www2.3harmfulfoods.com Open in urlscan Pro
172.64.152.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tblndnat.com/KHNZB/6H52ND/?sub1=20240421&sub2=
Effective URL:
https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cp...
Submission: On April 24 via manual (April 24th 2024, 1:31:23 pm UTC) from NZ — Scanned from NZ

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 172.64.152.205, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www2.3harmfulfoods.com.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.

This is the only time www2.3harmfulfoods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.107.202.36 34.107.202.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.64.150.177 172.64.150.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	172.64.152.205 172.64.152.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:401... 2404:6800:4015:802::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.70.234 142.250.70.234	15169 (GOOGLE) (GOOGLE)
2	108.158.20.43 108.158.20.43	16509 (AMAZON-02) (AMAZON-02)
2	172.64.147.200 172.64.147.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	7

1 34.107.202.36 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.202.107.34.bc.googleusercontent.com

www.tblndnat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.150.177 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www2.3-harmfulfoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.64.152.205 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www2.3harmfulfoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4006:80b::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4015:802::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.70.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel05s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.20.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-43.syd62.r.cloudfront.net

static-na.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.200 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.nucific.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	3harmfulfoods.com www2.3harmfulfoods.com	2 MB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	4 KB
2	nucific.com cdn.nucific.com	1 KB
2	payments-amazon.com static-na.payments-amazon.com — Cisco Umbrella Rank: 17281	117 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	3-harmfulfoods.com 1 redirects www2.3-harmfulfoods.com	819 B
1	tblndnat.com 1 redirects www.tblndnat.com	507 B
0	brightcove.net Failed players.brightcove.net Failed
0	amazon.com Failed payments.amazon.com Failed
37	9

	Domain	Requested by
16	www2.3harmfulfoods.com	www2.3harmfulfoods.com
6	fonts.googleapis.com	www2.3harmfulfoods.com
2	cdn.nucific.com
2	static-na.payments-amazon.com	www2.3harmfulfoods.com static-na.payments-amazon.com
1	www.googletagmanager.com	www2.3harmfulfoods.com
1	www2.3-harmfulfoods.com	1 redirects
1	www.tblndnat.com	1 redirects
0	players.brightcove.net Failed	www2.3harmfulfoods.com
0	payments.amazon.com Failed	www2.3harmfulfoods.com
37	9

This site contains no links.

Subject Issuer	Validity	Valid
3harmfulfoods.com GTS CA 1P5	`2024-04-03` - `2024-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
static-na.payments-amazon.com Amazon RSA 2048 M02	`2024-04-22` - `2025-05-21`	a year	crt.sh
nucific.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Frame ID: FAFF83B81D5DEB4E43FB9106E79D0788
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.tblndnat.com/KHNZB/6H52ND/?sub1=20240421&sub2= HTTP 302
https://www2.3-harmfulfoods.com/cid/7013w000002YvqCAAS?subid1=52b8e92685894b06b28ef668ed339295&subid2=13&sub... HTTP 302
https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_camp... Page URL

Page Statistics

37
Requests

73 %
HTTPS

25 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

1794 kB
Transfer

20150 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tblndnat.com/KHNZB/6H52ND/?sub1=20240421&sub2= HTTP 302
https://www2.3-harmfulfoods.com/cid/7013w000002YvqCAAS?subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow HTTP 302
https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/
Redirect Chain

https://www.tblndnat.com/KHNZB/6H52ND/?sub1=20240421&sub2=
https://www2.3-harmfulfoods.com/cid/7013w000002YvqCAAS?subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_sou...

34 KB
14 KB

397ms
300ms

Document
text/html

172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb66f915e030e0dc1ac50efd580fc71d3094c7d36a5862a1fb0716b8c3de744

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age = 31557600
cf-cache-status: DYNAMIC
cf-ray: 879673130ee9aad2-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 13:30:43 GMT
last-modified: Tue, 23 Apr 2024 17:07:08 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 879673109ed7ab07-SYD
content-length: 0
date: Wed, 24 Apr 2024 13:30:42 GMT
location: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 icon
fonts.googleapis.com/ 592 B
781 B 653ms
250ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons&display=block

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14e14de13b72e0fcab665c19ffc29f1f921305e688bdded887088c0aad4a5664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 13:30:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:43 GMT

GET
H3 200 process_env.js Show response
www2.3harmfulfoods.com/ 1 KB
1 KB 333ms
332ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/process_env.js?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965179676d801305ac5d4f9fc2b18f9bd43dee687758b2d9322621f29d38f479

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:43 GMT
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2024 13:06:56 GMT
server: cloudflare
etag: W/"58d-18f10376557"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, no-cache, max-age = 0
cf-ray: 879673151869aad2-SYD

GET
H3 200 polyfills.js Show response
www2.3harmfulfoods.com/build/ 94 KB
34 KB 85ms
84ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/polyfills.js?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394867e02ba0cd9a4779459a8e933387b0bb9e2a7ad14f2ee63aca19d2da3c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (7186aa94a765)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4637
cf-polished: origSize=96745
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:42:00 GMT
server: cloudflare
etag: W/"179e9-18f078b49c0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 879673173a36aad2-SYD
expires: Wed, 24 Apr 2024 14:30:43 GMT

GET
H3 200 main.css
www2.3harmfulfoods.com/build/ 9 MB
541 KB 104ms
89ms Stylesheet
text/css 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/main.css?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dfd1453cb009d5ea75d25d0b328ec41f5fc09690f5fed88d0f7ea9fbf0441ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4640
cf-polished: origSize=9601427
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:41:41 GMT
server: cloudflare
etag: W/"928193-18f078aff88"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 879673195bc7aad2-SYD
expires: Wed, 24 Apr 2024 14:30:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
594 B 249ms
245ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700&display=swap

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/main.css?ver=423202417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 13:25:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
505 B 254ms
251ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;500;700&display=swap

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/main.css?ver=423202417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0714ca109be2a8389b2cf7d51c9678fdb522d6745dc90c65b9cdf8f9dc3ea6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:44:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
740 B 249ms
247ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,700;1,200&display=swap

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/main.css?ver=423202417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae7fa19a9a18fd5570ac3745601c125f95383fc08533ee8079c45162f8d4c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 13:30:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 405 B
359 B 346ms
344ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sofia:400,700&display=swap

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/main.css?ver=423202417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cda363d01d320d52f3114d5fd9d880c7740700b15deb4d89a62701e58f5e49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 13:30:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 372 KB
108 KB 709ms
303ms Script
application/javascript 2404:6800:4015:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5C7Q52

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4015:802::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a3efb88523bf710c6427df9ebb5e2805b89ae448d56845bae9462678633eb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110086
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Apr 2024 13:30:45 GMT

GET
H3 200 css2
fonts.googleapis.com/ 4 KB
663 B 168ms
167ms Stylesheet
text/css 142.250.70.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.70.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel05s02-in-f10.1e100.net

Software

ESF /

Resource Hash

c27b34afba3137d30217abd1ef2990244fd904b09adcf09da7eb5b183c47cfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 13:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 13:30:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 13:30:45 GMT

GET
H3 200 fst_abbrev_funnel_confs.js Show response
www2.3harmfulfoods.com/ 6 MB
277 KB 339ms
338ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/fst_abbrev_funnel_confs.js?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2786186fc4902841f13418b822a89dc20807e35513c09bb2f477bc4174697dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:45 GMT
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2024 13:14:12 GMT
server: cloudflare
etag: W/"64ccd2-18f103e0b26"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8796732189d7aad2-SYD
expires: Wed, 24 Apr 2024 14:30:45 GMT

GET
H3 200 countries.js Show response
www2.3harmfulfoods.com/ 4 KB
2 KB 81ms
80ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/countries.js?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2572355e1fdf47f52b488e9c75244e3830241e7170034eef60e1c48f93faac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4641
cf-polished: origSize=4479
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 24 Apr 2024 11:04:08 GMT
server: cloudflare
etag: W/"117f-18f0fc6f5a9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 87967325edbdaad2-SYD
expires: Wed, 24 Apr 2024 14:30:46 GMT

GET
H3 200 request-ip Show response
www2.3harmfulfoods.com/ 62 B
438 B 326ms
313ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/request-ip

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86628ad18fb209cf922ba4d787a8b45f85510e05fc19e9f6820c1cdc7b856dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:46 GMT
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"3e-J2ZEsDzS4Ih2epz4WM0Yk6ji0vM"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, max-age = 0
cf-ray: 879673268e3daad2-SYD

GET
H2 200 Widgets.js Show response
static-na.payments-amazon.com/OffAmazonPayments/us/js/ 335 KB
103 KB 226ms
75ms Script
application/x-javascript 108.158.20.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js
Requested by: Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-43.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5f4c400bd624bddf0743be561c701bd07d4c2769db228df627d9cbadca33061

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: N.5nNgH0DakyUJCnEoHi0IhsbVQLxIRX
content-encoding: gzip
via: 1.1 7f1eebb2ab7fd9ddd5ae296bfe0194d2.cloudfront.net (CloudFront)
date: Wed, 24 Apr 2024 13:22:10 GMT
last-modified: Fri, 19 Apr 2024 05:04:55 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
age: 517
x-amz-server-side-encryption: AES256
etag: W/"39d13aa8e048740c071f046aa669947c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1200,public
x-amz-cf-id: u69JO4uaqXZCKfy3-fl7gCmPyoKo9fv2tauRLhnV1I78Jn44QPfulw==

GET
H3 200 getsession Show response
www2.3harmfulfoods.com/proxy/utils/ 0
365 B 322ms
310ms XHR
application/octet-stream 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/proxy/utils/getsession

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
x-brand: Nucific
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5), 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 87967326ae53aad2-SYD

GET
H3 200 bundle.js Show response
www2.3harmfulfoods.com/build/ 3 MB
650 KB 109ms
96ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/bundle.js?ver=423202417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee8b177ff9c6fc23a4306f283282f66c2ae40cb8b1014fb093826d4e77eb53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4640
cf-polished: origSize=3301653
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:43:05 GMT
server: cloudflare
etag: W/"326115-18f078c47a8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 87967326be56aad2-SYD
expires: Wed, 24 Apr 2024 14:30:46 GMT

POST
H3 200 setaffparameters
www2.3harmfulfoods.com/proxy/affiliate/ 20 B
501 B 309ms
309ms XHR
application/json 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/proxy/affiliate/setaffparameters

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/polyfills.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Brand: Nucific
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow
XSRF-TOKEN: auQCt3mO-9nRkZz-FjJRHiEyTaUpmis-Fpdk
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5), 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 20
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.3harmfulfoods.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 8796732bcb14aad2-SYD

POST
H3 200 save
www2.3harmfulfoods.com/proxy/funnel/stats/ 16 B
497 B 309ms
309ms XHR
application/json 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/proxy/funnel/stats/save

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/polyfills.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Brand: Nucific
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544
XSRF-TOKEN: auQCt3mO-9nRkZz-FjJRHiEyTaUpmis-Fpdk
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5), 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.3harmfulfoods.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 8796732bcb17aad2-SYD

POST
H3 200 save
www2.3harmfulfoods.com/proxy/funnel/stats/ 16 B
499 B 306ms
306ms XHR
application/json 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/proxy/funnel/stats/save

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/polyfills.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Brand: Nucific
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544
XSRF-TOKEN: auQCt3mO-9nRkZz-FjJRHiEyTaUpmis-Fpdk
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5), 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.3harmfulfoods.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 8796732bdb1caad2-SYD

GET sessionstabilizer
payments.amazon.com/gp/widgets/ 0
0

GET
H2 200 login.js
static-na.payments-amazon.com/v2/ 45 KB
14 KB 72ms
69ms Script
application/javascript 108.158.20.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/v2/login.js
Requested by: Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-43.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SY7zsivMQxiVUShVsSowem.fxdVNiEoX
content-encoding: gzip
via: 1.1 7f1eebb2ab7fd9ddd5ae296bfe0194d2.cloudfront.net (CloudFront)
date: Wed, 24 Apr 2024 13:21:32 GMT
last-modified: Fri, 19 Apr 2024 05:04:50 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
age: 562
x-amz-server-side-encryption: AES256
etag: W/"5749b41e8a4e496fded16674baddf257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200,public
x-amz-cf-id: AruKhNmHkaRC5BUOwYHUlrbVtp3-R0tE-Nvhtq9zmfSV-pwbYxRTFQ==

GET
H3 200 favicon.ico
cdn.nucific.com/img/ 1 KB
1 KB 436ms
348ms Other
image/x-icon 172.64.147.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nucific.com/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.200 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
x-amz-version-id: Sd.UnNglrG3y53WQWi6itFNm5XNOr5YH
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Feb 2020 00:10:16 GMT
server: cloudflare
x-amz-request-id: 0Q6G4AV8KW9T0XNG
etag: W/"a2f03f30e187ee1e2e34a835432ee768"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=3600
cf-ray: 8796732d5898a87c-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NwJuB21f23NhZhB4BfvR9a+1YITbaH9na5l3TrF8YRtSF8GSoqqa03yT0A7PxuIohM472+ZPiJc=
expires: Wed, 24 Apr 2024 14:30:47 GMT

POST
H3 200 save
www2.3harmfulfoods.com/proxy/funnel/stats/ 16 B
430 B 317ms
317ms XHR
application/json 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/proxy/funnel/stats/save

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/polyfills.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Brand: Nucific
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www2.3harmfulfoods.com/fst/d_db_bx4_vslstart_qqq/?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544
XSRF-TOKEN: auQCt3mO-9nRkZz-FjJRHiEyTaUpmis-Fpdk
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5), 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.3harmfulfoods.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 8796732dbc78aad2-SYD

GET
H3 200 src_components_components_module_ts.js
www2.3harmfulfoods.com/build/ 143 KB
23 KB 93ms
88ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/src_components_components_module_ts.js?v=0d263dcfb6c3cafb1a22

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/bundle.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/video240213a_ap?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544&uid=db_bx4_vslstart_240221&dsid=a0v3w00000LpwQ2AAJ&step=1
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4640
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:42:01 GMT
server: cloudflare
etag: W/"23b6a-18f078b4da8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8796732ddca4aad2-SYD
expires: Wed, 24 Apr 2024 14:30:47 GMT

GET
H3 200 src_pages__brand-pages-base_base-controllers_video_video-common_ts.js
www2.3harmfulfoods.com/build/ 16 KB
6 KB 89ms
85ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/src_pages__brand-pages-base_base-controllers_video_video-common_ts.js?v=3dcdf333cdc6c05f1653

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/bundle.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/video240213a_ap?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544&uid=db_bx4_vslstart_240221&dsid=a0v3w00000LpwQ2AAJ&step=1
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4640
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:42:02 GMT
server: cloudflare
etag: W/"40fc-18f078b5190"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8796732ddca8aad2-SYD
expires: Wed, 24 Apr 2024 14:30:47 GMT

GET
H3 200 src_pages_video-pages_video240213a_video240213a_module_ts.js
www2.3harmfulfoods.com/build/ 47 KB
13 KB 317ms
316ms Script
application/javascript 172.64.152.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.3harmfulfoods.com/build/src_pages_video-pages_video240213a_video240213a_module_ts.js?v=9f6bb9a56cb27ff83b3b

Requested by

Host: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/build/bundle.js?ver=423202417

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.205 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/video240213a_ap?business_unit=a00f400000jv554aad&n=dbtcr&utm_campaign=nuc-db-biox4-cpaeml-all-qqq&utm_campaign_id=7013w000002YvqCAAS&utm_medium=cpa&utm_source=email&subid1=52b8e92685894b06b28ef668ed339295&subid2=13&subid3=20240421&subid5=everflow&sessionid=1154167273544&uid=db_bx4_vslstart_240221&dsid=a0v3w00000LpwQ2AAJ&step=1
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (2a9d893844a5)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 20:42:48 GMT
server: cloudflare
etag: W/"bc9d-18f078c0540"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8796732ddca9aad2-SYD
expires: Wed, 24 Apr 2024 14:30:47 GMT

GET
H3 200 favicon.ico
cdn.nucific.com/img/ 1 KB
0 273ms
273ms Other
image/x-icon 172.64.147.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nucific.com/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.200 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.3harmfulfoods.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 13:30:47 GMT
x-amz-version-id: Sd.UnNglrG3y53WQWi6itFNm5XNOr5YH
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Feb 2020 00:10:16 GMT
server: cloudflare
x-amz-request-id: 0Q6G4AV8KW9T0XNG
etag: W/"a2f03f30e187ee1e2e34a835432ee768"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=3600
cf-ray: 8796732d5898a87c-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NwJuB21f23NhZhB4BfvR9a+1YITbaH9na5l3TrF8YRtSF8GSoqqa03yT0A7PxuIohM472+ZPiJc=
expires: Wed, 24 Apr 2024 14:30:47 GMT

POST save
www2.3harmfulfoods.com/proxy/funnel/stats/ 0
0

GET index.min.js
players.brightcove.net/6058004207001/JNIA5qkjl_default/ 0
0

GET logo.png
cdn.nucific.com/images/ 0
0

GET speaker-double-side-thin.png
cdn.nucific.com/images/ 0
0

GET dr-lee.jpg
cdn.nucific.com/ 0
0

GET amy-sign.png
cdn.nucific.com/images/ 0
0

GET FeaturedOn_Mobile.jpg
cdn.nucific.com/images/ 0
0

GET FeaturedOn_Desktop.jpg
cdn.nucific.com/images/ 0
0

GET white-flame.png
cdn.nucific.com/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: payments.amazon.com
URL: https://payments.amazon.com/gp/widgets/sessionstabilizer?countryOfEstablishment=US&ledgerCurrency=USD&isSandbox=false

Domain: www2.3harmfulfoods.com
URL: https://www2.3harmfulfoods.com/proxy/funnel/stats/save

Domain: players.brightcove.net
URL: https://players.brightcove.net/6058004207001/JNIA5qkjl_default/index.min.js

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/logo.png

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/speaker-double-side-thin.png

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/dr-lee.jpg

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/amy-sign.png

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/FeaturedOn_Mobile.jpg

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/FeaturedOn_Desktop.jpg

Domain: cdn.nucific.com
URL: https://cdn.nucific.com/images/white-flame.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tblndnat.com/	1970-01-20 20:07:31	Name: uniqueClick_6H52ND Value: 87411ac4-b6a1-4d01-b1f8-0ddb3811f6ae:1713965442
www.tblndnat.com/	1970-01-20 22:15:41	Name: transaction_id Value: 52b8e92685894b06b28ef668ed339295
www2.3-harmfulfoods.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: CoVPIOrE-ZqbX5KVSqkFu-poNI7n8W_EcqMk
www2.3-harmfulfoods.com/	1969-12-31 23:59:59	Name: _csrf Value: R1hiVPzv7NEwKaDTMZtCRii1
.3-harmfulfoods.com/	1970-01-20 20:06:07	Name: __cf_bm Value: 9cRBVvrbuyf0YH3rp7Ne1wVHtUVaJBbVerl4fxhsRh8-1713965442-1.0.1.1-Bc4hHVrglSycK9MuyhYO6zjgu0nmxFWPXCByKDwQhT72MAqqUZ_MgeyJZEOYJTNjOdj9YNHIxSnl7AIkIuJopg
www2.3harmfulfoods.com/	1969-12-31 23:59:59	Name: _csrf Value: pVWE_0AUBguXK56nB_D1tskx
.3harmfulfoods.com/	1970-01-20 20:06:07	Name: __cf_bm Value: Lr1SG.j_PWSJnnTEMCeXs2oCGcvpy07voYE_exsR2JA-1713965443-1.0.1.1-5q9vkpLhb2Nxu.TcpBO1UakQWafDGhozujzUisN6CuRs_73.TBXu2i4ECF4BsAHazfpf6ageA0NclnjVDp4zxQ
www2.3harmfulfoods.com/	1970-01-21 04:51:41	Name: alternaiGuestId Value: 598cd885-7f8d-48d5-9edf-aff2de79b778,www2.3harmfulfoods.com,,blob:https:
www2.3harmfulfoods.com/	1970-01-20 20:16:10	Name: GAID Value: 1eb72fa7-62da-8b6a-aa1a-53b69ee911f1
www2.3harmfulfoods.com/	1970-01-20 20:26:05	Name: connect.sid Value: s%3ASpx0P33pQI74D5SeNskWMYSwfvdpM2ID.BJIuOVLgOJQCslCRtj6qFE3x8VPlDdRszfSyPIZxA%2FQ
.3harmfulfoods.com/	1969-12-31 23:59:59	Name: tcrFed Value: true
.nucific.com/	1970-01-20 20:06:07	Name: __cf_bm Value: pCZu5AecMqnPF2ahTlChee7BjYUO0qm0D2uBL1vP0xI-1713965447-1.0.1.1-cxr8RqLGkEbzCRajdDGEwBt31ggDf5m7r3psiAA9Oz0KyJBduI1tBbMdNniQlg1Bw6acSKBMg5dZSKD_tGUtFg
www2.3harmfulfoods.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: Ct6HpeiQ--r5q3_Iw7pxjg-tMNtFqUqTmJ88
.amazon.com/	1970-01-21 04:51:41	Name: session-token Value: "Lak247bOhu5fTJWQIsim09uE1KqU6eSmaW0HUOtXeCDAeOm/k9rMRxt4Kdl+xFemBfS7pI5IvPO/QPBEOFXUfk4oCH+Gk7XU0e6m01h8mkagHa6xmgVIgP7NSuCmLVpXEJIzME3/jEwCKar9TnWrw28WCVHaBGtDTMDYnScPX5tnTtgZR1mVVuxE0TeFC2OF+BFW4lT7gYxTq7j5ZaN0n+HMUf2iBpJODlT8Rukm2jnwgFziR0jYyVZT6gslM8/k6fBMVwLfDdQO8yGP2B/iLz4Fn4miWUJ1Bw2wjsGgobvt+wvJyG24BbXAxBEW4FoyKatn5vJ1yjg="
.amazon.com/	1970-01-21 04:51:41	Name: session-id Value: 147-3395117-1811158
.amazon.com/	1970-01-21 04:51:41	Name: session-id-time Value: 2082758400
.amazon.com/	1970-01-21 04:51:41	Name: session-id-apay Value: 147-3395117-1811158

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.nucific.com
fonts.googleapis.com
payments.amazon.com
players.brightcove.net
static-na.payments-amazon.com
www.googletagmanager.com
www.tblndnat.com
www2.3-harmfulfoods.com
www2.3harmfulfoods.com
cdn.nucific.com
payments.amazon.com
players.brightcove.net
www2.3harmfulfoods.com
108.158.20.43
142.250.70.234
172.64.147.200
172.64.150.177
172.64.152.205
2404:6800:4006:80b::200a
2404:6800:4015:802::2008
34.107.202.36
0714ca109be2a8389b2cf7d51c9678fdb522d6745dc90c65b9cdf8f9dc3ea6c1
0cda363d01d320d52f3114d5fd9d880c7740700b15deb4d89a62701e58f5e49e
14e14de13b72e0fcab665c19ffc29f1f921305e688bdded887088c0aad4a5664
1ae7fa19a9a18fd5570ac3745601c125f95383fc08533ee8079c45162f8d4c8b
1d2572355e1fdf47f52b488e9c75244e3830241e7170034eef60e1c48f93faac
2786186fc4902841f13418b822a89dc20807e35513c09bb2f477bc4174697dd9
2ee8b177ff9c6fc23a4306f283282f66c2ae40cb8b1014fb093826d4e77eb53b
394867e02ba0cd9a4779459a8e933387b0bb9e2a7ad14f2ee63aca19d2da3c7c
86628ad18fb209cf922ba4d787a8b45f85510e05fc19e9f6820c1cdc7b856dd1
8a3efb88523bf710c6427df9ebb5e2805b89ae448d56845bae9462678633eb38
8dfd1453cb009d5ea75d25d0b328ec41f5fc09690f5fed88d0f7ea9fbf0441ab
965179676d801305ac5d4f9fc2b18f9bd43dee687758b2d9322621f29d38f479
b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd
c27b34afba3137d30217abd1ef2990244fd904b09adcf09da7eb5b183c47cfa0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5f4c400bd624bddf0743be561c701bd07d4c2769db228df627d9cbadca33061
fcb66f915e030e0dc1ac50efd580fc71d3094c7d36a5862a1fb0716b8c3de744

www2.3harmfulfoods.com Open in urlscan Pro 172.64.152.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

37 Requests

73 %HTTPS

25 %IPv6

9 Domains

9 Subdomains

7 IPs

2 Countries

1794 kBTransfer

20150 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

17 Cookies

www2.3harmfulfoods.com Open in urlscan Pro
172.64.152.205 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

73 %
HTTPS

25 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

1794 kB
Transfer

20150 kB
Size

17
Cookies

37 HTTP transactions
0 data transactions