urlscan.io logo urlscan.io
SecurityTrails logo

bodyfreedomtoday.com Open in urlscan Pro
35.185.3.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bodyfreedomtoday.com/p8
Effective URL: https://bodyfreedomtoday.com/p8
Submission: On January 07 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 10 domains to perform 16 HTTP transactions. The main IP is 35.185.3.114, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is bodyfreedomtoday.com. The Cisco Umbrella rank of the primary domain is 272209.
TLS certificate: Issued by R3 on December 21st 2021. Valid for: 3 months.
This is the only time bodyfreedomtoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    35.185.3.114 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 114.3.185.35.bc.googleusercontent.com
bodyfreedomtoday.com
1    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.33.46.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-129.ewr52.r.cloudfront.net
cdn.convertri.com
4    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.84.42.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-50.ewr52.r.cloudfront.net
cdn.clkmc.com
1    50.97.212.250 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com
1    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googleadservices.com
1    18.235.105.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-105-186.compute-1.amazonaws.com
snowplow.convertri.com
1    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42:2f::720 (United States)

ASN54113 (FASTLY, US)
convertri.imgix.net
1    2607:f8b0:4006:80c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
4 gstatic.com
fonts.gstatic.com
108 KB
4 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 105327
snowplow.convertri.com — Cisco Umbrella Rank: 117505
121 KB
2 bodyfreedomtoday.com
bodyfreedomtoday.com — Cisco Umbrella Rank: 272209
32 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
548 B
1 imgix.net
convertri.imgix.net — Cisco Umbrella Rank: 114418
19 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 91026
278 B
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 114858
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
39 KB
16 10
Domain Requested by
4 fonts.gstatic.com bodyfreedomtoday.com
3 cdn.convertri.com bodyfreedomtoday.com
2 bodyfreedomtoday.com 1 redirects
1 www.google.com bodyfreedomtoday.com
1 convertri.imgix.net bodyfreedomtoday.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 snowplow.convertri.com bodyfreedomtoday.com
1 www.googleadservices.com www.googletagmanager.com
1 www.clkmg.com bodyfreedomtoday.com
1 cdn.clkmc.com bodyfreedomtoday.com
1 www.googletagmanager.com bodyfreedomtoday.com
16 11

This site contains links to these domains. Also see Links.

Domain
hop.clickbank.net
Subject Issuer Validity Valid
bodyfreedomtoday.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.convertri.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-25 -
2022-02-22		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.clkmc.com
AlphaSSL CA - SHA256 - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.clkmg.com
AlphaSSL CA - SHA256 - G2		 2021-02-03 -
2022-03-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-10 -
2022-06-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bodyfreedomtoday.com/p8
Frame ID: 149FAB3FA1B92DD60C4908C8AB7E4B5E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tropical Loophole Dissolves Fat Overnight

Page URL History Show full URLs

  1. http://bodyfreedomtoday.com/p8 HTTP 307
    https://bodyfreedomtoday.com/p8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

45 %
IPv6

10
Domains

11
Subdomains

11
IPs

1
Countries

344 kB
Transfer

884 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bodyfreedomtoday.com/p8 HTTP 307
    https://bodyfreedomtoday.com/p8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request p8
bodyfreedomtoday.com/
Redirect Chain
  • http://bodyfreedomtoday.com/p8
  • https://bodyfreedomtoday.com/p8
160 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.3.114 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.3.185.35.bc.googleusercontent.com
Software
/
Resource Hash
e83fa3f402e7f4e70056c773ffac73dae498c9603a676ea818b5be2d4f11bea2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
date
Fri, 07 Jan 2022 21:27:39 GMT

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://bodyfreedomtoday.com/p8
Vary
Accept-Encoding
Date
Fri, 07 Jan 2022 21:27:39 GMT
Content-Length
67
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-397047003
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c00c330fa8f5d93b636440182e823caf7b69b4e27f10f0d56ffd3e8b01e89a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:27:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39605
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jan 2022 21:27:39 GMT
jquery-1.12.2.min.js
cdn.convertri.com/ 		341 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2022-01-04-09-34-01
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
815a275d454a7a98e5784c8e762b32bfa329b30f28659ec6d159f79356c74750

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 09:37:13 GMT
content-encoding
gzip
last-modified
Tue, 04 Jan 2022 09:36:46 GMT
server
AmazonS3
age
301827
etag
W/"e8f97baac97dc2a4924a3b2ab81d0afb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
izRIxGJmxH7BOWIUgKjHomH9Hqm9CCMIBWHnchO6zFTR_lx9PZowXA==
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYA.ttf
fonts.gstatic.com/s/oswald/v40/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYA.ttf
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4db8149ea25e9c4ec68dc6f046e57ae7bf816a9d369d33bbdeb262323f03e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bodyfreedomtoday.com/
Origin
https://bodyfreedomtoday.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 17:56:25 GMT
x-content-type-options
nosniff
age
444674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35904
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 02 Jan 2023 17:56:25 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYA.ttf
fonts.gstatic.com/s/oswald/v40/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYA.ttf
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1baa269b2657e3b5d9882fb27248b65f60b170be8d9956a6c6406a93a18ffb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bodyfreedomtoday.com/
Origin
https://bodyfreedomtoday.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 22:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20144
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 22:50:20 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v29/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bodyfreedomtoday.com/
Origin
https://bodyfreedomtoday.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 06:38:43 GMT
x-content-type-options
nosniff
age
53336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36216
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 06:38:43 GMT
cmc.js
cdn.clkmc.com/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-50.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
56dfc697d6a9785866fcff50bbad448a74465c65f09183e183598277023c1abd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 17:45:57 GMT
Via
1.1 a2b911ba341aa7e1e7d2f292be789000.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies
none
Age
1914102
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7621
Last-Modified
Thu, 16 Dec 2021 17:45:20 GMT
Server
nginx
ETag
"61bb7b30-1dc5"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public, no-transform
X-Amz-Cf-Pop
EWR52-C4
Accept-Ranges
bytes
X-Amz-Cf-Id
d26R0PXMmQ3rk44ybpk4ZO7r8yyjYx-_DCOZB1q3LWViaEbXz55szw==
Expires
Sat, 15 Jan 2022 17:45:57 GMT
/
www.clkmg.com/api/a/pixel/ 		49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clkmg.com/api/a/pixel/?uid=142985&ref=hop&ignore=1
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.97.212.250 San Jose, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
fa.d4.6132.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
c1dbc6d58f074cf9d3c16029f91e71465ba785f7950983419021ff2fd003b0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:27:39 GMT
x-cm-fe
httpfe-01.clickmagick.com
server
nginx
p3p
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
content-type
image/gif
x-xss-protection
1; mode=block
cdn.min.css
cdn.convertri.com/ 		64 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2022-01-04-09-34-01
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c9005f820b70376ccde98ea2b3b749973c429cff4c7d4d293db470da143a8a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 09:37:31 GMT
content-encoding
gzip
last-modified
Tue, 04 Jan 2022 09:36:47 GMT
server
AmazonS3
age
301809
etag
W/"71389decce366f056cc4738a1c47789a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
NmRPplyJauRdtL609cOwWjcsNIFxcB8AXeeetY3CS-Ly7yytDQ-uqg==
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-397047003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
a98b8d90f4ae98eadbb85696695d15cfeab2ca102901725a3f82219d443b34b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14730
x-xss-protection
0
server
cafe
etag
9662634068273389288
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 21:27:39 GMT
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1641590859698&e=pv&url=https%3A%2F%2Fbodyfreedomtoday.com%2Fp8&page=Tropical%20Loophole%20Dissolves%20Fat%20Overnight&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=06187e83-4bdb-427c-9e6f-f0ce44a10838&dtm=1641590859697&vp=1600x1200&ds=1600x1981&vid=1&sid=17de416d-e668-4034-bef7-2ecd466d2b6c&duid=8dd26d7a-934e-4e76-b208-1bc3ebd26070&fp=3441833202
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.105.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-105-186.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 07 Jan 2022 21:27:39 GMT
access-control-allow-credentials
true
server
spray-can/1.3.3
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/397047003/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397047003/?random=1641590859738&cv=9&fst=1641590859738&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbodyfreedomtoday.com%2Fp8&tiba=Tropical%20Loophole%20Dissolves%20Fat%20Overnight&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd826a223c12ccafb1b1bdadf10ce82879f56b42ec2c46183e2f6fb424111a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 21:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1031
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lander%205.png
convertri.imgix.net/e2d3be17-542a-11ea-99fe-0697e5ca793e/558eb1d5355055b14915a2f87f6f15797c461720/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/e2d3be17-542a-11ea-99fe-0697e5ca793e/558eb1d5355055b14915a2f87f6f15797c461720/lander%205.png?auto=compress,format&fit=scale&w=648&h=365
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:2f::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0d55c722274b72a8631026c267b8a70319dedb4ebd3e6954bc85a031c7cfc4fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:27:39 GMT
x-content-type-options
nosniff
last-modified
Sat, 11 Dec 2021 05:32:04 GMT
server
imgix
age
2390136
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
b7e71d7a1bb2a0fb01212975388e2b40b396dd81
accept-ranges
bytes
content-length
19212
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10080-SJC, cache-dca17773-DCA
giphy%20%282%29.gif
cdn.convertri.com/e2d3be17-542a-11ea-99fe-0697e5ca793e/7e5479344ef60930df5dfd536e39f94e84a4f682/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/e2d3be17-542a-11ea-99fe-0697e5ca793e/7e5479344ef60930df5dfd536e39f94e84a4f682/giphy%20%282%29.gif
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-129.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fd7f4ea37a29629ac63d6dfd9f6aac11916d6ecd84c539120e6943d2ec699bb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:37:12 GMT
via
1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
last-modified
Sun, 28 Nov 2021 17:07:10 GMT
server
AmazonS3
age
1144228
etag
"02b68157472f39f94f3cde9e3675411a"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=2419200
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
18321
x-amz-cf-id
Y4828Bot4k4oRDKBOtqnC5OL1IzMy0WKYwmhP88upDmb_RjovaYf7g==
JTUSjIg69CK48gW7PXoo9Wlhzg.ttf
fonts.gstatic.com/s/bebasneue/v2/ 		32 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9Wlhzg.ttf
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d2c7d1c878ec189f11b1950106f4f493234079388bc4563bdda450faabbee02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bodyfreedomtoday.com/
Origin
https://bodyfreedomtoday.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 14:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17024
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 01 Jan 2023 14:00:39 GMT
/
www.google.com/pagead/1p-user-list/397047003/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/397047003/?random=1641590859738&cv=9&fst=1641589200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbodyfreedomtoday.com%2Fp8&tiba=Tropical%20Loophole%20Dissolves%20Fat%20Overnight&async=1&fmt=3&is_vtc=1&random=3285282166&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: bodyfreedomtoday.com
URL: https://bodyfreedomtoday.com/p8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bodyfreedomtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 21:27:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| dataLayer object| ConvertriScriptConsent function| gtag string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| managePopovers function| Popover object| FormValidator function| ViewportResizer function| visibilityChanged object| MobileDetector function| yall function| uniqueSelector object| QueryArgBag object| UrlUtils function| Cookies object| match object| cmPixel object| clickmagick_cmc object| google_tag_manager object| google_tag_data object| bots function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse string| ref object| jQuery11220845357837518123 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

4 Cookies

Domain/Path Name / Value
.bodyfreedomtoday.com/ Name: _gcl_au
Value: 1.1.1266062800.1641590860
bodyfreedomtoday.com/ Name: _sp_ses.333d
Value: *
bodyfreedomtoday.com/ Name: _sp_id.333d
Value: 8dd26d7a-934e-4e76-b208-1bc3ebd26070.1641590860.1.1641590860.1641590860.17de416d-e668-4034-bef7-2ecd466d2b6c
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bodyfreedomtoday.com
cdn.clkmc.com
cdn.convertri.com
convertri.imgix.net
fonts.gstatic.com
googleads.g.doubleclick.net
snowplow.convertri.com
www.clkmg.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
13.33.46.129
142.250.80.66
18.235.105.186
2607:f8b0:4006:808::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::2003
2a04:4e42:2f::720
35.185.3.114
50.97.212.250
99.84.42.50
0d55c722274b72a8631026c267b8a70319dedb4ebd3e6954bc85a031c7cfc4fb
1baa269b2657e3b5d9882fb27248b65f60b170be8d9956a6c6406a93a18ffb1b
3fd7f4ea37a29629ac63d6dfd9f6aac11916d6ecd84c539120e6943d2ec699bb
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
56dfc697d6a9785866fcff50bbad448a74465c65f09183e183598277023c1abd
6d2c7d1c878ec189f11b1950106f4f493234079388bc4563bdda450faabbee02
815a275d454a7a98e5784c8e762b32bfa329b30f28659ec6d159f79356c74750
9c9005f820b70376ccde98ea2b3b749973c429cff4c7d4d293db470da143a8a1
a98b8d90f4ae98eadbb85696695d15cfeab2ca102901725a3f82219d443b34b8
c00c330fa8f5d93b636440182e823caf7b69b4e27f10f0d56ffd3e8b01e89a02
c1dbc6d58f074cf9d3c16029f91e71465ba785f7950983419021ff2fd003b0f8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
dd826a223c12ccafb1b1bdadf10ce82879f56b42ec2c46183e2f6fb424111a6f
e4db8149ea25e9c4ec68dc6f046e57ae7bf816a9d369d33bbdeb262323f03e4d
e83fa3f402e7f4e70056c773ffac73dae498c9603a676ea818b5be2d4f11bea2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629