0.redfiretobind.com Open in urlscan Pro
104.21.96.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://azhealthysmile.com/author/admin
Effective URL:
https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3
Submission: On August 05 via api (August 5th 2024, 3:27:37 am UTC) from US — Scanned from CA

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 52 HTTP transactions. The main IP is 104.21.96.85, located in and belongs to CLOUDFLARENET, US. The main domain is 0.redfiretobind.com.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.

This is the only time 0.redfiretobind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	24.199.69.70 24.199.69.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	101.99.75.138 101.99.75.138	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1	18.238.49.18 18.238.49.18	16509 (AMAZON-02) (AMAZON-02)
6	104.18.12.192 104.18.12.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 10	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
1	172.67.144.219 172.67.144.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.85.232.106 209.85.232.106	15169 (GOOGLE) (GOOGLE)
2	172.67.209.227 172.67.209.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.174.94 142.251.174.94	15169 (GOOGLE) (GOOGLE)
2	172.67.164.190 172.67.164.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.159.224 172.67.159.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.6.185 104.21.6.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.174.100 142.251.174.100	15169 (GOOGLE) (GOOGLE)
2	104.21.49.202 104.21.49.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
1	172.217.197.97 172.217.197.97	15169 (GOOGLE) (GOOGLE)
4	104.21.96.85 104.21.96.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	18

11 24.199.69.70 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

azhealthysmile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.99.75.138 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

cache.cloudswiftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-18.jfk52.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.12.192 (None, )

ASN13335 (CLOUDFLARENET, US)

webapps.01.cdn.bootlegstudios.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 93.158.134.119 (Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.144.219 (United States)

ASN13335 (CLOUDFLARENET, US)

records.perfectlinestarter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f106.1e100.net

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.209.227 (United States)

ASN13335 (CLOUDFLARENET, US)

css.cdntoswitchspirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cdntoswitchspirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.174.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.164.190 (United States)

ASN13335 (CLOUDFLARENET, US)

wave.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.159.224 (United States)

ASN13335 (CLOUDFLARENET, US)

bind.bestresulttostart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.6.185 (None, )

ASN13335 (CLOUDFLARENET, US)

flow.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gogo.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.174.100 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.49.202 (None, )

ASN13335 (CLOUDFLARENET, US)

away.taskscompletedlists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.96.85 (None, )

ASN13335 (CLOUDFLARENET, US)

redfiretobind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.redfiretobind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	azhealthysmile.com 1 redirects azhealthysmile.com	150 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	3 KB
6	gstatic.com fonts.gstatic.com	178 KB
6	bootlegstudios.net webapps.01.cdn.bootlegstudios.net	3 MB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	72 KB
4	redfiretobind.com redfiretobind.com — Cisco Umbrella Rank: 626784 0.redfiretobind.com	69 KB
3	google-analytics.com google-analytics.com — Cisco Umbrella Rank: 93 www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	taskscompletedlists.com away.taskscompletedlists.com Failed	1 KB
2	recordsbluemountain.com flow.recordsbluemountain.com gogo.recordsbluemountain.com	18 KB
2	rdntocdns.com wave.rdntocdns.com	15 KB
2	cdntoswitchspirit.com css.cdntoswitchspirit.com js.cdntoswitchspirit.com	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	90 KB
1	bestresulttostart.com bind.bestresulttostart.com — Cisco Umbrella Rank: 928485	7 KB
1	perfectlinestarter.com records.perfectlinestarter.com	7 KB
1	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5787 buttons-config.sharethis.com Failed l.sharethis.com Failed	46 KB
1	cloudswiftcdn.com cache.cloudswiftcdn.com	1 KB
52	16

	Domain	Requested by
11	azhealthysmile.com	1 redirects azhealthysmile.com
6	mc.yandex.com	3 redirects azhealthysmile.com mc.yandex.ru
6	fonts.gstatic.com	azhealthysmile.com
6	webapps.01.cdn.bootlegstudios.net	azhealthysmile.com
5	mc.yandex.ru	2 redirects cache.cloudswiftcdn.com azhealthysmile.com
2	0.redfiretobind.com	azhealthysmile.com
2	redfiretobind.com
2	away.taskscompletedlists.com	gogo.recordsbluemountain.com
2	www.google-analytics.com	google-analytics.com www.googletagmanager.com
2	wave.rdntocdns.com	records.perfectlinestarter.com css.cdntoswitchspirit.com
1	www.googletagmanager.com	google-analytics.com
1	gogo.recordsbluemountain.com	flow.recordsbluemountain.com
1	flow.recordsbluemountain.com	wave.rdntocdns.com
1	bind.bestresulttostart.com	azhealthysmile.com
1	js.cdntoswitchspirit.com	azhealthysmile.com
1	css.cdntoswitchspirit.com	azhealthysmile.com
1	google-analytics.com	azhealthysmile.com
1	records.perfectlinestarter.com	azhealthysmile.com
1	platform-api.sharethis.com	azhealthysmile.com
1	cache.cloudswiftcdn.com	azhealthysmile.com
0	l.sharethis.com Failed	platform-api.sharethis.com
0	buttons-config.sharethis.com Failed	platform-api.sharethis.com
52	22

This site contains no links.

Subject Issuer	Validity	Valid
azhealthysmile.com R10	`2024-06-15` - `2024-09-13`	3 months	crt.sh
cache.cloudswiftcdn.com R11	`2024-07-31` - `2024-10-29`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
bootlegstudios.net E5	`2024-07-20` - `2024-10-18`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
perfectlinestarter.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdntoswitchspirit.com WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
rdntocdns.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
bestresulttostart.com WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
recordsbluemountain.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
taskscompletedlists.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
redfiretobind.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3
Frame ID: 29E534B747AF2FFB81AE9B7D57DB8677
Requests: 59 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 10BF00D5A2A54839451FEF24DCA2A310
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

I am not a robot

Page URL History Show full URLs

http://azhealthysmile.com/author/admin HTTP 307
https://azhealthysmile.com/author/admin HTTP 301
https://azhealthysmile.com/author/admin/ Page URL
https://away.taskscompletedlists.com/tyierrtt Page URL
https://away.taskscompletedlists.com/7MjvR5 Page URL
https://redfiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=severss&sub3=fkitas3 Page URL
https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

87 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

18
IPs

4
Countries

3375 kB
Transfer

4594 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://azhealthysmile.com/author/admin HTTP 307
https://azhealthysmile.com/author/admin HTTP 301
https://azhealthysmile.com/author/admin/ Page URL
https://away.taskscompletedlists.com/tyierrtt Page URL
https://away.taskscompletedlists.com/7MjvR5 Page URL
https://redfiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=severss&sub3=fkitas3 Page URL
https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://azhealthysmile.com/author/admin HTTP 307
https://azhealthysmile.com/author/admin HTTP 301
https://azhealthysmile.com/author/admin/

Request Chain 18

https://mc.yandex.ru/watch/96299872 HTTP 302
https://mc.yandex.ru/watch/96299872/1?redirnss=1

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10451.qDbh4b-Wvbvp3uNANHC1UEYS5Yk3MDY9ItqjC-eI4MRolTORUHfzWsJENOXHvQY2.tg8SXCS4GexAFjCSUpUSo9T6Csc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10451.WD4brKDb0kiflQadtqIGYH6AtDKOaHYsL13VNvDVxNJbFVBlyvXPPOnGAv6NOOzMG7LKcE8vlZyb22QIMWTN4imGbsn_tJxGd_uiqKl58AI8TIM-hTclStVbnqSaUo0_eMeRrorFu-mhPNBE5XDbDosgPNBICz1KNGKam6odsnol3GvB8qqnr3ToWxT0Ax_HPN4N-bJWZPlXjhF0h79EQyxdm1HXB2rwrnkpeNZwoLw%2C.B7bjeQurSTN0_eGwz-Gwo3qMCuM%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10451.0Nu-uhefSabv29zyCHMBIMLLWnzTLNwNBhC-hA9AGQRJsNSUh33P0nG0mCvaclAhN4YdmQf-0YMgDIIyNGUuRbFkKbKZaQ94d_-ncOBuM58C7r3ZrgpjCprOy4jVvkI-w596iN-9IMIG9qjZi0KUjjhYcWX3soFLS67D9xOrs-qoLs5kRxeV4VGXey4zNN4kN3ERC8Is95izvGu7d-R3sg%2C%2C.MO5ntshwXN9XuSpaAoDtTbhmaCg%2C

Request Chain 45

https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1577387863652%3Ahid%3A893744052%3Az%3A-420%3Ai%3A20240804202727%3Aet%3A1722828448%3Ac%3A1%3Arn%3A829211901%3Arqn%3A1%3Au%3A1722828448220929029%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1924%3Awv%3A2%3Ads%3A0%2C0%2C222%2C94%2C563%2C0%2C%2C1080%2C18%2C%2C%2C%2C1967%3Aco%3A0%3Acpf%3A1%3Ans%3A1722828444907%3Agi%3AR0ExLjIuNDc0OTE3OTM0LjE3MjI4Mjg0NDc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722828449%3At%3Aadmin%20%7C%20Paradise%20Hills%20Dentistry&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1577387863652%3Ahid%3A893744052%3Az%3A-420%3Ai%3A20240804202727%3Aet%3A1722828448%3Ac%3A1%3Arn%3A829211901%3Arqn%3A1%3Au%3A1722828448220929029%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1924%3Awv%3A2%3Ads%3A0%2C0%2C222%2C94%2C563%2C0%2C%2C1080%2C18%2C%2C%2C%2C1967%3Aco%3A0%3Acpf%3A1%3Ans%3A1722828444907%3Agi%3AR0ExLjIuNDc0OTE3OTM0LjE3MjI4Mjg0NDc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722828449%3At%3Aadmin%20%7C%20Paradise%20Hills%20Dentistry&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

52 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
azhealthysmile.com/author/admin/
Redirect Chain

http://azhealthysmile.com/author/admin
https://azhealthysmile.com/author/admin
https://azhealthysmile.com/author/admin/

191 KB
37 KB

226ms
222ms

Document
text/html

24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cc108c6a43f8947b8bb0421bf2a45d3520a92a2d1e1853a48381f5ed63c6b221

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 37237
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 03:27:25 GMT
link: <https://azhealthysmile.com/wp-json/>; rel="https://api.w.org/" <https://azhealthysmile.com/wp-json/wp/v2/users/1>; rel="alternate"; type="application/json"
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 873
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 03:27:25 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://azhealthysmile.com/author/admin/
server: LiteSpeed
vary: Accept-Encoding
x-redirect-by: WordPress

GET
H/1.1 200
OK / Show response
cache.cloudswiftcdn.com/ 1 KB
1 KB 687ms
226ms Script
application/javascript 101.99.75.138
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.cloudswiftcdn.com/
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.75.138 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 05 Aug 2024 03:27:26 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 style.css
azhealthysmile.com/wp-content/plugins/bootlegstudios-scripts/ 257 B
327 B 89ms
86ms Stylesheet
text/css 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/plugins/bootlegstudios-scripts/style.css?ver=6.2.2
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cc22acbaa754435d63300f85fd7789a0fc1526aa9a97c23cca054c865a6fdd3b

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 23:15:51 GMT
server: LiteSpeed
etag: "101-64c057a7-2c274c;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Mon, 05 Aug 2024 15:27:25 GMT

GET
H2 200 style.min.css
azhealthysmile.com/wp-includes/css/dist/block-library/ 95 KB
11 KB 103ms
100ms Stylesheet
text/css 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:25 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 18:15:49 GMT
server: LiteSpeed
etag: "17ced-646fa5d5-2f5113;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11559
expires: Mon, 05 Aug 2024 15:27:25 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 341ms
46ms Script
text/javascript 18.238.49.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-18.jfk52.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:20:58 GMT
content-encoding: gzip
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
age: 388
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ez_6q9EJjdAolmc9u2O4Qnp2Bvush9Y4YTiG3PBHlweP51uQxNAgWQ==

GET
H2 200 et-divi-customizer-global.min.css
azhealthysmile.com/wp-content/et-cache/global/ 6 KB
1 KB 103ms
101ms Stylesheet
text/css 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1722371386
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 80f62b50e0e2ff34b49cea2001d772041718a3eeff53e722050eeddc43652413

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:25 GMT
content-encoding: br
last-modified: Tue, 30 Jul 2024 20:29:46 GMT
server: LiteSpeed
etag: "1873-66a94d3a-2b5112;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1277
expires: Mon, 05 Aug 2024 15:27:25 GMT

GET
H2 200 Paradise-Hills-Dentistry-Logo-V3.png
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/07/ 17 KB
18 KB 338ms
84ms Image
image/png 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/07/Paradise-Hills-Dentistry-Logo-V3.png

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10cd60cefa65c64d322c3c6725415278fadeffe34a4157b2487ff91435c7c364

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000e35ee0ad4669345d-00669c16ef-5289b3d4-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 17344
last-modified: Wed, 26 Jul 2023 02:15:47 GMT
server: cloudflare
etag: "0010b698a82086b29cf80b5f0bf78696"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
x-rgw-object-type: Normal
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8ae3b0fc5d9b54af-YYZ

GET
H2 200 Get-Your-2018-Smile-On.jpg
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/ 318 KB
318 KB 398ms
145ms Image
image/jpeg 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/Get-Your-2018-Smile-On.jpg

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136f2e4ff926fd3bd627927f0981c22a2972c8f1026cc0831670971ac6e54c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000181653c1635094ca-0066affc42-527eaa86-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 325323
cf-bgj: h2pri
last-modified: Wed, 26 Jul 2023 02:16:00 GMT
server: cloudflare
etag: "e143615648080fea4e6f282a624d9aaa"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
cache-control: max-age=604800
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8ae3b0fc5d9c54af-YYZ

GET
H2 200 Paradise-Hills-Dentistry-Green-Fruit-Monsters.png
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/ 654 KB
655 KB 280ms
279ms Image
image/png 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/Paradise-Hills-Dentistry-Green-Fruit-Monsters.png

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49811b5f4bd547837033c197cba42a5b9b8223e1ea97e99b1940bb79139ef0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000070fae7958d0a2dd8-0066b0469e-52800150-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 670074
last-modified: Wed, 26 Jul 2023 02:16:01 GMT
server: cloudflare
etag: "72acc761a27bdd24fa65f5487af691d6"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
x-rgw-object-type: Normal
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8ae3b0fd6e0454af-YYZ

GET
H2 200 PHD-Healthy-Smile.png
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/ 530 KB
531 KB 201ms
200ms Image
image/png 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/PHD-Healthy-Smile.png

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f724bd2e84f537fdce42e0c28f4d415e5c77542aab7517da7f781e7bed5ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000008e2ebf6b8579b4f5-0066ae4fd3-5289b483-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 542522
last-modified: Wed, 26 Jul 2023 02:16:01 GMT
server: cloudflare
etag: "9256735ce29e8d9f36b4e91c1ae72209"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
x-rgw-object-type: Normal
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8ae3b0fdfe4454af-YYZ

GET
H2 200 Paradise-Hills-Dentistry-Cosmetic.png
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/ 626 KB
627 KB 85ms
78ms Image
image/png 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/Paradise-Hills-Dentistry-Cosmetic.png

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba347d05c6d103312f340b556980638e86968fa95c518741cec7fdbce7d18425

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000091eb8aa33609dd55-0066ae4fd3-5289b42e-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 640995
last-modified: Wed, 26 Jul 2023 02:16:00 GMT
server: cloudflare
etag: "d51d292012f1a088bc329b177dde4bea"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
x-rgw-object-type: Normal
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8ae3b0ff5eec54af-YYZ

GET
H2 200 PHD-Dental-Insurance.png
webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/ 536 KB
537 KB 272ms
266ms Image
image/png 104.18.12.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webapps.01.cdn.bootlegstudios.net/paradisehillsdentistry/2017/10/PHD-Dental-Insurance.png

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d1d2a256bd24acc5a752879164fcc177f673e283c296ccc3ec96dbe4e4df98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx0000080acced91fcf2541-0066b0469e-5289b3d4-sfo3a
x-envoy-upstream-healthchecked-cluster
content-length: 548870
last-modified: Wed, 26 Jul 2023 02:16:01 GMT
server: cloudflare
etag: "28469e2374c4ca21de02268e8f7519e3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 65ddb386-270c-47f9-a3a5-edb378431b4b
x-rgw-object-type: Normal
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8ae3b0ff5eed54af-YYZ

GET
H2 200 jquery.min.js Show response
azhealthysmile.com/wp-includes/js/jquery/ 90 KB
31 KB 98ms
91ms Script
text/javascript 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9a622c4ead1443280786e87b827ba105855da94e64691002b4ace55fe7ccbce5

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: br
last-modified: Mon, 29 Apr 2024 16:43:12 GMT
server: LiteSpeed
etag: "1661e-662fce20-2f52cd;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 31221

GET
H2 200 jquery-migrate.min.js Show response
azhealthysmile.com/wp-includes/js/jquery/ 14 KB
5 KB 142ms
135ms Script
text/javascript 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 305b50be14c6f2067f8dd60e67dcc7315673323d8af8f3f59d27b3ff58d3ee58

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: br
last-modified: Sat, 06 Apr 2024 10:43:23 GMT
server: LiteSpeed
etag: "384e-6611274b-2f52c5;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5163

GET
H2 200 scripts.min.js Show response
azhealthysmile.com/wp-content/themes/Divi/js/ 268 KB
55 KB 144ms
137ms Script
text/javascript 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.1
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 20:04:10 GMT
server: LiteSpeed
etag: "42f72-64a5ccba-2c4823;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 56526

GET
H2 200 jquery.fitvids.js Show response
azhealthysmile.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 228ms
222ms Script
text/javascript 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.21.0
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 20:04:11 GMT
server: LiteSpeed
etag: "d15-64a5ccbb-2c4705;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1156

GET
H2 200 common.js Show response
azhealthysmile.com/wp-content/themes/Divi/core/admin/js/ 1 KB
577 B 227ms
221ms Script
text/javascript 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

Referer: https://azhealthysmile.com/author/admin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 20:04:10 GMT
server: LiteSpeed
etag: "53f-64a5ccba-2c447a;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 490

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 753ms
364ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cache.cloudswiftcdn.com
URL: https://cache.cloudswiftcdn.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

45ff80f391287f67ec258130a70558da6de6e80d3cacd9eaea331f9546fc2260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Mon, 05 Aug 2024 03:27:27 GMT
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66acb3b2-11609"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71177
expires: Mon, 05 Aug 2024 04:27:27 GMT

GET
H2

200

1
mc.yandex.ru/watch/96299872/
Redirect Chain

https://mc.yandex.ru/watch/96299872
https://mc.yandex.ru/watch/96299872/1?redirnss=1

43 B
84 B

446ms
438ms

Image
image/gif

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/96299872/1?redirnss=1

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 03:27:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05-Aug-2024 03:27:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 05-Aug-2024 03:27:27 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 03:27:27 GMT
last-modified: Mon, 05-Aug-2024 03:27:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/96299872/1?redirnss=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 05-Aug-2024 03:27:27 GMT

GET
H3 200 turn.js Show response
records.perfectlinestarter.com/scripts/ 16 KB
7 KB 153ms
54ms Script
application/javascript 172.67.144.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://records.perfectlinestarter.com/scripts/turn.js
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa986bc52b8410a764fe32b4ce6c2ce81f69c55219780fa39c03c5ede3817935

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 14:37:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 218923
etag: W/"66acef47-410c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWyq%2Fcu2XXBCmUxYsVAHwCvoT2V9I6DL%2BnD1oXja8GA6Zp4HE2iu5gdJjIIc%2BmMza0XtBhgtmubBn5ikTrt8BIjuPpCyX%2F2njHJ%2Brq1g1Yxi9Z2BNfIuhdcXFyRsUx3GLyHUN29GfpqfkIk6XmL2%2B%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 8ae3b0ffee04ac63-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 59f3b709f08d3100120987e2.js
buttons-config.sharethis.com/js/ 0
0

GET
H2 200 analytics.js Show response
google-analytics.com/ 52 KB
21 KB 461ms
56ms Script
text/javascript 209.85.232.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f106.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 02:54:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1990
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 05 Aug 2024 04:54:17 GMT

GET
H3 200 class.js Show response
css.cdntoswitchspirit.com/scripts/ 19 KB
7 KB 432ms
320ms Script
application/javascript 172.67.209.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.cdntoswitchspirit.com/scripts/class.js
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35ff52ea69a0ad3afb3e286802cde3256992f06c57a8959758e4c5dc0cadb56

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6951
last-modified: Mon, 05 Aug 2024 03:27:26 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BaLkjNL6qB1VfhegP2YXkxpZKvH%2F0RhbVcZN0V3fGH%2FXHJAu1bIEC3MfXedZFYidPKo7miM7K7gbUrxF7C6LHNVR3glRY4cq4kwkz48T2pl69GNjF%2FS2qr9pa%2FleZcNNUAyzHDI9ToSy0Xh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae3b0fffd75ab6a-YYZ
access-control-allow-headers: X-Requested-With

GET pview
l.sharethis.com/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 303ms
193ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:44 GMT
x-content-type-options: nosniff
age: 282582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:44 GMT

GET
H2 200 modules.woff
azhealthysmile.com/wp-content/themes/Divi/core/admin/fonts/modules/base/ 6 KB
6 KB 131ms
124ms Font
application/font-woff 24.199.69.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://azhealthysmile.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.69.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f

Request headers

Referer: https://azhealthysmile.com/author/admin/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
last-modified: Wed, 05 Jul 2023 20:04:10 GMT
server: LiteSpeed
etag: "18a0-64a5ccba-2c4459;;;"
content-type: application/font-woff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6304

GET
H2 200 RrQUbo9-9DV7b06QHgSWsahHT4I.woff2
fonts.gstatic.com/s/novasquare/v24/ 14 KB
14 KB 258ms
149ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/novasquare/v24/RrQUbo9-9DV7b06QHgSWsahHT4I.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

3e9f9e979097ba64a89b010514cae4d8a984790f7beef6cdd91484822f76f85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 22:45:54 GMT
x-content-type-options: nosniff
age: 103292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 22:06:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Aug 2025 22:45:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 311ms
202ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:51 GMT
x-content-type-options: nosniff
age: 282575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:51 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2
fonts.gstatic.com/s/opensans/v40/ 55 KB
55 KB 181ms
73ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

616b98706b02b2744e0f51dfbe070c56bfc6e73e0963b0200e9908f856a6e3de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 03:22:44 GMT
x-content-type-options: nosniff
age: 345882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56272
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:49:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 03:22:44 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2
fonts.gstatic.com/s/opensans/v40/ 53 KB
53 KB 266ms
158ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

73eaa9830823855f156cd4e0b27e7096f7e623ba026bb5366640fb0540cdd081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 07:57:52 GMT
x-content-type-options: nosniff
age: 329374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54424
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 01:59:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 07:57:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 159ms
52ms Font
font/woff2 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
Origin: https://azhealthysmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:44 GMT
x-content-type-options: nosniff
age: 282582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:44 GMT

GET
H3 200 inputs.js Show response
wave.rdntocdns.com/rps/ 37 KB
15 KB 101ms
59ms Script
application/javascript 172.67.164.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.rdntocdns.com/rps/inputs.js
Requested by: Host: records.perfectlinestarter.com
URL: https://records.perfectlinestarter.com/scripts/turn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 14:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 219537
etag: W/"66aceaf2-931f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkfJXWLDpXRzNvxo2txd5AQ%2B7D1rs8IhTX7ERlB%2BJlNSl1XipZAqYKjLa41jgZvECUtx1qFWqqvaAwVhcTXbCffyA0%2BvmMG2A0BoYHQ25yXNCQr50pjTLZYS3Hy32sFJMq5HbW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 8ae3b100cf28aca2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 split.js Show response
js.cdntoswitchspirit.com/source/ 19 KB
7 KB 54ms
49ms Script
application/javascript 172.67.209.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdntoswitchspirit.com/source/split.js
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35ff52ea69a0ad3afb3e286802cde3256992f06c57a8959758e4c5dc0cadb56

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4053
alt-svc: h3=":443"; ma=86400
content-length: 6951
last-modified: Mon, 05 Aug 2024 02:19:53 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtgIxq72V6BzXaAs1p0NAeYePuBkqcU6T8H0MnixfHO5Xk1BghBi8%2BEQk9Krp4Kt%2FuluNw517bcSqvkdm0yP%2BfkahFmVA3QvA9%2BlKICArFe5sKjY9wRHGkK3uL5wCXlnvOIK8ziQ0wHzkKQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae3b1009de9ab6a-YYZ
access-control-allow-headers: X-Requested-With

GET
H3 200 statistics.js Show response
bind.bestresulttostart.com/scripts/ 19 KB
7 KB 377ms
318ms Script
application/javascript 172.67.159.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bind.bestresulttostart.com/scripts/statistics.js
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1b0a1cd1c30a18e8f6df21b350ed5c41c4d6f791c925a647d4938a709ada62

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:27 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6899
last-modified: Mon, 05 Aug 2024 03:27:27 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxXLPtoXu154fCRkHg4ehTDrG%2BG1r308BUGKLtfIsDvAXN8AbUP0S46Om%2BUEvZpaxLPAa2eKrZGrgVZcChaljF7UfG8oa4ZW9b0IZUiNle2x4nrAC067CGMx75WEePySttNrQIRFHsneXmY1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae3b1012af6aaa4-YYZ
access-control-allow-headers: X-Requested-With

GET
H3 200 8YkzBStf Show response
flow.recordsbluemountain.com/ 29 KB
13 KB 463ms
399ms Script
application/javascript 104.21.6.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flow.recordsbluemountain.com/8YkzBStf?q=azhealthysmile.com
Requested by: Host: wave.rdntocdns.com
URL: https://wave.rdntocdns.com/rps/inputs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.6.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DdUfTVUYPidYYk8AbxQwdnp477zfUKSVyqu4Nxoz5yEuNlchr%2B0YUbmB2pnbeUHDLqsoN1nmn%2BaYx5hxWspZgYiC71HSSsaFxjVWthPflUudze%2Ferjvqjh1LChK5EOwWDgJofROhWFdO7np1bn7%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8ae3b1025aceabe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Aug 2024 03:27:27 GMT

GET
H3 200 inputs.js Show response
wave.rdntocdns.com/rps/ 37 KB
0 0ms
0ms Script
application/javascript 172.67.164.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.rdntocdns.com/rps/inputs.js
Requested by: Host: css.cdntoswitchspirit.com
URL: https://css.cdntoswitchspirit.com/scripts/class.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 14:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 219537
etag: W/"66aceaf2-931f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkfJXWLDpXRzNvxo2txd5AQ%2B7D1rs8IhTX7ERlB%2BJlNSl1XipZAqYKjLa41jgZvECUtx1qFWqqvaAwVhcTXbCffyA0%2BvmMG2A0BoYHQ25yXNCQr50pjTLZYS3Hy32sFJMq5HbW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 8ae3b100cf28aca2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
329 B 1291ms
53ms XHR
text/plain 142.251.174.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=688157903&t=pageview&_s=1&dl=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&ul=en-ca&de=UTF-8&dt=admin%20%7C%20Paradise%20Hills%20Dentistry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2042693893&gjid=1853346685&cid=474917934.1722828447&tid=UA-108625035-2&_gid=1389636604.1722828447&_r=1&_slc=1&z=755343586

Requested by

Host: google-analytics.com
URL: https://google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.100 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 03:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://azhealthysmile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zbLzKF
gogo.recordsbluemountain.com/ 11 KB
5 KB 308ms
306ms Script
application/javascript 104.21.6.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gogo.recordsbluemountain.com/zbLzKF
Requested by: Host: flow.recordsbluemountain.com
URL: https://flow.recordsbluemountain.com/8YkzBStf?q=azhealthysmile.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.6.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NQcnzNC7yAYdTlTl%2FyXLHzmkEICakF%2BqE7uaeFdWF8w%2B18ylbsCW6vN4%2FhQ99w%2BxnhQrAMZ2BSr7RSV3GpaQ0yu70HmChcRjPxmg4bjD4lhCJTc7MvTQq5ELTpqBZS3VlcGlHmcIQ4GLdiuHc%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8ae3b1054cc6abe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Aug 2024 03:27:27 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10451.qDbh4b-Wvbvp3uNANHC1UEYS5Yk3MDY9ItqjC-eI4MRolTORUHfzWsJENOXHvQY2.tg8SXCS4GexAFjCSUpUSo9T6Csc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10451.WD4brKDb0kiflQadtqIGYH6AtDKOaHYsL13VNvDVxNJbFVBlyvXPPOnGAv6NOOzMG7LKcE8vlZyb22QIMWTN4imGbsn_tJxGd_uiqKl58AI8TIM-hTclStVbnqSaUo0_eMeRrorFu-...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10451.0Nu-uhefSabv29zyCHMBIMLLWnzTLNwNBhC-hA9AGQRJsNSUh33P0nG0mCvaclAhN4YdmQf-0YMgDIIyNGUuRbFkKbKZaQ94d_-ncOBuM58C7...

43 B
627 B

184ms
183ms

Image
image/gif

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10451.0Nu-uhefSabv29zyCHMBIMLLWnzTLNwNBhC-hA9AGQRJsNSUh33P0nG0mCvaclAhN4YdmQf-0YMgDIIyNGUuRbFkKbKZaQ94d_-ncOBuM58C7r3ZrgpjCprOy4jVvkI-w596iN-9IMIG9qjZi0KUjjhYcWX3soFLS67D9xOrs-qoLs5kRxeV4VGXey4zNN4kN3ERC8Is95izvGu7d-R3sg%2C%2C.MO5ntshwXN9XuSpaAoDtTbhmaCg%2C

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 03:27:28 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10451.0Nu-uhefSabv29zyCHMBIMLLWnzTLNwNBhC-hA9AGQRJsNSUh33P0nG0mCvaclAhN4YdmQf-0YMgDIIyNGUuRbFkKbKZaQ94d_-ncOBuM58C7r3ZrgpjCprOy4jVvkI-w596iN-9IMIG9qjZi0KUjjhYcWX3soFLS67D9xOrs-qoLs5kRxeV4VGXey4zNN4kN3ERC8Is95izvGu7d-R3sg%2C%2C.MO5ntshwXN9XuSpaAoDtTbhmaCg%2C
date: Mon, 05 Aug 2024 03:27:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
591 B 185ms
177ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66acb3b2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 05 Aug 2024 04:27:27 GMT

GET tyierrtt
away.taskscompletedlists.com/ 0
0

GET
H2 200 tyierrtt
away.taskscompletedlists.com/ 207 B
644 B 1957ms
295ms Document
text/html 104.21.49.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://away.taskscompletedlists.com/tyierrtt
Requested by: Host: gogo.recordsbluemountain.com
URL: https://gogo.recordsbluemountain.com/zbLzKF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.49.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://azhealthysmile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae3b11288b3ac45-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Aug 2024 03:27:29 GMT
expires: Mon, 05 Aug 2024 03:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wrsr7YcTm4SwI%2BowfC8WU4dtAuw%2BhJCT5X%2FWL0DODJU1%2F36vsjlvuoXHaFt0d2Xp8Id0CLnzKJqhiicjUd0O7eS6qLtKTjX1CnE7Y5VOqh02kUJLHNXe%2FdYW38mG5Egni877RzB5YSf3GJ0TQmX%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 10BF 0
0 1372ms
173ms Document
text/html 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://azhealthysmile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1045
content-type: text/html
date: Mon, 05 Aug 2024 03:27:29 GMT
etag: "66acb3b2-415"
expires: Mon, 05 Aug 2024 04:27:29 GMT
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 js
www.googletagmanager.com/gtag/ 254 KB
90 KB 770ms
60ms Script
application/javascript 172.217.197.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EVLY3173SQ&cx=c&_slc=1

Requested by

Host: google-analytics.com
URL: https://google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Aug 2024 03:27:29 GMT

GET
H2

200

1
mc.yandex.com/watch/96299872/
Redirect Chain

https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A...
https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%...

464 B
789 B

199ms
198ms

Fetch
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1577387863652%3Ahid%3A893744052%3Az%3A-420%3Ai%3A20240804202727%3Aet%3A1722828448%3Ac%3A1%3Arn%3A829211901%3Arqn%3A1%3Au%3A1722828448220929029%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1924%3Awv%3A2%3Ads%3A0%2C0%2C222%2C94%2C563%2C0%2C%2C1080%2C18%2C%2C%2C%2C1967%3Aco%3A0%3Acpf%3A1%3Ans%3A1722828444907%3Agi%3AR0ExLjIuNDc0OTE3OTM0LjE3MjI4Mjg0NDc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722828449%3At%3Aadmin%20%7C%20Paradise%20Hills%20Dentistry&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 03:27:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 05-Aug-2024 03:27:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://azhealthysmile.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 464
x-xss-protection: 1; mode=block
expires: Mon, 05-Aug-2024 03:27:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Aug 2024 03:27:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05-Aug-2024 03:27:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://azhealthysmile.com
location: /watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1577387863652%3Ahid%3A893744052%3Az%3A-420%3Ai%3A20240804202727%3Aet%3A1722828448%3Ac%3A1%3Arn%3A829211901%3Arqn%3A1%3Au%3A1722828448220929029%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1924%3Awv%3A2%3Ads%3A0%2C0%2C222%2C94%2C563%2C0%2C%2C1080%2C18%2C%2C%2C%2C1967%3Aco%3A0%3Acpf%3A1%3Ans%3A1722828444907%3Agi%3AR0ExLjIuNDc0OTE3OTM0LjE3MjI4Mjg0NDc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722828449%3At%3Aadmin%20%7C%20Paradise%20Hills%20Dentistry&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 05-Aug-2024 03:27:29 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 95ms
52ms Fetch
text/plain 142.251.174.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EVLY3173SQ&gtm=45je47v0v9106123631za200&_p=1722828448491&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-ca&sr=1600x1200&cid=474917934.1722828447&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&dt=admin%20%7C%20Paradise%20Hills%20Dentistry&sid=1722828449&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4669
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVLY3173SQ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.174.100 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qc-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://azhealthysmile.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 03:27:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://azhealthysmile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7MjvR5
away.taskscompletedlists.com/ 239 B
500 B 189ms
183ms Document
text/html 104.21.49.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://away.taskscompletedlists.com/7MjvR5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.49.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae3b1194dc6ac45-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Aug 2024 03:27:30 GMT
expires: Mon, 05 Aug 2024 03:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0b9oTQyvPf5GlDTXzOofuq9DjyPd97yfUnZvpNLf6N4pWHQLXbn%2Byf24FcClpznOZoHTlBdGJk2RHKXdyDFHkonLK%2Ftiv1FNMZ2ISLel9aQVJsOM2sKoXX%2F1m3y1dKerBmccWgGrh4ZyycjrE3VW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 gmzdkzdfmq5dcobygyza Show response
redfiretobind.com/go/ 50 KB
34 KB 439ms
248ms Document
text/html 104.21.96.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redfiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=severss&sub3=fkitas3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.96.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63050dcb6e916f4662209b5bd4d0c6730f5063b2b4ba39c72cd3e81ba690aea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae3b11d4b9d543d-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 03:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUHrg3mD0Atwq%2FrXggurYSc721kBk0RbduOZUPAAatnERXVOmfAgGwL1CIx8T45jVMIl4mB%2FdDhxoIwTMlb8GTIHtncFrSXZYDvgZeVNMjc66vJdzeMJS9fXMH072zBFzw%2FM1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 favicon.ico
redfiretobind.com/ 0
409 B 50ms
49ms Other
text/plain 104.21.96.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redfiretobind.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.96.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://redfiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=severss&sub3=fkitas3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4072
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUJ3E4IuyWWp%2FYhaKCdxFmtIWS1II2GTudCOIUpm3cnRbzkaBcJkWEr%2BoqgXmf1B3V4BBmPsA8ij0FvjxSgNZg%2BPRQsUpBd7CkVYbLPhbyCaeJyfsutgTN0xz4IVGfb1lj%2B3hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8ae3b120fde9543d-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request index.php Show response
0.redfiretobind.com/ 50 KB
34 KB 243ms
242ms Document
text/html 104.21.96.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3
Requested by: Host: azhealthysmile.com
URL: https://azhealthysmile.com/author/admin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.96.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef84aac4ba312375277f92b4df6b95f96520b41d05a7aa9a14e4b2034628e757

Request headers

Referer: https://redfiretobind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae3b1313961543d-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 03:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wdqke20TDpyc02IIMElAxWIc2aJbEud161ZGx4dJcLs57hAJDqkz8vX3gd4v6xcMxhfc4HtEPy5l8rCYFBTsy2iQdB49sZbP2Usg15zI90mLbrJevRFH4C3YxxAQjUP6bFd5gpbw"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 favicon.ico
0.redfiretobind.com/ 0
410 B 38ms
38ms Other
text/plain 104.21.96.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.redfiretobind.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.96.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0.redfiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=severss&sub3=fkitas3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 03:27:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7E%2BWO3676Q4SHtxml0q%2FpBNIH2Z2YR%2BsqD0O3vKHj6nUyw99jzKfZPK05S7K2Lg9PMZgz%2FkojlFreWCla9HkhtnvvN00vWdgHHVeeFGvU8%2BuKnA6IKYFbBo7mNZE%2FvRxzNlQhXpH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8ae3b1340b79543d-YYZ
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: buttons-config.sharethis.com
URL: https://buttons-config.sharethis.com/js/59f3b709f08d3100120987e2.js

Domain: l.sharethis.com
URL: https://l.sharethis.com/pview?event=pview&hostname=azhealthysmile.com&location=%2Fauthor%2Fadmin%2F&product=ga&url=https%3A%2F%2Fazhealthysmile.com%2Fauthor%2Fadmin%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=admin%20%7C%20Paradise%20Hills%20Dentistry&cms=unknown&publisher=59f3b709f08d3100120987e2&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=95e78766-7dc5-43bd-9c7a-0d4fb97f2188

Domain: away.taskscompletedlists.com
URL: https://away.taskscompletedlists.com/tyierrtt

Domain: away.taskscompletedlists.com
URL: https://away.taskscompletedlists.com/tyierrtt

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webapps.01.cdn.bootlegstudios.net/	1970-01-20 22:33:50	Name: __cf_bm Value: pGJ.e.QOXGQ2vP.UaPPqxg463yWHTauA9dctxbd5kF4-1722828446-1.0.1.1-KD780Eky_fU6xOlpAx_H.RTJaSS4gX1Y1uGSi0.bK86UCF7CV1zYVPoBeRlRLlSRvNaFDTsqFlG_FfVZXRvVYQ
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2101188981722828447
.yandex.ru/	1970-01-21 07:19:24	Name: receive-cookie-deprecation Value: 1
.azhealthysmile.com/	1970-01-21 08:09:48	Name: _ga Value: GA1.2.474917934.1722828447
.azhealthysmile.com/	1970-01-20 22:35:14	Name: _gid Value: GA1.2.1389636604.1722828447
.azhealthysmile.com/	1970-01-20 22:33:48	Name: _gat Value: 1
.yandex.ru/	1970-01-21 07:19:24	Name: yashr Value: 9407406481722828447
.azhealthysmile.com/	1970-01-21 07:19:24	Name: _ym_uid Value: 1722828448220929029
.azhealthysmile.com/	1970-01-21 07:19:24	Name: _ym_d Value: 1722828448
.mc.yandex.com/	1970-01-20 22:33:49	Name: sync_cookie_csrf Value: 566405306fake
.yandex.com/	1970-01-21 08:09:48	Name: i Value: QW/q4CHsymfHpj8hLM+FFVdBTK3d4iEuGeNJhA19W5O2TAlsT9WgGVEpcPbxl+OOmaS+dOwGjziPfJuKh5mX7UG9WVw=
.yandex.com/	1970-01-21 08:09:48	Name: yandexuid Value: 1922305131722828447
.yandex.com/	1970-01-21 07:19:24	Name: yashr Value: 9108602201722828447
.azhealthysmile.com/	1970-01-20 22:35:00	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:33:49	Name: sync_cookie_csrf Value: 2703320587fake
.mc.yandex.com/	1970-01-20 22:35:14	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:09:48	Name: yandexuid Value: 1922305131722828447
.yandex.ru/	1970-01-21 08:09:48	Name: yuidss Value: 1922305131722828447
.yandex.ru/	1970-01-21 08:09:48	Name: i Value: QW/q4CHsymfHpj8hLM+FFVdBTK3d4iEuGeNJhA19W5O2TAlsT9WgGVEpcPbxl+OOmaS+dOwGjziPfJuKh5mX7UG9WVw=
.yandex.ru/	1970-01-21 08:09:48	Name: yp Value: 1722914848.yu.1321916211722828447
.yandex.ru/	1970-01-21 07:19:24	Name: ymex Value: 1725420448.oyu.1321916211722828447#2038188447.yrts.1722828447#2038188447.yrtsi.1722828447
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2581161711722828449
.yandex.com/	1970-01-21 08:09:48	Name: yuidss Value: 1922305131722828447
.yandex.com/	1970-01-21 07:19:24	Name: ymex Value: 2038188449.yrts.1722828449
.yandex.com/	1970-01-21 07:19:24	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:09:48	Name: bh Value: KgI/MGChjcG1Bg==
.azhealthysmile.com/	1970-01-20 22:33:50	Name: _ym_visorc Value: w
.azhealthysmile.com/	1970-01-21 08:09:48	Name: _ga_EVLY3173SQ Value: GS1.2.1722828449.1.0.1722828449.0.0.0
.redfiretobind.com/	1970-01-20 23:17:00	Name: uuid Value: 73834524-b658-4097-8bda-08602bb43017
.0.redfiretobind.com/	1970-01-20 23:17:00	Name: uuid Value: 73834524-b658-4097-8bda-08602bb43017

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.redfiretobind.com
away.taskscompletedlists.com
azhealthysmile.com
bind.bestresulttostart.com
buttons-config.sharethis.com
cache.cloudswiftcdn.com
css.cdntoswitchspirit.com
flow.recordsbluemountain.com
fonts.gstatic.com
gogo.recordsbluemountain.com
google-analytics.com
js.cdntoswitchspirit.com
l.sharethis.com
mc.yandex.com
mc.yandex.ru
platform-api.sharethis.com
records.perfectlinestarter.com
redfiretobind.com
wave.rdntocdns.com
webapps.01.cdn.bootlegstudios.net
www.google-analytics.com
www.googletagmanager.com
away.taskscompletedlists.com
buttons-config.sharethis.com
l.sharethis.com
101.99.75.138
104.18.12.192
104.21.49.202
104.21.6.185
104.21.96.85
142.251.174.100
142.251.174.94
172.217.197.97
172.67.144.219
172.67.159.224
172.67.164.190
172.67.209.227
18.238.49.18
209.85.232.106
24.199.69.70
87.250.250.119
93.158.134.119
10cd60cefa65c64d322c3c6725415278fadeffe34a4157b2487ff91435c7c364
136f2e4ff926fd3bd627927f0981c22a2972c8f1026cc0831670971ac6e54c31
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b
305b50be14c6f2067f8dd60e67dcc7315673323d8af8f3f59d27b3ff58d3ee58
3e9f9e979097ba64a89b010514cae4d8a984790f7beef6cdd91484822f76f85c
45ff80f391287f67ec258130a70558da6de6e80d3cacd9eaea331f9546fc2260
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
49811b5f4bd547837033c197cba42a5b9b8223e1ea97e99b1940bb79139ef0d1
4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f
4f1b0a1cd1c30a18e8f6df21b350ed5c41c4d6f791c925a647d4938a709ada62
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57
616b98706b02b2744e0f51dfbe070c56bfc6e73e0963b0200e9908f856a6e3de
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
71f724bd2e84f537fdce42e0c28f4d415e5c77542aab7517da7f781e7bed5ae1
73eaa9830823855f156cd4e0b27e7096f7e623ba026bb5366640fb0540cdd081
80f62b50e0e2ff34b49cea2001d772041718a3eeff53e722050eeddc43652413
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9a622c4ead1443280786e87b827ba105855da94e64691002b4ace55fe7ccbce5
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
aa986bc52b8410a764fe32b4ce6c2ce81f69c55219780fa39c03c5ede3817935
aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ba347d05c6d103312f340b556980638e86968fa95c518741cec7fdbce7d18425
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cc108c6a43f8947b8bb0421bf2a45d3520a92a2d1e1853a48381f5ed63c6b221
cc22acbaa754435d63300f85fd7789a0fc1526aa9a97c23cca054c865a6fdd3b
ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef84aac4ba312375277f92b4df6b95f96520b41d05a7aa9a14e4b2034628e757
f0d1d2a256bd24acc5a752879164fcc177f673e283c296ccc3ec96dbe4e4df98
f35ff52ea69a0ad3afb3e286802cde3256992f06c57a8959758e4c5dc0cadb56
f63050dcb6e916f4662209b5bd4d0c6730f5063b2b4ba39c72cd3e81ba690aea
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

0.redfiretobind.com Open in urlscan Pro 104.21.96.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

87 %HTTPS

0 %IPv6

16 Domains

22 Subdomains

18 IPs

4 Countries

3375 kBTransfer

4594 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

0.redfiretobind.com Open in urlscan Pro
104.21.96.85 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

87 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

18
IPs

4
Countries

3375 kB
Transfer

4594 kB
Size

30
Cookies

52 HTTP transactions
8 data transactions