promotion.newdermaclinic.com Open in urlscan Pro
2606:4700:4400::ac40:98a6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promotion.newdermaclinic.com/
Submission: On July 03 via api (July 3rd 2024, 8:35:45 am UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2606:4700:4400::ac40:98a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is promotion.newdermaclinic.com.
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.

This is the only time promotion.newdermaclinic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:440... 2606:4700:4400::ac40:98a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6812:115f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.235.158 104.21.235.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700::68... 2606:4700::6812:105f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
39	10

1 2606:4700:4400::ac40:98a6 (United States)

ASN13335 (CLOUDFLARENET, US)

promotion.newdermaclinic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:115f (United States)

ASN13335 (CLOUDFLARENET, US)

stcdn.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.158 (None, )

ASN13335 (CLOUDFLARENET, US)

apisystem.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:105f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

backend.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

capig.digitalniche.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	leadconnectorhq.com 1 redirects stcdn.leadconnectorhq.com — Cisco Umbrella Rank: 38159 backend.leadconnectorhq.com — Cisco Umbrella Rank: 42804 services.leadconnectorhq.com — Cisco Umbrella Rank: 49457 images.leadconnectorhq.com — Cisco Umbrella Rank: 72403	2 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	79 KB
3	gstatic.com fonts.gstatic.com	79 KB
2	digitalniche.us capig.digitalniche.us	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	152 KB
1	apisystem.tech apisystem.tech — Cisco Umbrella Rank: 147006	903 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	16 KB
1	newdermaclinic.com promotion.newdermaclinic.com	49 KB
39	9

	Domain	Requested by
18	stcdn.leadconnectorhq.com	promotion.newdermaclinic.com stcdn.leadconnectorhq.com
4	www.facebook.com	promotion.newdermaclinic.com
4	use.fontawesome.com	promotion.newdermaclinic.com use.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
2	capig.digitalniche.us	connect.facebook.net
2	connect.facebook.net	promotion.newdermaclinic.com connect.facebook.net
2	images.leadconnectorhq.com	promotion.newdermaclinic.com
1	services.leadconnectorhq.com	promotion.newdermaclinic.com
1	backend.leadconnectorhq.com	1 redirects
1	apisystem.tech	promotion.newdermaclinic.com
1	fonts.googleapis.com	promotion.newdermaclinic.com
1	promotion.newdermaclinic.com
39	12

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
promotion.newdermaclinic.com WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
stcdn.leadconnectorhq.com GTS CA 1P5	`2024-05-05` - `2024-08-03`	3 months	crt.sh
apisystem.tech WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
leadconnectorhq.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
images.leadconnectorhq.com GTS CA 1P5	`2024-05-05` - `2024-08-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-11` - `2024-07-10`	3 months	crt.sh
capig.digitalniche.us E1	`2024-06-05` - `2024-09-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://promotion.newdermaclinic.com/
Frame ID: 8A4A6D0D180F02BF4EC5EC3B68C3A6B0
Requests: 38 HTTP requests in this frame

Frame: https://services.leadconnectorhq.com/reputation/widgets/review_widget/ktntzb6Ml9ZL01ikeNzu
Frame ID: A90BCF4C4F0F028B891D6CA750B58AC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

39
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

12
Subdomains

10
IPs

4
Countries

2805 kB
Transfer

5340 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/search/?api=1&query=Google&query_place_id=ChIJL3q4QVP554kRv9333Z929nA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://backend.leadconnectorhq.com/appengine/reviews/get_widget/ktntzb6Ml9ZL01ikeNzu HTTP 302
https://services.leadconnectorhq.com/reputation/widgets/review_widget/ktntzb6Ml9ZL01ikeNzu

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promotion.newdermaclinic.com/ 336 KB
49 KB 2081ms
2028ms Document
text/html 2606:4700:4400::ac40:98a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Nuxt
Resource Hash: f070676cbf6b9f4a042dbc016a7cd16a37d3c64b779ecd8f17e616c266af08e7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private
cf-cache-status: MISS
cf-ray: 89d58b14ba17a073-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 03 Jul 2024 08:35:40 GMT
last-modified: Wed, 03 Jul 2024 08:35:40 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
via: 1.1 google
x-cloud-trace-context: acc5759006674249417444d1a07d19da
x-powered-by: Nuxt

GET
H2 200 regular.css
use.fontawesome.com/releases/v5.15.4/css/ 677 B
821 B 213ms
158ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/regular.css
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"49c10bd7921f287bbd5b1180cb008e10"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y43p8QjI0076yS1VBm10G%2FqWS3N19zwBJ%2FeoXr6q87IrXp0oFIEYKxs6QT7QpahorDVKSnCSzwLLETgejrsG%2FQRw0SL8v0SLr%2BrjbFRBIbhqXbjanKfUnIwBZR66QT3quGMyqy7wMbEwgt5Id%2BmOvnz3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89d58b21db4d18e9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 solid.css
use.fontawesome.com/releases/v5.15.4/css/ 669 B
614 B 223ms
170ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/solid.css
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rp2VsLBStC0CfcS4L5mKyNKqCKiXl45GjvsautPN6rHExfe%2Bu63UeNN1tlWm9yYjcQ8uvPQOW6NC0R8mmKj1tEcnHUn6JWzrduZnI7jkjD1wbONrxn9PGLLZajL2y7vww%2B4huku9UNtMUG%2BVG60hpufX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89d58b21db5118e9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.15.4/css/ 675 B
615 B 273ms
219ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/brands.css
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c213c9e855a714f04273ad8ddfec94a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcyK%2BbqMpDGAELLWrOcnWC667GlflYXUZ7dy09tvEfnq0LD3AHcbfH1P%2Fy0mch0F%2Fefr6mH%2BvU6p7pkhGmqwru6xFJSlH3227yqxKKWsAFmz3FHkm6qOy4luM5nBAhVijf4pxxloZKK%2BPXfU5ewr20tZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89d58b21db5618e9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 135 KB
16 KB 324ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,500,600,700,800,900%7COpen%20Sans:400,500,600,700,800,900%7CMontserrat:400,500,600,700,800,900%7CCairo:400,500,600,700,800,900%7CCrafty%20Girls:400,500,600,700,800,900%7CCute%20Font:400,500,600,700,800,900%7CCroissant%20One:400,500,600,700,800,900%7CFresca:400,500,600,700,800,900%7CAcme:400,500,600,700,800,900%7CAlef:400,500,600,700,800,900%7CAsap:400,500,600,700,800,900%7CBilbo%20Swash%20Caps:400,500,600,700,800,900%7CBilbo:400,500,600,700,800,900%7CChivo:400,500,600,700,800,900%7CChewy:400,500,600,700,800,900%7CGabriela:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900&display=swap

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7caf18a1ed9a00ed96f25c4f7b1fdb3ec1b60c1e9f71003dfe79505d1771198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 08:35:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jul 2024 08:35:40 GMT

GET
H2 200 element_animation.css
stcdn.leadconnectorhq.com/funnel/css/ 23 KB
2 KB 89ms
30ms Stylesheet
text/css 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/funnel/css/element_animation.css

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936859c206147395cd62c6965c8dced9ae5c5af82b16d5fe9fba21dd5587fcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
strict-transport-security: max-age=3104000
content-encoding: gzip
cf-cache-status: HIT
age: 1367
x-guploader-uploadid: ACJd0NoMhn7GNWB8vHvFy3k2qqT29gf_APNgldSGmZmeUy5P5vrr7q4YjoUjWuwfakavl59L1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 25 Jun 2024 10:51:31 GMT
server: cloudflare
etag: W/"1fa285934bc8c14e64becd2266d51183"
vary: Accept-Encoding
x-goog-hash: crc32c=7N90sA==, md5=H6KFk0vIwU5kvs0iZtURgw==
x-goog-generation: 1719312691729290
access-control-allow-origin: *
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 23147
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache, Content-Disposition
cf-ray: 89d58b21db731919-FRA
expires: Wed, 03 Jul 2024 12:35:40 GMT

GET
H3 200 reviews_widget.js Show response
apisystem.tech/js/ 644 B
903 B 206ms
162ms Script
text/javascript 104.21.235.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apisystem.tech/js/reviews_widget.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.158 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e35407980eaf754e9c29f050f573e9cfb88239f097d69d8dae13d9c5872c040

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
strict-transport-security: max-age=2592000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
etag: W/"ny8yvw"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igCw1jqjDubs1ILYTps%2Bya0uiYz3DbifRRMqAXACCVISkgiEWlN3NIQH77q8ZrYMvGKe%2BplDnX7pEs%2FE13Ku%2Flujws77FTPRZb7qyZifuYjh6i0OQMfk4YG0HMRog78EaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
vary: Accept-Encoding
x-cloud-trace-context: 7bee09fdf72d0c0c8410c9eb7648f51e
cache-control: max-age=14400, must-revalidate
cf-ray: 89d58b21c88d30ea-FRA
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 entry.7c50bb2a.js Show response
stcdn.leadconnectorhq.com/_preview/ 346 KB
101 KB 171ms
144ms Script
application/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439f17f337315d4c13171ba7a2b1350b6fb6f59b0f7c9424a8ea443b174d8b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NpU_1lQ84erh2h2RT8t_TEWpveX9Vi3ftXbSP2W4YX53-xAgnBorFaGuTFpjWgC2MmeqnAOtu4HoA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 103055
last-modified: Wed, 03 Jul 2024 07:15:04 GMT
server: cloudflare
etag: "230b8fcf217315be40b5360c7b669ee6"
vary: Accept-Encoding
x-goog-generation: 1719990904360122
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=3nVZxg==, md5=IwuPzyFzFb5AtTYMe2ae5g==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 103055
accept-ranges: bytes
cf-ray: 89d58b21fea165cf-FRA
expires: Thu, 03 Jul 2025 08:35:40 GMT

GET
H2 200 payment-warning.dd3003de.svg
stcdn.leadconnectorhq.com/_preview/ 0
528 B 22ms
21ms Other
image/svg+xml 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/payment-warning.dd3003de.svg
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1873170
x-guploader-uploadid: ABPtcPo5IpQWcEsDPOUgraBNh3wTSnzYYp6qIJjT1MDhJfQh2iT89ON862Ols08B67PM21EFVA0S6SwCmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 208
last-modified: Wed, 06 Mar 2024 06:40:38 GMT
server: cloudflare
etag: "addd9c0c8d834679678dc933f147c20e"
vary: Accept-Encoding
x-goog-generation: 1709707238909933
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=GFPCHg==, md5=rd2cDI2DRnlnjckz8UfCDg==
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache, Content-Disposition
cache-control: public, max-age=31536000
x-goog-stored-content-length: 208
accept-ranges: bytes
cf-ray: 89d58b235d8f1919-FRA
expires: Thu, 03 Jul 2025 08:35:40 GMT

GET
H2

200

ktntzb6Ml9ZL01ikeNzu
services.leadconnectorhq.com/reputation/widgets/review_widget/ Frame A90B
Redirect Chain

https://backend.leadconnectorhq.com/appengine/reviews/get_widget/ktntzb6Ml9ZL01ikeNzu
https://services.leadconnectorhq.com/reputation/widgets/review_widget/ktntzb6Ml9ZL01ikeNzu

0
0

380ms
370ms

Document
text/html

2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.leadconnectorhq.com/reputation/widgets/review_widget/ktntzb6Ml9ZL01ikeNzu

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://promotion.newdermaclinic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 89d58b2489b43a6d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Jul 2024 08:35:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-envoy-upstream-service-time: 236
x-powered-by: Express

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 89d58b23988d3a6d-FRA
content-type: text/html; charset=utf-8
date: Wed, 03 Jul 2024 08:35:40 GMT
location: https://services.leadconnectorhq.com/reputation/widgets/review_widget/ktntzb6Ml9ZL01ikeNzu
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept
x-envoy-upstream-service-time: 2
x-powered-by: Express

GET
H2 200 6679bf92cb18605d41412c0b.svg
images.leadconnectorhq.com/image/f_webp/q_80/r_1200/u_https://assets.cdn.filesafe.space/ktntzb6Ml9ZL01ikeNzu/media/ 3 MB
2 MB 224ms
197ms Image
image/svg+xml 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.leadconnectorhq.com/image/f_webp/q_80/r_1200/u_https://assets.cdn.filesafe.space/ktntzb6Ml9ZL01ikeNzu/media/6679bf92cb18605d41412c0b.svg
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e09cc4a4997f944b9bd43ab3a0fea228e5ee94046f4d23ba4536659b25444bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 21:37:12 GMT
server: cloudflare
etag: W/"1719869832.6089473-3665535-873992761"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=15780000
content-disposition: inline; filename=dbe7ae605639ee14d07c0b6657d6b7e5_1200.svg+xml
cf-ray: 89d58b236d6839c8-FRA
expires: Wed, 01 Jan 2025 23:55:40 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 161ms
161ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/solid.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.15.4/css/solid.css
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdTVyrnzxwc3a0h%2BbGpgn0IghmLhogz1W86Nv4KXY7u64utInJal2FJjon9aYFSoMxIeaQsf80cchRy%2Blpa%2BGVjd1%2FRcYXD64vEqL2KAz2GtdTdlhx%2BjUmeTf5pgeZVZMaLwVF%2Bg0zRVeNz9e5sxiVRq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89d58b238dbb18e9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78268

GET
H2 200 7aa642a0-1f7a-437a-9059-88985821074a.png
images.leadconnectorhq.com/image/f_webp/q_80/r_1200/u_https://assets.cdn.filesafe.space/ktntzb6Ml9ZL01ikeNzu/media/ 11 KB
12 KB 24ms
23ms Image
image/webp 2606:4700::6812:105f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.leadconnectorhq.com/image/f_webp/q_80/r_1200/u_https://assets.cdn.filesafe.space/ktntzb6Ml9ZL01ikeNzu/media/7aa642a0-1f7a-437a-9059-88985821074a.png
Requested by: Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:105f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6425319845b89a420ababad6ea2d382f00946824003d323e4a26c32561a89c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
via: 1.1 google
cf-cache-status: HIT
age: 125904
content-disposition: inline; filename=3942cac47dc3f72b017d25936d8bad88_1200_80.webp
content-length: 11590
last-modified: Fri, 28 Jun 2024 19:24:25 GMT
server: cloudflare
etag: "1719602665.5175552-11590-1007817226"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=15780000
accept-ranges: bytes
cf-ray: 89d58b238d8e39c8-FRA
expires: Wed, 01 Jan 2025 23:55:40 GMT

GET
H2 200 index.2b79661d.js Show response
stcdn.leadconnectorhq.com/_preview/ 58 KB
20 KB 142ms
142ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55c10c80f91cc422149ec219fda1d755638e7c69eec8ba2ac658def64c6b04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:40 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NqhuNOpNNYWqvdVrhaZymzPiqtI-drw8vNQ1zJmIWHCAVFY6YvvmeWuhRtjT_lQZhV8XglVrndk_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 19776
last-modified: Wed, 03 Jul 2024 07:20:00 GMT
server: cloudflare
etag: "952fc46e3542b423dcd2b922c9155036"
vary: Accept-Encoding
x-goog-generation: 1719991200247586
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=wLEiHg==, md5=lS/EbjVCtCPc0rkiyRVQNg==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 19776
accept-ranges: bytes
cf-ray: 89d58b23a89465cf-FRA
expires: Thu, 03 Jul 2025 08:35:40 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 40ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700,800,900%7COpen%20Sans:400,500,600,700,800,900%7CMontserrat:400,500,600,700,800,900%7CCairo:400,500,600,700,800,900%7CCrafty%20Girls:400,500,600,700,800,900%7CCute%20Font:400,500,600,700,800,900%7CCroissant%20One:400,500,600,700,800,900%7CFresca:400,500,600,700,800,900%7CAcme:400,500,600,700,800,900%7CAlef:400,500,600,700,800,900%7CAsap:400,500,600,700,800,900%7CBilbo%20Swash%20Caps:400,500,600,700,800,900%7CBilbo:400,500,600,700,800,900%7CChivo:400,500,600,700,800,900%7CChewy:400,500,600,700,800,900%7CGabriela:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900%7CRoboto:400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:56:54 GMT
x-content-type-options: nosniff
age: 63526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:56:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 12:59:20 GMT
x-content-type-options: nosniff
age: 502580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 12:59:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 01:29:01 GMT
x-content-type-options: nosniff
age: 543999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 01:29:01 GMT

GET
H2 200 constants.8ac9ebfa.js Show response
stcdn.leadconnectorhq.com/_preview/ 132 KB
43 KB 157ms
155ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/constants.8ac9ebfa.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e488d2825f442729c23d9bfdd6fa79e6ed235f64e6e6bc99407065569b5eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NrmvtlJodaa9tnTwvX-MmL2nfx8f8Xf0W1DnTQT2nMk3dwIjGcJ6uuPwIfAver1zdFS1qc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 43409
last-modified: Wed, 03 Jul 2024 07:19:45 GMT
server: cloudflare
etag: "c1cfe2761ccc655bebb83ed3b1e24870"
vary: Accept-Encoding
x-goog-generation: 1719991185764536
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=gF1svg==, md5=wc/idhzMZVvruD7TseJIcA==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 43409
accept-ranges: bytes
cf-ray: 89d58b2499a065cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 HLImage.vue.fa50a436.js Show response
stcdn.leadconnectorhq.com/_preview/ 3 KB
2 KB 144ms
142ms Script
application/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HLImage.vue.fa50a436.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610108d6188483e064df1703dc627d4843397a8d972900940117bd795e02e9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NpZdPhuOYd0L6si-tR6l9lwqXGXYaNGV4MfIQxPHL06QkRTOHqhnhgL4Dll5vjlx9NbJxPP_yP3Hg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 1024
last-modified: Wed, 03 Jul 2024 07:15:04 GMT
server: cloudflare
etag: "da0bb8ebeae832f0caa82329efd54772"
vary: Accept-Encoding
x-goog-generation: 1719990903885369
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=WmQwWQ==, md5=2gu46+roMvDKqCMp79VHcg==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1024
accept-ranges: bytes
cf-ray: 89d58b2499a365cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 useRedirectAction.f202a3b6.js Show response
stcdn.leadconnectorhq.com/_preview/ 6 KB
2 KB 152ms
150ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/useRedirectAction.f202a3b6.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

181e563db32c8ed6a933ffda255cea484c84a738591a92a060f54f197a7c0886

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NpdNlrXPN01oF5fyPC0tURJFgC7xlWl56TV5yNnp56qa208DkitpdCwHtf4hmG9APy4KZI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 2118
last-modified: Wed, 03 Jul 2024 07:19:50 GMT
server: cloudflare
etag: "bb8c02d88da5ab5c96dee735cdf2258c"
vary: Accept-Encoding
x-goog-generation: 1719991190695633
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=3TVCIw==, md5=u4wC2I2lq1yW3uc1zfIljA==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2118
accept-ranges: bytes
cf-ray: 89d58b2499a665cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 client-only.cd8c71df.js Show response
stcdn.leadconnectorhq.com/_preview/ 463 B
615 B 453ms
451ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/client-only.cd8c71df.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0999970096af56f0b4f141ed5bc0083060560e8c22f4773a874252604ff346c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NpBO-t3CwQ1C_doc-9ychIYjaSHwUREZVL05p4Gmqj9SWQLTqHJ9WLX7m_6zrYwc8ttcrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 315
last-modified: Wed, 03 Jul 2024 07:19:02 GMT
server: cloudflare
etag: "bafebc72409c0a3e7cade62b1297da6c"
vary: Accept-Encoding
x-goog-generation: 1719991142646911
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=jXNKkA==, md5=uv68ckCcCj58reYrEpfabA==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 315
accept-ranges: bytes
cf-ray: 89d58b2499a765cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 HLConst.34c02e7c.js Show response
stcdn.leadconnectorhq.com/_preview/ 2 KB
1 KB 139ms
138ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HLConst.34c02e7c.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebd9722a12f66517e39151acd39be0fef9bf54895af0dd23678ac15abb516da

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: HIT
x-guploader-uploadid: ACJd0Np8y-mn1B2J-rZZyMgmxBLKrKJMp5FISN0qy9J2owuyr4WNHX3pWPovcCya0sBAljDk_mupJWqihg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 965
last-modified: Thu, 27 Jun 2024 12:06:25 GMT
server: cloudflare
etag: "dd96c92f023ad8e06465be9ab1eeed8d"
vary: Accept-Encoding
x-goog-generation: 1719489985462631
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=JJE+TQ==, md5=3ZbJLwI62OBkZb6ase7tjQ==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 965
accept-ranges: bytes
cf-ray: 89d58b2499aa65cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 HtmlPreview.vue.982a7994.js Show response
stcdn.leadconnectorhq.com/_preview/ 835 B
758 B 147ms
146ms Script
application/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/HtmlPreview.vue.982a7994.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee63f718ec3f0686daf2785dd5f3b51a49d1708402dbdc20e3adf0c15aaec3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0Nrp2BSCOp0rAaDzWNJLn6U5eIVIw7JMDJCO5LJbnXlFAg4wHxkJsWFv2cLSmTFful5d2u0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 538
last-modified: Wed, 03 Jul 2024 07:15:04 GMT
server: cloudflare
etag: "6b98037a56dde04637f99db452da7f7b"
vary: Accept-Encoding
x-goog-generation: 1719990904328408
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=TijXEQ==, md5=a5gDelbd4EY3+Z20Utp/ew==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 538
accept-ranges: bytes
cf-ray: 89d58b2499ab65cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 Attributions.dfc1cc76.js Show response
stcdn.leadconnectorhq.com/_preview/ 5 KB
2 KB 142ms
141ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/Attributions.dfc1cc76.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c90c73c51b5a44e1dfc578e34f59763fc03ac983777695836abeee7cb2ee4c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0Nq755RmW9dJQgXsIRTUfTRtTpwcXrg0j659ojQbkBhjMS6U-jh_3d0UHH7fO3EgBEzhQD-qHC9v5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 2156
last-modified: Wed, 03 Jul 2024 07:20:04 GMT
server: cloudflare
etag: "da78181ea1409a618e7a251a0b542146"
vary: Accept-Encoding
x-goog-generation: 1719991204059831
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=qywNcw==, md5=2ngYHqFAmmGOeiUaC1QhRg==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2156
accept-ranges: bytes
cf-ray: 89d58b2499ae65cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 index.37054e02.js Show response
stcdn.leadconnectorhq.com/_preview/ 7 KB
3 KB 149ms
148ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/index.37054e02.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b12a1bfdc421d44bce28adc995a4ee68038bef113d0a42eea2f8c35353b373e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0Nrzej_qAGveryILgsWbSGNw5BNe-qe6UNjaLgg_QDwGExCFhtk4TlNpEgB5bYjtjx4gdAAVDtN5hA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 2943
last-modified: Wed, 03 Jul 2024 07:19:44 GMT
server: cloudflare
etag: "c799fd5cb16ea02f8fee781630f320d2"
vary: Accept-Encoding
x-goog-generation: 1719991184742867
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=hkfM3w==, md5=x5n9XLFuoC+P7ngWMPMg0g==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2943
accept-ranges: bytes
cf-ray: 89d58b2499b065cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 FunnelServices.f3d30fe4.js Show response
stcdn.leadconnectorhq.com/_preview/ 1004 B
755 B 140ms
139ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/FunnelServices.f3d30fe4.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a83a80b763521f55c192a17791c51b12b80145714a64b5d96f5a989ad050a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NoFfthpGhUYK2QTYn6ASiK2OL2rgiQXJhL9Qfmy_p5ALLZr8wUbqOieW5xUnOhiz4bimlZ-Gqk6sQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 508
last-modified: Wed, 03 Jul 2024 07:19:57 GMT
server: cloudflare
etag: "282713878e474db5972a58c2c73c2146"
vary: Accept-Encoding
x-goog-generation: 1719991197574444
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=+iubwA==, md5=KCcTh45HTbWXKljCxzwhRg==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 508
accept-ranges: bytes
cf-ray: 89d58b2499b165cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 am_helper.b2bb9fbb.js Show response
stcdn.leadconnectorhq.com/_preview/ 923 B
1 KB 153ms
153ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/am_helper.b2bb9fbb.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5659bccb210ced29e6f347c93caed4355e6abe1285acdff473613db5754e7e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0Nq_sDYykJeqr8T6bMkY7i05Sum3vCV0dQQTQHPpBmaK9ow5e76aHp0zCwLfungamkbFXWxh5C4tfw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 551
last-modified: Wed, 03 Jul 2024 07:19:11 GMT
server: cloudflare
etag: "74575b60e12aecb7bae0e294e024587c"
vary: Accept-Encoding
x-goog-generation: 1719991151817972
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=mVi2YQ==, md5=dFdbYOEq7Le64OKU4CRYfA==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 551
accept-ranges: bytes
cf-ray: 89d58b2499b265cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 currency_helper.0e2fcc1c.js Show response
stcdn.leadconnectorhq.com/_preview/ 16 KB
4 KB 147ms
147ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/currency_helper.0e2fcc1c.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021faff34b4f478da6ea2021f9fcfbe934f47a7e8fe394c3a567c356b27aeebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/index.2b79661d.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: HIT
x-guploader-uploadid: ACJd0NqKOQHFnvfMAZPgeRSWHoyntH6laBTF7Pr6CQqrcChJW8e-waM4NMc-vI6mfLPbXjeostzUfvUtsg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 3858
last-modified: Thu, 27 Jun 2024 12:06:58 GMT
server: cloudflare
etag: "d7ee01a5eca52c3b5feb59bd9d80a1bc"
vary: Accept-Encoding
x-goog-generation: 1719490018891327
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Asoqqw==, md5=1+4BpeylLDtf61m9nYChvA==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3858
accept-ranges: bytes
cf-ray: 89d58b2499b865cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 i18n.config.45aa417d.js Show response
stcdn.leadconnectorhq.com/_preview/ 58 B
337 B 144ms
144ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/i18n.config.45aa417d.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b56338a8f6f0ce3008ac25c1f21cd54317b7490261477edd9632e7ccd058656

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NpwJ4qIaXVEspgrUBHPQHDnWFVSZRXhOsur5k0bV3ZHicHcXClhOtiDHtjYEzBOfLM1PitjtHIg8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 90
last-modified: Tue, 02 Jul 2024 07:29:36 GMT
server: cloudflare
etag: "b25ec6cbf156bfdee7221ece4dbcc111"
vary: Accept-Encoding
x-goog-generation: 1719905376497880
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Xhqs/w==, md5=sl7Gy/FWv97nIh7OTbzBEQ==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 90
accept-ranges: bytes
cf-ray: 89d58b276d7e65cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 08:35:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: IfJMQaRl5LEdDJoxdS5J2CxIBXFsVFkISogJmaClmrkyOjmNIYdsHpuX19kOo9QijtyENuXH0oILgsV7G6NbAQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.d7275d59.js Show response
stcdn.leadconnectorhq.com/_preview/ 770 B
742 B 135ms
135ms Script
text/javascript 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/_preview/page.d7275d59.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aeaa54679ef2c95a0f1f601216de386d2705860ce0c37aec3192e9ffbe33da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://stcdn.leadconnectorhq.com/_preview/entry.7c50bb2a.js
Origin: https://promotion.newdermaclinic.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:41 GMT
content-encoding: gzip
strict-transport-security: max-age=3104000
cf-cache-status: MISS
x-guploader-uploadid: ACJd0NolI6DINNWA4rz8toJl0ZSpuH2oOq4NYekVXE5bWD18Ci0Iz4on3N7xEeZUTWp4nAeFncWO5QBXtg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 494
last-modified: Wed, 03 Jul 2024 07:19:21 GMT
server: cloudflare
etag: "058bfbcc3b0d9568d46e049581da984f"
vary: Accept-Encoding
x-goog-generation: 1719991161794622
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=6AEhTw==, md5=BYv7zDsNlWjUbgSVgdqYTw==
access-control-expose-headers: Content-Disposition, Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 494
accept-ranges: bytes
cf-ray: 89d58b288f1d65cf-FRA
expires: Thu, 03 Jul 2025 08:35:41 GMT

GET
H2 200 602315898501414 Show response
connect.facebook.net/signals/config/ 299 KB
93 KB 285ms
284ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/602315898501414?v=2.9.160&r=stable&domain=promotion.newdermaclinic.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c198060a00cee372977b5a313385757165a2b5f25c72ccd268ca2a9fb1af24cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 08:35:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1297, tbw=63825, tp=-1, tpl=-1, uplat=272, ullat=0
pragma: public
x-fb-debug: gpy2NHs3zBE9kffI1F/vPyxjLKiyTGhRcRw30Wd9ljMsK+YL2TiPIPh3mFQS+QgVCibgROl+5P4sgib/Nuom5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 events Show response
capig.digitalniche.us/ 0
602 B 199ms
143ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.digitalniche.us/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/602315898501414?v=2.9.160&r=stable&domain=promotion.newdermaclinic.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jul 2024 08:35:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf5kBnBiTEho1b7dBtH0MM9nzBBUCYWL6qx51BSu0Cd1OkHcymZI9iPNbOIjIG7ucmK%2FwfHN4Bch%2Ffa48cCGLx7hBHm1z85dBvnhyRuMVqd5RxB%2FOGFv6gYT9aPBZBb5H1Ur1T9bhcg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://promotion.newdermaclinic.com
access-control-allow-credentials: true
cf-ray: 89d58b2cbf76a079-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 42ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=602315898501414&ev=ViewContent&dl=https%3A%2F%2Fpromotion.newdermaclinic.com%2F&rl=&if=false&ts=1719995742124&cd[content_type]=vehicle&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1719995742121.380161619857227522&eid=ob3_plugin-set_5b32de52f84b7f39b9eefc5cbcaa14dd6cad5bd69e9e4a666c9592c1e0ef9d10&cs_est=true&est_source=393629117033106&ler=empty&cdl=API_unavailable&it=1719995741564&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=3117, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jul 2024 08:35:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 189ms
160ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=602315898501414&ev=ViewContent&dl=https%3A%2F%2Fpromotion.newdermaclinic.com%2F&rl=&if=false&ts=1719995742124&cd[content_type]=vehicle&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1719995742121.380161619857227522&eid=ob3_plugin-set_5b32de52f84b7f39b9eefc5cbcaa14dd6cad5bd69e9e4a666c9592c1e0ef9d10&cs_est=true&est_source=393629117033106&ler=empty&cdl=API_unavailable&it=1719995741564&coo=false&es=automatic&tm=3&rqm=FGET

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xeaa2edf60a40421c","source_keys":["1","2"]},{"key_piece":"0x125b2d364c32c4af","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 03 Jul 2024 08:35:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387325462834693942", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1297, tbw=3272, tp=-1, tpl=-1, uplat=149, ullat=0
pragma: no-cache
x-fb-debug: j7Ol6muogGQTNlUnFoxEq6eHmL6RoCl3t9PM7/Q38EeEfMs3z+a6OYAYd41W+Ddhym/a4OREsd+ExLrDP/O4lA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387325462834693942"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 events Show response
capig.digitalniche.us/ 0
570 B 199ms
143ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.digitalniche.us/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/602315898501414?v=2.9.160&r=stable&domain=promotion.newdermaclinic.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jul 2024 08:35:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bfse2LC%2F77HbtvEbPxJ73A4UZ2dqxZigwunYVJiB%2BBrOGecKSLZyGvyNM2jCEmuV0xMZ%2BFLzSIfDQNB9J9MJh8n7vFXTz5bK39itwmiRGdTKpSHAIR6ls3%2F2FBUSoIQkn9MjVAN1Sks%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://promotion.newdermaclinic.com
access-control-allow-credentials: true
cf-ray: 89d58b2cbf7aa079-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 41ms
12ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=602315898501414&ev=PageView&dl=https%3A%2F%2Fpromotion.newdermaclinic.com%2F&rl=&if=false&ts=1719995742126&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1719995742121.380161619857227522&eid=ob3_plugin-set_153831b1f2112da24a51d15d4ee546b0de9026864f8aaecfee96d19555c4b87c&cs_est=true&ler=empty&cdl=API_unavailable&it=1719995741564&coo=false&rqm=GET

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2831, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jul 2024 08:35:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 216ms
188ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=602315898501414&ev=PageView&dl=https%3A%2F%2Fpromotion.newdermaclinic.com%2F&rl=&if=false&ts=1719995742126&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1719995742121.380161619857227522&eid=ob3_plugin-set_153831b1f2112da24a51d15d4ee546b0de9026864f8aaecfee96d19555c4b87c&cs_est=true&ler=empty&cdl=API_unavailable&it=1719995741564&coo=false&rqm=FGET

Requested by

Host: promotion.newdermaclinic.com
URL: https://promotion.newdermaclinic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xedf5a86e9b49eba4","source_keys":["1","2"]},{"key_piece":"0x1fa28a752620bc59","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 03 Jul 2024 08:35:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387325461680987248", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1297, tbw=6471, tp=-1, tpl=-1, uplat=172, ullat=0
pragma: no-cache
x-fb-debug: Qye1VLXy2BrMoXDOGiUw/L3f7Rw23EvZxDXPVXz0maTnhEeWLw31MDjdg2mxpmo2nODQxnkZ1bvkuTGv/ZqwCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387325461680987248"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 favicon.ico
stcdn.leadconnectorhq.com/funnel/icon/ 37 B
392 B 34ms
33ms Other
image/x-icon 2606:4700::6812:115f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stcdn.leadconnectorhq.com/funnel/icon/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:115f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Security Headers

Name	Value
Strict-Transport-Security	max-age=3104000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://promotion.newdermaclinic.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:35:42 GMT
strict-transport-security: max-age=3104000
cf-cache-status: HIT
age: 1775
x-guploader-uploadid: ACJd0Nq4WLHa_WkVBp7WmLoxu0l66p1XvBScQxxurWpMJ7S0i4dlRvPTZxN23KEoXy062rsnOwyaOeCQEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37
last-modified: Thu, 09 Jun 2022 13:15:55 GMT
server: cloudflare
etag: "455005e2f4b8ecc484500fab08619f70"
vary: Accept-Encoding
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1654780555081610
content-type: image/x-icon
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Range,Content-Range,X-From-Cache,Content-Disposition
cache-control: public, max-age=14400
x-goog-stored-content-length: 37
accept-ranges: bytes
cf-ray: 89d58b2dbe201919-FRA
expires: Wed, 03 Jul 2024 12:35:42 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newdermaclinic.com/	1970-01-20 23:56:11	Name: _fbp Value: fb.1.1719995742121.380161619857227522

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apisystem.tech
backend.leadconnectorhq.com
capig.digitalniche.us
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
images.leadconnectorhq.com
promotion.newdermaclinic.com
services.leadconnectorhq.com
stcdn.leadconnectorhq.com
use.fontawesome.com
www.facebook.com
104.21.235.158
188.114.97.3
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:98a6
2606:4700::6812:105f
2606:4700::6812:115f
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
021faff34b4f478da6ea2021f9fcfbe934f47a7e8fe394c3a567c356b27aeebc
181e563db32c8ed6a933ffda255cea484c84a738591a92a060f54f197a7c0886
3e09cc4a4997f944b9bd43ab3a0fea228e5ee94046f4d23ba4536659b25444bd
439f17f337315d4c13171ba7a2b1350b6fb6f59b0f7c9424a8ea443b174d8b94
4b56338a8f6f0ce3008ac25c1f21cd54317b7490261477edd9632e7ccd058656
4e35407980eaf754e9c29f050f573e9cfb88239f097d69d8dae13d9c5872c040
5659bccb210ced29e6f347c93caed4355e6abe1285acdff473613db5754e7e11
610108d6188483e064df1703dc627d4843397a8d972900940117bd795e02e9f3
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd
78a83a80b763521f55c192a17791c51b12b80145714a64b5d96f5a989ad050a1
7aeaa54679ef2c95a0f1f601216de386d2705860ce0c37aec3192e9ffbe33da1
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e
90e488d2825f442729c23d9bfdd6fa79e6ed235f64e6e6bc99407065569b5eac
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
936859c206147395cd62c6965c8dced9ae5c5af82b16d5fe9fba21dd5587fcdd
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aebd9722a12f66517e39151acd39be0fef9bf54895af0dd23678ac15abb516da
b0999970096af56f0b4f141ed5bc0083060560e8c22f4773a874252604ff346c
b12a1bfdc421d44bce28adc995a4ee68038bef113d0a42eea2f8c35353b373e5
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c198060a00cee372977b5a313385757165a2b5f25c72ccd268ca2a9fb1af24cb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c90c73c51b5a44e1dfc578e34f59763fc03ac983777695836abeee7cb2ee4c9e
d7caf18a1ed9a00ed96f25c4f7b1fdb3ec1b60c1e9f71003dfe79505d1771198
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c10c80f91cc422149ec219fda1d755638e7c69eec8ba2ac658def64c6b04b
ec6425319845b89a420ababad6ea2d382f00946824003d323e4a26c32561a89c
ee63f718ec3f0686daf2785dd5f3b51a49d1708402dbdc20e3adf0c15aaec3e0
f070676cbf6b9f4a042dbc016a7cd16a37d3c64b779ecd8f17e616c266af08e7

promotion.newdermaclinic.com Open in urlscan Pro 2606:4700:4400::ac40:98a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

80 %IPv6

9 Domains

12 Subdomains

10 IPs

4 Countries

2805 kBTransfer

5340 kBSize

1 Cookies

1 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promotion.newdermaclinic.com Open in urlscan Pro
2606:4700:4400::ac40:98a6 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

12
Subdomains

10
IPs

4
Countries

2805 kB
Transfer

5340 kB
Size

1
Cookies

39 HTTP transactions
0 data transactions