919a2bba5a908c17b2
b67895193a082270359c6de81ae484f10d6f6175bce897880aa1a09e1b972ee4
bb1932b5f97c1cbdcebc4d89fabc6516977ba8a85939cbd1f280e365a1168ce9
cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d162582109b0cd34024d985cd1fc61f9a8d2d8ba75a491821a41086f24ac9528
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d257ce4c739f994285392c9a8556fa8e1cdbb7e77794a16d80a9d9571d96ae7d
d5fbb34aca5f785a88b8159a8be78256a67f1777260cce019af6dc33855650e0
d6f3df8d70541482a6797e590622f7562b6e059c06995c2a57c43eecd4f3e539
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e20895cba5461222599ac06fe26d6d2fef879fedfd90967542803ad8c7aacb8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4120ff43c6fe8963641115bdce1814413b0b3e9b2368364d190eaed07ea0907
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49c87c75bbfc7ff6fc8d0102a969b152cca0aad522f2883cd14354ce47b3c5e
f6dab0419fcfa1a495cbeb35c5d2c83ab8a38ca97bb848217be8e2c2013aa80b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

consultation.grubaughortho.com Open in urlscan Pro 20.49.97.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

96 %HTTPS

53 %IPv6

26 Domains

39 Subdomains

36 IPs

7 Countries

2732 kBTransfer

10344 kBSize

36 Cookies

0 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

consultation.grubaughortho.com Open in urlscan Pro
20.49.97.24 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

96 %
HTTPS

53 %
IPv6

26
Domains

39
Subdomains

36
IPs

7
Countries

2732 kB
Transfer

10344 kB
Size

36
Cookies

104 HTTP transactions
0 data transactions