www.weightlossteam.com Open in urlscan Pro
15.197.131.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://weightlossteam.com/
Effective URL:
https://www.weightlossteam.com/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2024, 7:45:56 am UTC) — Scanned from DE

Summary HTTP 69 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 22 domains to perform 69 HTTP transactions. The main IP is 15.197.131.231, located in United States and belongs to AMAZON-02, US. The main domain is www.weightlossteam.com.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time www.weightlossteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	15.197.131.231 15.197.131.231	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 1	18.204.106.24 18.204.106.24	14618 (AMAZON-AES) (AMAZON-AES)
1	34.194.63.20 34.194.63.20	14618 (AMAZON-AES) (AMAZON-AES)
1	3.5.2.12 3.5.2.12	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	13.33.158.72 13.33.158.72	16509 (AMAZON-02) (AMAZON-02)
2	104.18.142.119 104.18.142.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6cfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::720 2a04:4e42::720	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.146.207 3.33.146.207	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
69	25

15 15.197.131.231 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a47112cd6619c1358.awsglobalaccelerator.com

weightlossteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.weightlossteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.204.106.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-106-24.compute-1.amazonaws.com

tools--dev.cms.eiidev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.63.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-63-20.compute-1.amazonaws.com

tools--dev.einsteincms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.2.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.33.158.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-72.fra60.r.cloudfront.net

d1l9wtg77iuzz5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6cfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)

einstein-clients.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.146.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: a47112cd6619c1358.awsglobalaccelerator.com

www.eiiwebservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com	781 KB
15	weightlossteam.com 1 redirects weightlossteam.com www.weightlossteam.com	147 KB
6	cloudfront.net d1l9wtg77iuzz5.cloudfront.net	62 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 9983 app.hubspot.com — Cisco Umbrella Rank: 10634 track.hubspot.com — Cisco Umbrella Rank: 5359	4 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9382 forms-na1.hsforms.com — Cisco Umbrella Rank: 15115	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	412 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	260 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	188 KB
2	imgix.net einstein-clients.imgix.net	753 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 9601 forms.hscollectedforms.net — Cisco Umbrella Rank: 9837	26 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	156 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	eiiwebservices.com www.eiiwebservices.com	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
1	amazonaws.com s3.amazonaws.com	807 B
1	einsteincms.com tools--dev.einsteincms.com	905 B
1	eiidev.com 1 redirects tools--dev.cms.eiidev.com	730 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
69	22

	Domain	Requested by
17	fonts.gstatic.com	www.weightlossteam.com fonts.googleapis.com
14	www.weightlossteam.com	www.weightlossteam.com
6	d1l9wtg77iuzz5.cloudfront.net	www.weightlossteam.com
2	www.googletagmanager.com	www.eiiwebservices.com
2	www.google-analytics.com	www.eiiwebservices.com
2	track.hubspot.com
2	forms-na1.hsforms.com	www.weightlossteam.com
2	einstein-clients.imgix.net	www.weightlossteam.com
2	api.hubspot.com	js.usemessages.com
2	forms.hsforms.com	js.hsforms.net www.weightlossteam.com
2	js.hsforms.net	www.weightlossteam.com js.hsforms.net
1	www.google.de
1	region1.google-analytics.com	www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.eiiwebservices.com	www.weightlossteam.com
1	app.hubspot.com	js.usemessages.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-scripts.com	www.weightlossteam.com
1	s3.amazonaws.com	www.weightlossteam.com
1	tools--dev.einsteincms.com	www.weightlossteam.com
1	tools--dev.cms.eiidev.com	1 redirects
1	fonts.googleapis.com	www.weightlossteam.com
1	weightlossteam.com	1 redirects
69	29

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.unitedmedicalcredit.com
www.medicard.com
maps.google.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.einsteinmedical.com
www.einsteinextranet.com

Subject Issuer	Validity	Valid
weightlossteam.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
usemessages.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
eiiwebservices.com R11	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.weightlossteam.com/
Frame ID: E9970FCAF6C23A76B76F322B16275F20
Requests: 65 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 3BE0CAB943F6C149FDD21BDCC82CFBC8
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/22710654/threads/utk/2db8eabb077247d6ae6c0317bfdc564c?uuid=acc60cc898614225ae25368ba1023965&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=weightlossteam.com&inApp53=false&messagesUtk=2db8eabb077247d6ae6c0317bfdc564c&url=https%3A%2F%2Fwww.weightlossteam.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: C92FD23B4FADE94EE4274FAE1674DE17
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-402FET8GER&gacid=2134601970.1724571953&gtm=45je48l0v9135843651za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=833825304
Frame ID: 2237BB35B5D4335A80D56C3255589CB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weight Loss Team: Bariatric Surgery in Puerto Vallarta, México

Page URL History Show full URLs

https://weightlossteam.com/ HTTP 301
https://www.weightlossteam.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

69
Requests

99 %
HTTPS

62 %
IPv6

22
Domains

29
Subdomains

25
IPs

4
Countries

2225 kB
Transfer

22068 kB
Size

20
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/maps/RXGjgUGRpxHjyhwm6

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/ajBRAcuL6Be8gnpd6

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/Gpt9uWPQo6PuUrST7
Title: View on Google

Search URL Search Domain Scan URL

URL: https://www.unitedmedicalcredit.com/start-an-application/?pid=001E000001KaCkF
Title: United Medical Credit For Patients In The US Thousands of patients have trusted United Medical Credit to secure affordable payment plans for their procedures and achieve a healthier weight.

Search URL Search Domain Scan URL

URL: https://www.medicard.com/apply-now.php
Title: MEDICARD For Patients In Canada Medicard’s financing program offers you a variety of financing terms to ensure that you don't delay your treatment due to cost concerns. Complete our Financing Application Form.

Search URL Search Domain Scan URL

URL: https://maps.google.com/?cid=17542800653029141206
Title: Directions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/weightlossteam/

Search URL Search Domain Scan URL

URL: https://twitter.com/wltmexico

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUED6BuFX1bvox640p8wd0A

Search URL Search Domain Scan URL

URL: https://www.instagram.com/weightlossteampv/

Search URL Search Domain Scan URL

URL: https://www.einsteinmedical.com/
Title: Einstein Medical

Search URL Search Domain Scan URL

URL: https://www.einsteinextranet.com/
Title: Login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://weightlossteam.com/ HTTP 301
https://www.weightlossteam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://tools--dev.cms.eiidev.com/placeholder/1600/1200 HTTP 301
https://tools--dev.einsteincms.com/placeholder/1600/1200

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.weightlossteam.com/
Redirect Chain

https://weightlossteam.com/
https://www.weightlossteam.com/

757 KB
112 KB

640ms
328ms

Document
text/html

15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

bf220e9a61a33fba495be48ee5c209a8869df2036899b9832634a6c1a8d6a058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 07:45:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-lucid-render-cache: DISABLED
x-lucid-theme-name: flux
x-lucid-theme-version: 2
x-xss-protection: 1; mode=block

Redirect headers

content-length: 166
content-type: text/html
date: Sun, 25 Aug 2024 07:45:49 GMT
location: https://www.weightlossteam.com/
server: openresty

GET
H2 200 index.js Show response
www.weightlossteam.com/assets/javascripts/p/ 19 KB
7 KB 142ms
141ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/index.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

0e6c65dad20d817e551a6cceb5f13aef089ce6188178cd5aa8d3342bb45556e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 7108
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 54ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fe5fcc0a15afba4f01aa3aa8302b4d62e64c2d62fb913759228a15d5e8da444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 07:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 07:45:50 GMT

GET
H2

200

1200
tools--dev.einsteincms.com/placeholder/1600/
Redirect Chain

https://tools--dev.cms.eiidev.com/placeholder/1600/1200
https://tools--dev.einsteincms.com/placeholder/1600/1200

452 B
905 B

349ms
117ms

Image
image/png

34.194.63.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tools--dev.einsteincms.com/placeholder/1600/1200
Requested by: Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/
Protocol: H2
Server: 34.194.63.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-63-20.compute-1.amazonaws.com
Software: Apache / PHP/7.3.33
Resource Hash: 97739987b96b58c9433dd2909be0d30b987453cad11513fc4ab3786cf2a1dc07

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
server: Apache
normalized-host: tools.dev
x-powered-by: PHP/7.3.33
content-length: 452
content-type: image/png

Redirect headers

location: https://tools--dev.einsteincms.com/placeholder/1600/1200
date: Sun, 25 Aug 2024 07:45:50 GMT
server: Apache
content-length: 264
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Rating_Stars_Sprite.svg
s3.amazonaws.com/flextemplates/fragments/review/ 394 B
807 B 309ms
111ms Image
image/svg+xml 3.5.2.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/flextemplates/fragments/review/Rating_Stars_Sprite.svg
Requested by: Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.2.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7c8e7df73e45496330dc8998ae49ce28d73a97f79b76f6a1968254403768d294

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 07:45:51 GMT
Last-Modified: Fri, 24 Jan 2020 23:26:50 GMT
Server: AmazonS3
x-amz-request-id: 6DE8DMD73T1VWXDH
ETag: "0e81fdfc42a70be26cc86a03a45a64e9"
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 394
x-amz-id-2: nr6MVSoZKRQc4TY2+A7EpU2Vs5ZBrV3tE72hwmwkuQYVAMy45LhqtQ8AFNm+Xvm6TTzRVGTXvNCaoLLRSkJ0OBdmeoN8wktT

GET
H2 200 KFOlCnqEu92Fr1MmSU5vAw.ttf
fonts.gstatic.com/s/roboto/v32/ 125 KB
68 KB 54ms
18ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5vAw.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b391c44541da8de97f401d16dda5f88561ad1252b2bf8440933891a63d41e652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 03:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69827
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 03:25:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Me5Q.ttf
fonts.gstatic.com/s/roboto/v32/ 127 KB
69 KB 61ms
25ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Me5Q.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

791aba3a80c988031de40920e6805746129ccab8774cbfdd75838a550087c3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70080
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 04:01:59 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDQ.ttf
fonts.gstatic.com/s/playfairdisplay/v37/ 120 KB
57 KB 69ms
33ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDQ.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59440d8b2ef1ed17d2383f8337ddfcff8377be2dd796a1dad00e3b92f1933c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58166
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 16:57:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9vAw.ttf
fonts.gstatic.com/s/roboto/v32/ 127 KB
69 KB 66ms
30ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9vAw.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79581993c4f31dbb6804c3f8d8d1c915cd946fb2a8630783723db1b50d838376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 03:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70654
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 03:25:21 GMT

GET
H2 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtY.ttf
fonts.gstatic.com/s/playfairdisplay/v37/ 108 KB
54 KB 44ms
8ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtY.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73b67561bd207ef45ffcab98515c51f351768aea83e182f3c54d2707a2c6a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54510
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:21:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlvAw.ttf
fonts.gstatic.com/s/roboto/v32/ 126 KB
69 KB 65ms
29ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlvAw.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd53f408cebd8a3bab0a34fa56384e307c2da49e13a83511f0457faf5af8c629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 03:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70512
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 03:25:19 GMT

GET
H/1.1 206
Partial Content original.mp4
d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/ 37 KB
0 593ms
553ms Media
video/mp4 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/original.mp4?1524250961

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Aug 2024 07:45:51 GMT
x-amz-version-id: yysDstfE6IHl4ZcVbGaRkxEwlXv1Ksnq
Via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA60-P9
X-Cache: Miss from cloudfront
Content-Range: bytes 0-23048863/23048864
Connection: keep-alive
Content-Length: 23048864
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 20 Apr 2018 19:02:42 GMT
Server: AmazonS3
ETag: "9b0b19080287d8a1215174dc1a665820-5"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: video/mp4
Cache-Control: max-age=600
Accept-Ranges: bytes
X-Amz-Cf-Id: 8H_yYRhlwjOfEnJQhAPx3wOb7Wi_8pzg89OTKvoq0eoE8OJuutFTyA==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 483 KB
155 KB 49ms
22ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-request-id: MB4D388WTAD1BZA7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 464
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b89ebac0c216ade-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"07033d485ccfcdda144e7a4173dbc0bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5781/bundles/project-v2.js
date: Sun, 25 Aug 2024 07:45:50 GMT
x-amz-version-id: __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id: 3389f02f-7e0e-4546-8485-db92adb6f3f3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bdvi0zBUB5xMLj4IGOq6dJdB+ytLcA0zv44BuUU+VlqWLB7qedPJjgx9rTIMt9R6e3gPmhlN31s=
x-request-id: 3389f02f-7e0e-4546-8485-db92adb6f3f3
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 07 Aug 2024 13:25:19 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZA3aQZHnZi9nPd4P6NE%2BlopNJRdV4fQT4t9Z6z0PYW7ATCvxWWpCwSe9ra2o6nNdDtmceAkdr7%2B8tXrWCK89ATEiZ5CmHXMC%2BOOlEBS5L29TOjybT8XkvTI5H3eppTZt"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8b89f7020cb430d2-FRA

GET
H2 200 22710654.js Show response
js.hs-scripts.com/ 2 KB
1 KB 182ms
154ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/22710654.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a49b4a0de0092b3d3c3f945fc4dda7cbb8c39fc28a7c34f4f78904dd70ccf01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 87dcf411-ec4d-41c5-8dd2-9154d08909c6
x-envoy-upstream-service-time: 36
content-length: 649
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 87dcf411-ec4d-41c5-8dd2-9154d08909c6
last-modified: Sun, 25 Aug 2024 07:45:50 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.weightlossteam.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-9nl72
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8b89f70208661c85-FRA
expires: Sun, 25 Aug 2024 07:47:20 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDQ.ttf
fonts.gstatic.com/s/playfairdisplay/v37/ 121 KB
61 KB 41ms
41ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDQ.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30231bf7d8c3f1f10fe8f051615dcbe3b0e630ca9d081901e7a80c68d6e51799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62392
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:05:11 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjARc9.ttf
fonts.gstatic.com/s/roboto/v32/ 130 KB
74 KB 42ms
42ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TjARc9.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e982bc143d3cbd1054f8f264ccdb8f0b447fe16f9c520c90fc95c21ffc21ea2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75204
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:30:30 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBhc9.ttf
fonts.gstatic.com/s/roboto/v32/ 129 KB
73 KB 43ms
43ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBhc9.ttf

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b21106842d5e78300440c1f17c20263e24ba59b1827e64951d35b102efe6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74896
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 15:23:36 GMT

GET
H2 200 nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 38 KB
38 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 15:06:16 GMT
x-content-type-options: nosniff
age: 405574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38748
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 15:06:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 11ms
11ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:40:54 GMT
x-content-type-options: nosniff
age: 407096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:40:54 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 11ms
10ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:57:51 GMT
x-content-type-options: nosniff
age: 409679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38372
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:57:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 14ms
13ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:09:26 GMT
x-content-type-options: nosniff
age: 408984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:09:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 9ms
9ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:06 GMT
x-content-type-options: nosniff
age: 409364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 13ms
13ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:32 GMT
x-content-type-options: nosniff
age: 409038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:32 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 9ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:01 GMT
x-content-type-options: nosniff
age: 409069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20216
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:01 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 9ms
9ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:57:44 GMT
x-content-type-options: nosniff
age: 409686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:57:44 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/22710654/827d01fc-d98e-4dbc-8806-477f850bb5f3/ 10 KB
4 KB 183ms
160ms XHR
application/json 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/22710654/827d01fc-d98e-4dbc-8806-477f850bb5f3/json?hs_static_app=forms-embed&hs_static_app_version=1.5781&X-HubSpot-Static-App-Info=forms-embed-1.5781

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f4d37ded9626d3e6f4ecdcaf3ced5f8514ab6a5f4c4b768eb6a917dfe2daee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 31af47ad-83ca-48fb-8c79-1f74e4c516b0
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 31af47ad-83ca-48fb-8c79-1f74e4c516b0
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.weightlossteam.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8b89f7033f8218e1-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-xq2tw

GET
H2 200 overlay-manager.3e64bc90.js Show response
www.weightlossteam.com/assets/javascripts/p/ 6 KB
2 KB 142ms
131ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/overlay-manager.3e64bc90.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

e152485e5063dcc4872ccfdd5df4a2c9eaf4a865d732f3f4c6b2344b7ece395d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 2207
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:50 GMT

GET
H2 200 nav-on-scroll.80b690b6.js Show response
www.weightlossteam.com/assets/javascripts/p/ 2 KB
1 KB 176ms
166ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/nav-on-scroll.80b690b6.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

39c78002a25f1d6cf8397456caa4ffc95273bdf294c87284357d5315c5698ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 846
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:50 GMT

GET
H2 200 menu-list.6fc54b72.js Show response
www.weightlossteam.com/assets/javascripts/p/ 2 KB
1 KB 178ms
168ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/menu-list.6fc54b72.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

b7bf93198ade7ed5dc1d14b24cf028aeba1da2fb0ad3f890fe7b8d9327df7bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 799
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:50 GMT

GET
H2 200 nav-e-style-switch.be6fbc4a.js Show response
www.weightlossteam.com/assets/javascripts/p/ 3 KB
1 KB 178ms
168ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/nav-e-style-switch.be6fbc4a.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

f81dc6777502a6a7317d37ecf562c0f249abe9af772b121b70ed7fdd0779c695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 1097
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:50 GMT

GET
H/1.1 200
OK original.svg
d1l9wtg77iuzz5.cloudfront.net/assets/5349/219595/ 54 KB
23 KB 25ms
9ms Image
image/svg+xml 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/219595/original.svg?1518733016

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4eb5beede05f13d173fccd98127a7748ab5b37fbd9525e49d4da6a3242c2fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 05 Aug 2024 22:26:11 GMT
x-amz-version-id: gLh7n7N.EAyhpDuDLf7.ELE8GrSx4T6g
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA60-P9
Age: 1675180
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 15 Feb 2018 22:18:04 GMT
Server: AmazonS3
ETag: W/"c0c4516f815d2f52525f98cc12ebda9a"
Vary: Accept-Encoding, Origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
X-Amz-Cf-Id: 0M_TtWUQcmTGwygeG423IBRSGaFMwjf2qiOCb3Fa_597giILjt51nQ==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 165ms
130ms Script
application/javascript 2606:4700::6810:6cfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22710654.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
Origin: https://www.weightlossteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-request-id: 6DEFG0YZTYA8PKT5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e67bc4da-0e87-4fd1-868f-8244386f0243
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b89f70388b171ac-FRA
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 19
x-amz-replication-status: COMPLETED
x-amz-id-2: YaT5qT71Z0JKU1NHW1juqutDsVRY9Uv2GXgf3yBOfk9HPx30oZ2rfprAorJEm4dX4mYzL/MQqok=
x-evy-trace-listener: listener_https
x-request-id: e67bc4da-0e87-4fd1-868f-8244386f0243
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
etag: W/"ac41634810840adc02ea51748cb19c2f"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
x-evy-trace-virtual-host: all
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=600, max-age=300
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
cf-ray: 8b89f70388b171ac-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/22710654/ 71 KB
26 KB 516ms
482ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/22710654/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22710654.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25319d6d10e6a0b5214f47e968465a9472dfb55d4951dfa27f06ec0eb26461aa

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:51 GMT
x-amz-version-id: NuGS_rBjbOJhUZKu_jQ5SpQr6w9O4xyr
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 6DE0QT8QFSPTRGTB
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a6c36d8c-bfbb-4ce5-84f9-72d9ecda908b
x-envoy-upstream-service-time: 101
x-amz-id-2: r3QKEJXglIufPGj1o9yotNmwTXSCyA7opNxIy/eMTbP3EzmFaSS1SmH0YmQ65v1LLRktI8IG3Ua5RuTZwTnWITVnJO4/qn85id6aQTLSf/I=
x-evy-trace-listener: listener_https
x-request-id: a6c36d8c-bfbb-4ce5-84f9-72d9ecda908b
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 16:39:08 GMT
server: cloudflare
etag: W/"f40d2441bf5ac49f09c5fd5ff24e9fec"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.weightlossteam.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8b89f7038edd6909-FRA
expires: Sun, 25 Aug 2024 07:50:50 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 75ms
38ms Script
application/javascript 2606:4700::6810:4f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22710654.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3584b2a942278c3971a683fa367a93c77fbb44bb84620afa4257aa9bb61a9ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-request-id: 7BGW0NWHJSYPX2J5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 1
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17691/bundles/project.js&cfRay=8b89f6f9add73831-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a0e234db45681ad3a8cd21c3ba1db505"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: conversations-embed/static-1.17691/bundles/project.js
date: Sun, 25 Aug 2024 07:45:50 GMT
x-amz-version-id: 3Ha5iopcbUaTU_mjeerTHrWcx9897bgQ
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: d6ba3ab3-f122-42d4-82ca-f23302a9637d
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 23
x-amz-id-2: OEEoG3AtW8hsLtgIAVn06WKlDgc8RBVzoPhlr7MYkI162QT3oHIJxn5OvQlUQBJiMXFhEWN+4efkiZrqRY1QyHOEROU6jUc8OW8ks43CDGg=
x-request-id: d6ba3ab3-f122-42d4-82ca-f23302a9637d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 21 Aug 2024 16:56:50 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vjwjs
cf-ray: 8b89f70388f01c0f-FRA

GET
H2 200 22710654.js Show response
js.hs-analytics.net/analytics/1724571900000/ 69 KB
25 KB 210ms
181ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1724571900000/22710654.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22710654.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737fcdf8945c61119c75e4875335c5331293743f9c82ff6a941db3b785526a8c

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 6DE5H4TWG7WC2QSQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 533e756a-6135-4fe9-927e-9dc4adbc291d
x-envoy-upstream-service-time: 64
x-amz-id-2: bEGkxPNgyiBw92Pr7A4uiMzFv/MGjOrWo2E1H/ebs1C2ciU9QZ/GFwc+IsplLLWHnQTN8JcAAAw=
x-evy-trace-listener: listener_https
x-request-id: 533e756a-6135-4fe9-927e-9dc4adbc291d
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 23 Aug 2024 14:04:01 GMT
server: cloudflare
etag: W/"20abd26dfde732ffdfff72a571551164"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wgwsj
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8b89f703b9ba916b-FRA
expires: Sun, 25 Aug 2024 07:50:50 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 156ms
127ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=22710654&conversations-embed=static-1.17691&mobile=false&messagesUtk=2db8eabb077247d6ae6c0317bfdc564c&traceId=2db8eabb077247d6ae6c0317bfdc564c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.weightlossteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.weightlossteam.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b89f7041a2565be-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 25 Aug 2024 07:45:50 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zsgPRQx4tlWeNKyECSsUFqH2G38XtQ%2BWQAWHJzYYnJOuyEBUsT9uiBLgDPDBkGJ66WPyQCN8gMfD0F9TBtgwP29KQozPXrVquh9xWf1obUouXNCCa8uUvWcmgfwDQKJRaRi5C6CzTFC1XyvSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-k2wnd
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f1853fe8-dbd7-467a-bb75-57d2acfbfaf9
x-request-id: f1853fe8-dbd7-467a-bb75-57d2acfbfaf9

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 284ms
284ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8fbc628519e962eefe9b2c014daa6011f31e0150c4927ae32135cae2fa9e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
X-HubSpot-Messages-Uri: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 66c95620-a430-4344-b0f5-5ea50295e9f9
x-envoy-upstream-service-time: 153
content-length: 1413
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 66c95620-a430-4344-b0f5-5ea50295e9f9
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.weightlossteam.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-5skt7
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzoxvGtjbVeClWYf81b%2FVXUFyXF%2BCiBx3vPS5m1JjbZotuOiLBRKdvZTIeX8%2BZ9sxv2pQ7KTqt5cIAoQmqq7WDTN8g9h%2ByLonvVtiW%2FPgVXuRzdBVUgpqJuW8L%2BxmTYG79BnqMSbPXRE4n2vrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b89f704eae665be-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 304 v2.js Show response
js.hsforms.net/forms/embed/ Frame 3BE0 483 KB
1 KB 21ms
20ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
If-None-Match: W/"07033d485ccfcdda144e7a4173dbc0bc"
If-Modified-Since: Wed, 07 Aug 2024 13:25:19 UTC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-request-id: MB4D388WTAD1BZA7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 464
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b89ebac0c216ade-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: "07033d485ccfcdda144e7a4173dbc0bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5781/bundles/project-v2.js
date: Sun, 25 Aug 2024 07:45:50 GMT
x-amz-version-id: __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id: 3389f02f-7e0e-4546-8485-db92adb6f3f3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bdvi0zBUB5xMLj4IGOq6dJdB+ytLcA0zv44BuUU+VlqWLB7qedPJjgx9rTIMt9R6e3gPmhlN31s=
x-request-id: 3389f02f-7e0e-4546-8485-db92adb6f3f3
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 07 Aug 2024 13:25:19 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yl6oQwQIZr4YuETff5gtPkR3OS%2Fa5tnpJOPb3JdM1%2BmgKbyDImTwSEiYh8P4k%2FEkVsSJSQJAIy6Q6WCZ7hn47L437tEf6570WXACdQ1yxRDeUBWgSmRMBMyk6au79zG0"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8b89f7044eef30d2-FRA

GET
H2 200 original_Weight_Loss_Team_Puerto_Vallarta.jpg
einstein-clients.imgix.net/5349/432555/ 105 KB
105 KB 50ms
14ms Image
image/jpeg 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://einstein-clients.imgix.net/5349/432555/original_Weight_Loss_Team_Puerto_Vallarta.jpg?w=1000

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fbd67044965c61872cc1c44f5e30dc15a7d4968376e7bf0fb58c47198b22e3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Aug 2024 17:47:00 GMT
server: imgix
age: 1346330
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 83aec41ac3e9674768f379ac0090580d6d50ac94
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 107319
x-served-by: cache-chi-klot8100088-CHI, cache-fra-etou8220043-FRA

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
433 B 125ms
116ms XHR
application/json 2606:4700::6810:6cfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22710654&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6b276cd1d4e6385b5170ed95b75c1b3110fe6559449596e759a2bd1410cffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 798bd531-8cb5-4e5b-b780-ba5cbf31026a
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 798bd531-8cb5-4e5b-b780-ba5cbf31026a
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.weightlossteam.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vjwjs
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8b89f70499ca71ac-FRA

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
885 B 147ms
122ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 746160a2-ca67-4a14-bac7-dbb09321efb0
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 746160a2-ca67-4a14-bac7-dbb09321efb0
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-s7kfj
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b89f704f9d52bcd-FRA

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
848 B 300ms
299ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 51e90c88-8e48-4d17-b77c-32052464e36f
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 51e90c88-8e48-4d17-b77c-32052464e36f
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b89f70509e62bcd-FRA

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
887 B 127ms
116ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 994394b3-dec6-4d70-9ffb-ef755dd7fc31
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 994394b3-dec6-4d70-9ffb-ef755dd7fc31
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-czsh5
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b89f7056ea691fc-FRA

GET
H/1.1 206
Partial Content original.mp4
d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/ 13 KB
13 KB 33ms
9ms Media
video/mp4 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/original.mp4?1524250961

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a54960dee1bade0410808ffb9693640a652f944288d285c049700fe130bbb1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=23035904-

Response headers

Date: Sun, 25 Aug 2024 07:45:51 GMT
Via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
x-amz-version-id: yysDstfE6IHl4ZcVbGaRkxEwlXv1Ksnq
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA60-P9
Age: 1
X-Cache: Hit from cloudfront
Content-Range: bytes 23035904-23048863/23048864
Content-Length: 12960
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 20 Apr 2018 19:02:42 GMT
Server: AmazonS3
ETag: "9b0b19080287d8a1215174dc1a665820-5"
Vary: Origin
X-Frame-Options: SAMEORIGIN
Content-Type: video/mp4
Cache-Control: max-age=600
Accept-Ranges: bytes
X-Amz-Cf-Id: PJDLe2dWoR_10O5lFFo_xKYXYQUXpzx2mMoX1FsFZGLA2ZbXsOfc7g==

GET
H2 200 2db8eabb077247d6ae6c0317bfdc564c
app.hubspot.com/conversations-visitor/22710654/threads/utk/ Frame C92F 0
0 211ms
182ms Document
text/html 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/22710654/threads/utk/2db8eabb077247d6ae6c0317bfdc564c?uuid=acc60cc898614225ae25368ba1023965&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=weightlossteam.com&inApp53=false&messagesUtk=2db8eabb077247d6ae6c0317bfdc564c&url=https%3A%2F%2Fwww.weightlossteam.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.weightlossteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8b89f706e8049ba1-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20143/html/index.html&cfRay=8b89f706e8049ba1&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F22710654%2Fthreads%2Futk%2F2db8eabb077247d6ae6c0317bfdc564c%3Fuuid%3Dacc60cc898614225ae25368ba1023965%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dweightlossteam.com%26inApp53%3Dfalse%26messagesUtk%3D2db8eabb077247d6ae6c0317bfdc564c%26url%3Dhttps%253A%252F%252Fwww.weightlossteam.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fwww.weightlossteam.com%2F&cfenv=prod&pdt=2024-08-25&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 07:45:51 GMT
etag: W/"857484e430aaeb169ff056e3fb110061"
last-modified: Wed, 21 Aug 2024 16:56:50 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8b89f706e8049ba1&resource=conversations-visitor-ui/static-1.20143/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-amz-id-2: BUtPSqZClAStdiOXnc7J0evkn+D7RpXrJvkpJNyWa43JsFuMFGswpBjdxdqcKtQfJDW4HFcCtYDEraAgXg0FXE8K3/M5pIooe5Uxf3mQ1P4=
x-amz-replication-status: COMPLETED
x-amz-request-id: 4J07KDNQ58FJSRHQ
x-amz-server-side-encryption: AES256
x-amz-version-id: 3SSq8HDbQYFvBPlxZ6Q6mlg0veo70S6V
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 48
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20143/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 1ee2afc4-4c17-45b1-8864-16f0126455eb
x-request-id: 1ee2afc4-4c17-45b1-8864-16f0126455eb

GET
H/1.1 206
Partial Content original.mp4
d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/ 14 MB
0 0ms
0ms Media
video/mp4 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/original.mp4?1524250961

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

Date: Sun, 25 Aug 2024 07:45:51 GMT
Via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
x-amz-version-id: yysDstfE6IHl4ZcVbGaRkxEwlXv1Ksnq
X-Amz-Cf-Pop: FRA60-P9
Age: 1
X-Cache: Hit from cloudfront
Content-Range: bytes 32768-23048863/23048864
Content-Length: 23016096
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 20 Apr 2018 19:02:42 GMT
Server: AmazonS3
ETag: "9b0b19080287d8a1215174dc1a665820-5"
Vary: Origin
X-Frame-Options: SAMEORIGIN
Content-Type: video/mp4
Cache-Control: max-age=600
Accept-Ranges: bytes
X-Amz-Cf-Id: PJDLe2dWoR_10O5lFFo_xKYXYQUXpzx2mMoX1FsFZGLA2ZbXsOfc7g==

GET
H2 200 all-forms.ad294ad0.js Show response
www.weightlossteam.com/assets/javascripts/p/ 14 KB
5 KB 176ms
175ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/all-forms.ad294ad0.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

a05ff6472ddb6efee9a879ce3b4cb565fd0ee8e7f7a54264b0a0b2f2175879d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 5048
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 formV2.488a358e.js Show response
www.weightlossteam.com/assets/javascripts/p/ 29 KB
8 KB 157ms
157ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/formV2.488a358e.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

6a82963469df43e3045469246a50f11e76725f1496eb0636111ca197590b9c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 8339
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 google-analytics.c0e56db8.js Show response
www.weightlossteam.com/assets/javascripts/p/ 2 KB
2 KB 148ms
148ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/google-analytics.c0e56db8.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

27cd8009aa84cdc05f9a009c3321b73a7f49649b492026f2abf44ad4dd41a4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 1209
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 referrer.c7e5c9b5.js Show response
www.weightlossteam.com/assets/javascripts/p/ 2 KB
1 KB 174ms
174ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/referrer.c7e5c9b5.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

9a5fff5bd2eab60f08d24fe58db94091ed8a011c42b3de0f0f2a075429f050c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 1138
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 landing-page-cookie.613cad75.js Show response
www.weightlossteam.com/assets/javascripts/p/ 3 KB
2 KB 173ms
173ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/landing-page-cookie.613cad75.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

d0c86995b50f246763ec1c9e97048247e2e5091575a06cc3644dbbc65dd475db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 1443
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 iframe-wrapper.ba2b0ef8.js Show response
www.weightlossteam.com/assets/javascripts/p/ 2 KB
1 KB 173ms
172ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/iframe-wrapper.ba2b0ef8.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

1cd83161a4de03290240c83854021500736d4d939e129e595ba22524a9cc22f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 864
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 animate-item.ec12286e.js Show response
www.weightlossteam.com/assets/javascripts/p/ 1 KB
1 KB 185ms
184ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/animate-item.ec12286e.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

33e73c417a3f1af49ec14a20db61775801a650c086a3a66878c9cb3030d9b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 777
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 gutters-row-column.0cd29f85.js Show response
www.weightlossteam.com/assets/javascripts/p/ 1 KB
932 B 167ms
166ms Script
application/javascript 15.197.131.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weightlossteam.com/assets/javascripts/p/gutters-row-column.0cd29f85.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.131.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

1984839996e975f8f6fabad8c6c694a9d622d2d32a8770f723c75dfae35af691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Aug 2024 21:41:53 GMT
server: openresty
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 602
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2034 07:45:52 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
743 B 431ms
145ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2507617663&v=1.1&a=22710654&pu=https%3A%2F%2Fwww.weightlossteam.com%2F&t=Weight+Loss+Team%3A+Bariatric+Surgery+in+Puerto+Vallarta%2C+M%C3%A9xico&cts=1724571952373&vi=61a31191dbf035fb77ca7b38ccf2b98d&nc=true&u=242033245.61a31191dbf035fb77ca7b38ccf2b98d.1724571952370.1724571952370.1724571952370.1&b=242033245.1.1724571952370&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a7398ae2-73cc-4d5f-8a6e-9e52da2a5a23
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a7398ae2-73cc-4d5f-8a6e-9e52da2a5a23
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vvmy7379mv4omYYz8hgNlBjCSyUSTkw5Pm0gYqqHN6uRCNvf3pckm5AN2x7hvC1Tf1hJ5hnkl6qqlKRdXZ9ylfC5qFd7%2BLNrGgU1EvmUZBDoNSCvr6x3M1pZ5Cs3bITWy%2B6HSYHholtfajHmfqFX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-df5pc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8b89f7102b995b5c-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 413ms
129ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=827d01fc-d98e-4dbc-8806-477f850bb5f3&fci=b9f09761-1812-4de6-8be0-e5aea06814a3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2507617663&v=1.1&a=22710654&pu=https%3A%2F%2Fwww.weightlossteam.com%2F&t=Weight+Loss+Team%3A+Bariatric+Surgery+in+Puerto+Vallarta%2C+M%C3%A9xico&cts=1724571952374&vi=61a31191dbf035fb77ca7b38ccf2b98d&nc=true&u=242033245.61a31191dbf035fb77ca7b38ccf2b98d.1724571952370.1724571952370.1724571952370.1&b=242033245.1.1724571952370&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 387fe545-090a-4580-9fe7-4aab2e7a2d39
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 387fe545-090a-4580-9fe7-4aab2e7a2d39
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Er7HbabBjG6kxoyMY%2BPDGW8mQXBUB06EAjKIpZkGd1dos8%2Bnh9qzUwVesexX0HFnAPOMB0nBcJQCWH3GZN5vRIWm%2FX60cKXlLXXcGXjLG1HcjzofQpP0FgBOPY2BqNCB5cQvs%2BfV0HBqaBpIqmYk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-rrqz8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8b89f7102b965b5c-FRA
x-robots-tag: none

GET
H/1.1 200
OK original.png
d1l9wtg77iuzz5.cloudfront.net/assets/5349/223131/ 25 KB
26 KB 28ms
27ms Other
image/png 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/223131/original.png?1520887298

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0a773baa936ec74ff49fc58c00819b6e4b9df3b6439d6e3f4da301a058e463ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WUcJCZhtgsBh8IEuUcqwcXIFiJ6m9iEd
Date: Sun, 25 Aug 2024 07:45:52 GMT
Via: 1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA60-P9
Age: 164825
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 25388
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 12 Mar 2018 20:42:30 GMT
Server: AmazonS3
ETag: "3af399e75fa703ecea4712b5d6731534"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: UzJaQlaMCFEIwpvMXx_06TDjYVy90SE_MunsCeBGG6T5yycWEn_FOw==

GET
H2 200 original.jpg
einstein-clients.imgix.net/5349/427776/ 647 KB
648 KB 10ms
9ms Image
image/jpeg 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://einstein-clients.imgix.net/5349/427776/original.jpg?w=2000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2ce9293024556a38c8f3525dc002f20cab95748f5b3e3b5faf04bf1e4ae031d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Aug 2024 01:57:39 GMT
server: imgix
age: 452893
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 1900a9b316539c424e533c4807fdc9c737f06668
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 662787
x-served-by: cache-chi-kigq8000132-CHI, cache-fra-etou8220043-FRA

GET
H2 200 analytics.js Show response
www.eiiwebservices.com/google/ 52 KB
21 KB 353ms
117ms Script
application/javascript 3.33.146.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eiiwebservices.com/google/analytics.js

Requested by

Host: www.weightlossteam.com
URL: https://www.weightlossteam.com/assets/javascripts/p/google-analytics.c0e56db8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.146.207 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a47112cd6619c1358.awsglobalaccelerator.com

Software

openresty /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sun, 25 Aug 2024 06:15:01 GMT
server: openresty
etag: "ceb4-6207bedb9564e-gzip"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21027
x-xss-protection: 1; mode=block
expires: Tue, 24 Sep 2024 07:45:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 73ms
26ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=730088022&t=pageview&_s=1&dl=https%3A%2F%2Fwww.weightlossteam.com%2F&ul=de-de&de=UTF-8&dt=Weight%20Loss%20Team%3A%20Bariatric%20Surgery%20in%20Puerto%20Vallarta%2C%20M%C3%A9xico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=2058851136&gjid=1207064365&cid=2134601970.1724571953&tid=UA-56877907-1&_gid=2139750252.1724571953&_r=1&_slc=1&z=1244469530

Requested by

Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f2656866c91dbaae5600481323cfdc9e367383125f48704d77457d9fdc365527

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weightlossteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
332 B 71ms
25ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=730088022&t=pageview&_s=1&dl=https%3A%2F%2Fwww.weightlossteam.com%2F&ul=de-de&de=UTF-8&dt=Weight%20Loss%20Team%3A%20Bariatric%20Surgery%20in%20Puerto%20Vallarta%2C%20M%C3%A9xico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1848320960&gjid=1958878054&cid=2134601970.1724571953&tid=UA-77563-16&_gid=2139750252.1724571953&_r=1&_slc=1&cd1=flux&cd2=2&cd3=default&cd4=www.weightlossteam.com&z=139739815

Requested by

Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f57b57e34cd04eae1cc3a6bba477e3530d0f2e34f0d0f662343e92bdadbb8201

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weightlossteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 59ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-402FET8GER&cx=c&_slc=1

Requested by

Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8608a430908fc573fb848cf0bb82b90a7bc0680e0052147863123d79d828b858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 07:45:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 54ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CNDL21L00F&cx=c&_slc=1

Requested by

Host: www.eiiwebservices.com
URL: https://www.eiiwebservices.com/google/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90c12e6f4c51354d92f91cd6d4450689830332f6eb91cef33841c50afa04e0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:45:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 07:45:53 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 61ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-402FET8GER&gtm=45je48l0v9135843651za200&_p=1724571952971&_gaz=1&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=2134601970.1724571953&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.weightlossteam.com%2F&dt=Weight%20Loss%20Team%3A%20Bariatric%20Surgery%20in%20Puerto%20Vallarta%2C%20M%C3%A9xico&sid=1724571953&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=flux&ep.ua_dimension_2=2&ep.ua_dimension_3=default&ep.ua_dimension_4=www.weightlossteam.com&tfd=4060
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-402FET8GER&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weightlossteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 78ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-402FET8GER&cid=2134601970.1724571953&gtm=45je48l0v9135843651za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-402FET8GER&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weightlossteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2237 0
0 53ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-402FET8GER&gacid=2134601970.1724571953&gtm=45je48l0v9135843651za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=833825304

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-402FET8GER&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 07:45:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 60ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CNDL21L00F&gtm=45je48l0v9106115038za200&_p=1724571952971&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=2134601970.1724571953&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.weightlossteam.com%2F&dt=Weight%20Loss%20Team%3A%20Bariatric%20Surgery%20in%20Puerto%20Vallarta%2C%20M%C3%A9xico&sid=1724571953&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CNDL21L00F&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weightlossteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
34ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-402FET8GER&cid=2134601970.1724571953&gtm=45je48l0v9135843651za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1876038827

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weightlossteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 07:45:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content original.mp4
d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/ 3 MB
0 0ms
0ms Media
video/mp4 13.33.158.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1l9wtg77iuzz5.cloudfront.net/assets/5349/228501/original.mp4?1524250961

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.158.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-158-72.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weightlossteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=14451680-

Response headers

Date: Sun, 25 Aug 2024 07:45:51 GMT
Via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
x-amz-version-id: yysDstfE6IHl4ZcVbGaRkxEwlXv1Ksnq
X-Amz-Cf-Pop: FRA60-P9
Age: 1
X-Cache: Hit from cloudfront
Content-Range: bytes 14451680-23048863/23048864
Content-Length: 8597184
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 20 Apr 2018 19:02:42 GMT
Server: AmazonS3
ETag: "9b0b19080287d8a1215174dc1a665820-5"
Vary: Origin
X-Frame-Options: SAMEORIGIN
Content-Type: video/mp4
Cache-Control: max-age=600
Accept-Ranges: bytes
X-Amz-Cf-Id: PJDLe2dWoR_10O5lFFo_xKYXYQUXpzx2mMoX1FsFZGLA2ZbXsOfc7g==

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.weightlossteam.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rq608t1vf4tiak91sc2148h389
.hsforms.net/	1970-01-20 23:02:53	Name: __cf_bm Value: p03sVuQPCF2xMPVdFH2JL8lMEZt.M.NoK_OU1rPDmsk-1724571950-1.0.1.1-FotyDtb3zec5IY3vxUbFDLU_Po6zJBYYDiSK3Qz3RE_PWqNGONhMpiFNZmkaEqF2omaRaIhIhDXT0nk2uONbEg
tools--dev.cms.eiidev.com/	1970-01-20 23:12:56	Name: AWSALBCORS Value: 0XBV6vYT9mo7KbfCHmF/81GGMQuGuFkdz32IwGkAPxKpsXm20eY2In2p2MfJcLOa/C6kTn4xRG4kgZykyYCrHic+DdXY1/nq8UNbOQgKPucDi2Rb+tcLGda+HggD
tools--dev.einsteincms.com/	1970-01-20 23:12:56	Name: AWSALBCORS Value: eZu2f2WfHyZuheuTHCYfVvYiX+dKV+NUlIz+fHsbyUpJuv0EB5U32APVrHe3+mEB8QYfkPeYP9Y5TRsgPecXLET0H3SBPejvjAgLD3/vQEVRxIOa7lx/z1PcEx+M
.hsforms.com/	1970-01-20 23:02:53	Name: __cf_bm Value: IUezsGPBNHY4qm0BwOxOhlSJ1_CR4FyAA4yt0xT4gik-1724571951-1.0.1.1-OxvtcrND2jgRgqjLBr8YqzsjVwADbo9GHILS6mmqHnppA10wfl5OQEQvt6HFpXyoueYc9B51.6si2gis7m8XZQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: eXNXvmL0Ec5v0pVlfIl7focEaOnZIT3K8EiEWhX6kO8-1724571951180-0.0.1.1-604800000
.weightlossteam.com/	1970-01-21 03:22:03	Name: messagesUtk Value: 2db8eabb077247d6ae6c0317bfdc564c
.weightlossteam.com/	1970-01-21 03:22:03	Name: __hstc Value: 242033245.61a31191dbf035fb77ca7b38ccf2b98d.1724571952370.1724571952370.1724571952370.1
.weightlossteam.com/	1970-01-21 03:22:03	Name: hubspotutk Value: 61a31191dbf035fb77ca7b38ccf2b98d
.weightlossteam.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.weightlossteam.com/	1970-01-20 23:02:53	Name: __hssc Value: 242033245.1.1724571952370
.hubspot.com/	1970-01-20 23:02:53	Name: __cf_bm Value: wxdPE.G9yn91g5swq3Fewi7cGvctiPEiEvhij_GB2wQ-1724571952-1.0.1.1-iBEXuPx1IVOb7UoUur5FafklWzEdxVze7XwW3mAcreJzbo86Jp_Aq0OAEB8AhvRidtusJmHtMGaqslCoP0Q4lA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: kvI.WSErCU0TnJppVXc8LnXSSmLJqEUiDIffCPAjJHo-1724571952801-0.0.1.1-604800000
.weightlossteam.com/	1970-01-21 08:38:51	Name: _ga Value: GA1.2.2134601970.1724571953
.weightlossteam.com/	1970-01-20 23:04:18	Name: _gid Value: GA1.2.2139750252.1724571953
.weightlossteam.com/	1970-01-20 23:02:52	Name: _gat_tracker0 Value: 1
.weightlossteam.com/	1970-01-20 23:02:52	Name: _gat_lucid Value: 1
.weightlossteam.com/	1970-01-21 08:38:51	Name: _ga_402FET8GER Value: GS1.2.1724571953.1.0.1724571953.60.0.0
.weightlossteam.com/	1970-01-21 08:38:51	Name: _ga_CNDL21L00F Value: GS1.2.1724571953.1.0.1724571953.0.0.0
.doubleclick.net/	1970-01-20 23:02:52	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
d1l9wtg77iuzz5.cloudfront.net
einstein-clients.imgix.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
stats.g.doubleclick.net
td.doubleclick.net
tools--dev.cms.eiidev.com
tools--dev.einsteincms.com
track.hubspot.com
weightlossteam.com
www.eiiwebservices.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.weightlossteam.com
104.18.142.119
104.19.175.188
13.33.158.72
142.250.186.163
142.250.186.35
15.197.131.231
18.204.106.24
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700:4400::6812:28f0
2606:4700::6810:4f8e
2606:4700::6810:6cfe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2a00:1450:4001:803::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
2a04:4e42::720
3.33.146.207
3.5.2.12
34.194.63.20
0a773baa936ec74ff49fc58c00819b6e4b9df3b6439d6e3f4da301a058e463ad
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
0e6c65dad20d817e551a6cceb5f13aef089ce6188178cd5aa8d3342bb45556e7
1984839996e975f8f6fabad8c6c694a9d622d2d32a8770f723c75dfae35af691
1cd83161a4de03290240c83854021500736d4d939e129e595ba22524a9cc22f5
25319d6d10e6a0b5214f47e968465a9472dfb55d4951dfa27f06ec0eb26461aa
27cd8009aa84cdc05f9a009c3321b73a7f49649b492026f2abf44ad4dd41a4a4
2ce9293024556a38c8f3525dc002f20cab95748f5b3e3b5faf04bf1e4ae031d6
30231bf7d8c3f1f10fe8f051615dcbe3b0e630ca9d081901e7a80c68d6e51799
33e73c417a3f1af49ec14a20db61775801a650c086a3a66878c9cb3030d9b89c
3584b2a942278c3971a683fa367a93c77fbb44bb84620afa4257aa9bb61a9ef2
39c78002a25f1d6cf8397456caa4ffc95273bdf294c87284357d5315c5698ffa
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
59440d8b2ef1ed17d2383f8337ddfcff8377be2dd796a1dad00e3b92f1933c8b
64f4d37ded9626d3e6f4ecdcaf3ced5f8514ab6a5f4c4b768eb6a917dfe2daee
6a82963469df43e3045469246a50f11e76725f1496eb0636111ca197590b9c48
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
737fcdf8945c61119c75e4875335c5331293743f9c82ff6a941db3b785526a8c
791aba3a80c988031de40920e6805746129ccab8774cbfdd75838a550087c3db
79581993c4f31dbb6804c3f8d8d1c915cd946fb2a8630783723db1b50d838376
7c8e7df73e45496330dc8998ae49ce28d73a97f79b76f6a1968254403768d294
8608a430908fc573fb848cf0bb82b90a7bc0680e0052147863123d79d828b858
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610
90c12e6f4c51354d92f91cd6d4450689830332f6eb91cef33841c50afa04e0e0
97739987b96b58c9433dd2909be0d30b987453cad11513fc4ab3786cf2a1dc07
9a5fff5bd2eab60f08d24fe58db94091ed8a011c42b3de0f0f2a075429f050c4
9fe5fcc0a15afba4f01aa3aa8302b4d62e64c2d62fb913759228a15d5e8da444
a05ff6472ddb6efee9a879ce3b4cb565fd0ee8e7f7a54264b0a0b2f2175879d1
a49b4a0de0092b3d3c3f945fc4dda7cbb8c39fc28a7c34f4f78904dd70ccf01a
a54960dee1bade0410808ffb9693640a652f944288d285c049700fe130bbb1b8
a5b21106842d5e78300440c1f17c20263e24ba59b1827e64951d35b102efe6e0
a73b67561bd207ef45ffcab98515c51f351768aea83e182f3c54d2707a2c6a6f
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b391c44541da8de97f401d16dda5f88561ad1252b2bf8440933891a63d41e652
b7bf93198ade7ed5dc1d14b24cf028aeba1da2fb0ad3f890fe7b8d9327df7bfd
bf220e9a61a33fba495be48ee5c209a8869df2036899b9832634a6c1a8d6a058
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cd53f408cebd8a3bab0a34fa56384e307c2da49e13a83511f0457faf5af8c629
d0c86995b50f246763ec1c9e97048247e2e5091575a06cc3644dbbc65dd475db
d4eb5beede05f13d173fccd98127a7748ab5b37fbd9525e49d4da6a3242c2fe6
d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab
e152485e5063dcc4872ccfdd5df4a2c9eaf4a865d732f3f4c6b2344b7ece395d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e982bc143d3cbd1054f8f264ccdb8f0b447fe16f9c520c90fc95c21ffc21ea2e
ea6b276cd1d4e6385b5170ed95b75c1b3110fe6559449596e759a2bd1410cffe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2656866c91dbaae5600481323cfdc9e367383125f48704d77457d9fdc365527
f57b57e34cd04eae1cc3a6bba477e3530d0f2e34f0d0f662343e92bdadbb8201
f81dc6777502a6a7317d37ecf562c0f249abe9af772b121b70ed7fdd0779c695
fbd67044965c61872cc1c44f5e30dc15a7d4968376e7bf0fb58c47198b22e3fc
ff8fbc628519e962eefe9b2c014daa6011f31e0150c4927ae32135cae2fa9e86

www.weightlossteam.com Open in urlscan Pro 15.197.131.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

62 %IPv6

22 Domains

29 Subdomains

25 IPs

4 Countries

2225 kBTransfer

22068 kBSize

20 Cookies

12 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.weightlossteam.com Open in urlscan Pro
15.197.131.231 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

62 %
IPv6

22
Domains

29
Subdomains

25
IPs

4
Countries

2225 kB
Transfer

22068 kB
Size

20
Cookies

69 HTTP transactions
0 data transactions