urlscan.io logo urlscan.io
SecurityTrails logo

bm.billhaskell.com Open in urlscan Pro
91.192.102.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Submission: On January 20 via manual from ES — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 8 domains to perform 22 HTTP transactions. The main IP is 91.192.102.71, located in Switzerland and belongs to AS-SOFTPLUS, CH. The main domain is bm.billhaskell.com.
TLS certificate: Issued by R3 on December 31st 2023. Valid for: 3 months.
This is the only time bm.billhaskell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 91.192.102.71 51395 (AS-SOFTPLUS)
1 185.177.94.76 39572 (ADVANCEDH...)
10 139.45.197.250 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 20.114.189.70 8075 (MICROSOFT...)
22 10
4    91.192.102.71 (Switzerland)

ASN51395 (AS-SOFTPLUS, CH)
PTR: hostch03.fornex.host
bm.billhaskell.com
1    185.177.94.76 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-76.ah-server.com
clicktimes.bid
10    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
keefoaph.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
Apex Domain
Subdomains		 Transfer
10 keefoaph.com
keefoaph.com
60 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
c.clarity.ms — Cisco Umbrella Rank: 1351
t.clarity.ms — Cisco Umbrella Rank: 6984
27 KB
4 billhaskell.com
bm.billhaskell.com
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
764 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
546 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 clicktimes.bid
clicktimes.bid — Cisco Umbrella Rank: 411791
11 KB
22 8
Domain Requested by
10 keefoaph.com bm.billhaskell.com
keefoaph.com
4 bm.billhaskell.com bm.billhaskell.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bm.billhaskell.com
www.clarity.ms
1 t.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 my.rtmark.net bm.billhaskell.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com bm.billhaskell.com
1 clicktimes.bid bm.billhaskell.com
22 10

This site contains no links.

Subject Issuer Validity Valid
www.pr.billhaskell.com
R3		 2023-12-31 -
2024-03-30		 3 months crt.sh
0.quicksub.bid
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
keefoaph.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Frame ID: 494D89756A9F6840B6BE1A1C35B10371
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5A69ACCE0B53E67DD89A2EBF33F83550
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ᑕ❶ᑐ Are BCAA more important than protein?

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

95 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

10
IPs

6
Countries

196 kB
Transfer

513 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&RedC=c.clarity.ms&MXFR=0998DC90C5F2607D2767C89CC1F26E7D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&MUID=1BBD1627F6D36FEA2C28022BF7D56EC1

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bm.billhaskell.com/are-bcaa-more-important-than-protein/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.192.102.71 , Switzerland, ASN51395 (AS-SOFTPLUS, CH),
Reverse DNS
hostch03.fornex.host
Software
nginx /
Resource Hash
e3e46d9f79df0ede3a088837684a917ed87be2d43c3f7f89e7ea5f14e0fcac38
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 20 Jan 2024 12:22:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
bm.billhaskell.com/ 		2 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bm.billhaskell.com/style.css
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.192.102.71 , Switzerland, ASN51395 (AS-SOFTPLUS, CH),
Reverse DNS
hostch03.fornex.host
Software
nginx /
Resource Hash
067cfbf0a34c85d3cbb085d177a4af344cc6ed04c6bbce07baff40d880bc8bd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 21:14:51 GMT
server
nginx
etag
W/"65a5a04b-879"
content-type
text/css
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
expires
Mon, 19 Feb 2024 12:22:57 GMT
/
clicktimes.bid/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clicktimes.bid/?ce=hbrtin3emi5ha3ddf42tomzy
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.76 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-76.ah-server.com
Software
nginx /
Resource Hash
edbcd89e42102d0611935d27486669822b8db1377f9e86c43dc4d078ed0c6b8d
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 12:22:57 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
tag.min.js
keefoaph.com/pfe/current/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/pfe/current/tag.min.js?z=6839824
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c4569552b8f3069d5021cc14e3e8680f0a8a9edea995839da1e263706fcc9cb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 08:49:51 GMT
server
nginx
etag
W/"65a8e62f-33f4"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SZ2JCK93WG
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c14e8a4c59568ac4a385dd39b8272daf24a8ffc7d80bd7dda91c248367bae4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93318
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Jan 2024 12:22:57 GMT
cookie_warning.css
bm.billhaskell.com/cookies/ 		761 B
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bm.billhaskell.com/cookies/cookie_warning.css
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.192.102.71 , Switzerland, ASN51395 (AS-SOFTPLUS, CH),
Reverse DNS
hostch03.fornex.host
Software
nginx /
Resource Hash
b4ded01610256b2f3cc6b688237674f35041f934237d1ee1ae74a673b39f70bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Jan 2024 12:22:57 GMT
last-modified
Sat, 20 Jan 2024 12:21:36 GMT
server
nginx
etag
"65abbad0-2f9"
content-type
text/css
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
761
expires
Mon, 19 Feb 2024 12:22:57 GMT
cookie_warning.js
bm.billhaskell.com/cookies/ 		1 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bm.billhaskell.com/cookies/cookie_warning.js
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.192.102.71 , Switzerland, ASN51395 (AS-SOFTPLUS, CH),
Reverse DNS
hostch03.fornex.host
Software
nginx /
Resource Hash
ff12f9e8b6246083b338cc8d473de2d5d61943fcff78479ddf50562861d5455c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2024 12:21:36 GMT
server
nginx
etag
W/"65abbad0-4db"
content-type
application/javascript
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
expires
Mon, 19 Feb 2024 12:22:57 GMT
kgaecjqbfh
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/kgaecjqbfh
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a51c6cb857bdd9be26b062fd935b84c3f071d7b0d633b799388755816a67e081

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
-1
date
Sat, 20 Jan 2024 12:22:57 GMT
x-azure-ref
20240120T122257Z-vdw7zw6cr10zh3ndt5mpv02y8w0000000140000000000bqh
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
zone
keefoaph.com/ 		913 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/zone?pub=0&zone_id=6839824&is_mobile=false&domain=bm.billhaskell.com&var=&ymid=&var_3=&tg=0&sw=3.1.474
Requested by
Host: keefoaph.com
URL: https://keefoaph.com/pfe/current/tag.min.js?z=6839824
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
97ee1a0f9b28721732e00182f72b6cd1426f414ee1e0229fd07b041ee67eb936
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
8b0d494e372a80803bf2c3d46b0f5d5d
date
Sat, 20 Jan 2024 12:22:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bm.billhaskell.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
913
universal.min.js
keefoaph.com/pfe/current/ 		86 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/pfe/current/universal.min.js?v=3.1.474
Requested by
Host: keefoaph.com
URL: https://keefoaph.com/pfe/current/tag.min.js?z=6839824
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
12c658e94a84137e8ad6d8f54c2d579b1d0170e968c32228fd22c2fba64dcae1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 08:49:51 GMT
server
nginx
etag
W/"65a8e62f-1579f"
content-type
application/javascript
access-control-allow-origin
https://bm.billhaskell.com
cache-control
no-cache
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SZ2JCK93WG&gtm=45je41h0v9174268679&_p=1705753377583&gcd=11l1l1l1l1&dma=0&cid=1636080856.1705753378&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705753377&sct=1&seg=0&dl=https%3A%2F%2Fbm.billhaskell.com%2Fare-bcaa-more-important-than-protein%2F&dt=%E1%91%95%E2%9D%B6%E1%91%90%20Are%20BCAA%20more%20important%20than%20protein%3F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=288
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZ2JCK93WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bm.billhaskell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom
keefoaph.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bm.billhaskell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://bm.billhaskell.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 20 Jan 2024 12:22:57 GMT
server
nginx
custom
keefoaph.com/ 		39 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bm.billhaskell.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
2fced99bba0825bc48d48337c9111830
date
Sat, 20 Jan 2024 12:22:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bm.billhaskell.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=3fe9c2cbb068448f8011f809cd75823d&zoneId=6839824&checkDuplicate=true&ymid=&var=
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4dc033798531b81f40e2f939589b8b8ae4220773ef41c0e77a1cc5681ef5b886
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:22:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bm.billhaskell.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kgaecjqbfh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
br
last-modified
Thu, 18 Jan 2024 15:10:56 GMT
etag
W/"0x8DC1837ABBF2420"
vary
Accept-Encoding
x-azure-ref
20240120T122257Z-vdw7zw6cr10zh3ndt5mpv02y8w0000000140000000000bqu
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c90d9c28-901e-0054-112c-4b618c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
custom
keefoaph.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bm.billhaskell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://bm.billhaskell.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 20 Jan 2024 12:22:57 GMT
server
nginx
custom
keefoaph.com/ 		39 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bm.billhaskell.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
d31671fe21dcbe2dbfec9ba2c3f14c19
date
Sat, 20 Jan 2024 12:22:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bm.billhaskell.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&RedC=c.clarity.ms&MXFR=0998DC90C5F2607D2767C89CC1F26E7D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&MUID=1BBD1627F6D36FEA2C28022BF7D56EC1
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&MUID=1BBD1627F6D36FEA2C28022BF7D56EC1
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
last-modified
Wed, 10 Jan 2024 21:11:32 GMT
server
Microsoft-IIS/10.0
etag
"d765ee95944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3F2F6DF122BF44DDBAA29E10C9C6842D Ref B: ZRHEDGE1113 Ref C: 2024-01-20T12:22:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=463DA52446524349AF3BD32B17D1EEA5&MUID=1BBD1627F6D36FEA2C28022BF7D56EC1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
defaultSkin.min.js
keefoaph.com/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/pfe/current/defaultSkin.min.js
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bm.billhaskell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 12:22:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 08:49:51 GMT
server
nginx
etag
W/"65a8e62f-df63"
content-type
application/javascript
access-control-allow-origin
https://bm.billhaskell.com
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame 5A69 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
keefoaph.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bm.billhaskell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://bm.billhaskell.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 20 Jan 2024 12:22:57 GMT
server
nginx
custom
keefoaph.com/ 		39 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://keefoaph.com/custom
Requested by
Host: bm.billhaskell.com
URL: https://bm.billhaskell.com/are-bcaa-more-important-than-protein/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bm.billhaskell.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
c29ed34ee5d0b90de2f79ff7cb7648ab
date
Sat, 20 Jan 2024 12:22:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bm.billhaskell.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
collect
t.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://bm.billhaskell.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bm.billhaskell.com
Date
Sat, 20 Jan 2024 12:22:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| clarity object| zfgformats object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

14 Cookies

Domain/Path Name / Value
.clicktimes.bid/ Name: uuid
Value: 2e67a873-eee1-4f9e-9146-7e3399a1b949
.billhaskell.com/ Name: _ga
Value: GA1.1.1636080856.1705753378
.billhaskell.com/ Name: _ga_SZ2JCK93WG
Value: GS1.1.1705753377.1.0.1705753377.0.0.0
www.clarity.ms/ Name: CLID
Value: dee32769854a4d74a2437c1b05c54468.20240120.20250119
.billhaskell.com/ Name: _clck
Value: fbszto%7C2%7Cfik%7C0%7C1480
my.rtmark.net/ Name: ID
Value: 3fe9c2cbb068448f8011f809cd75823d
.bing.com/ Name: MUID
Value: 1BBD1627F6D36FEA2C28022BF7D56EC1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1BBD1627F6D36FEA2C28022BF7D56EC1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1BBD1627F6D36FEA2C28022BF7D56EC1
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.billhaskell.com/ Name: _clsk
Value: 1qzgkk4%7C1705753378455%7C1%7C1%7Ct.clarity.ms%2Fcollect

1 Console Messages

Source Level URL
Text
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bm.billhaskell.com
c.bing.com
c.clarity.ms
clicktimes.bid
keefoaph.com
my.rtmark.net
region1.google-analytics.com
t.clarity.ms
www.clarity.ms
www.googletagmanager.com
139.45.195.8
139.45.197.250
185.177.94.76
20.114.189.70
2001:4860:4802:34::36
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:810::2008
68.219.88.97
91.192.102.71
067cfbf0a34c85d3cbb085d177a4af344cc6ed04c6bbce07baff40d880bc8bd3
12c658e94a84137e8ad6d8f54c2d579b1d0170e968c32228fd22c2fba64dcae1
4dc033798531b81f40e2f939589b8b8ae4220773ef41c0e77a1cc5681ef5b886
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
97ee1a0f9b28721732e00182f72b6cd1426f414ee1e0229fd07b041ee67eb936
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a51c6cb857bdd9be26b062fd935b84c3f071d7b0d633b799388755816a67e081
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b4ded01610256b2f3cc6b688237674f35041f934237d1ee1ae74a673b39f70bf
c14e8a4c59568ac4a385dd39b8272daf24a8ffc7d80bd7dda91c248367bae4d2
c4569552b8f3069d5021cc14e3e8680f0a8a9edea995839da1e263706fcc9cb2
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e46d9f79df0ede3a088837684a917ed87be2d43c3f7f89e7ea5f14e0fcac38
edbcd89e42102d0611935d27486669822b8db1377f9e86c43dc4d078ed0c6b8d
ff12f9e8b6246083b338cc8d473de2d5d61943fcff78479ddf50562861d5455c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881