urlscan.io logo urlscan.io
SecurityTrails logo

healthfirstweb.com Open in urlscan Pro
2606:4700:3035::6815:39ba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clk.asia/Canvaprofree
Effective URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Submission: On February 15 via manual from MA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::6815:39ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is healthfirstweb.com. The Cisco Umbrella rank of the primary domain is 865276.
TLS certificate: Issued by GTS CA 1P5 on December 26th 2023. Valid for: 3 months.
This is the only time healthfirstweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
clk.asia
1    2606:4700:3036::ac43:c712 (United States)

ASN13335 (CLOUDFLARENET, US)
clk.wiki
1    2606:4700:3035::6815:39ba (United States)

ASN13335 (CLOUDFLARENET, US)
healthfirstweb.com
10    2606:4700:20::681a:51a (United States)

ASN13335 (CLOUDFLARENET, US)
fstatic.netpub.media
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
taghaugh.com
5    2600:9000:275b:3600:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    157.90.33.72 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub2.1push.io
push-sdk.net
1    2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net
s4.histats.com
2    157.90.33.122 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub3.1push.io
uidsync.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.153.172.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-172-61.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
10 netpub.media
fstatic.netpub.media — Cisco Umbrella Rank: 128841
378 KB
6 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4076
api.cmp.inmobi.com — Cisco Umbrella Rank: 13170
192 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
164 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 46248
710 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12731
s4.histats.com — Cisco Umbrella Rank: 12280
5 KB
2 push-sdk.net
push-sdk.net — Cisco Umbrella Rank: 168679
15 KB
2 taghaugh.com
taghaugh.com — Cisco Umbrella Rank: 358361
36 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
66 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9876
546 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
916 B
1 healthfirstweb.com
healthfirstweb.com — Cisco Umbrella Rank: 865276
41 KB
1 clk.wiki
clk.wiki — Cisco Umbrella Rank: 526778
1 KB
1 clk.asia
clk.asia — Cisco Umbrella Rank: 547613
454 B
32 16
Domain Requested by
10 fstatic.netpub.media 4 redirects healthfirstweb.com
fstatic.netpub.media
clk.wiki
5 cmp.inmobi.com fstatic.netpub.media
cmp.inmobi.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 securepubads.g.doubleclick.net fstatic.netpub.media
securepubads.g.doubleclick.net
2 uidsync.net push-sdk.net
2 fonts.gstatic.com fonts.googleapis.com
2 push-sdk.net healthfirstweb.com
push-sdk.net
2 taghaugh.com healthfirstweb.com
taghaugh.com
1 cdn.jsdelivr.net fstatic.netpub.media
1 api.cmp.inmobi.com cmp.inmobi.com
1 www.googletagmanager.com fstatic.netpub.media
1 s4.histats.com s10.histats.com
1 my.rtmark.net taghaugh.com
1 s10.histats.com healthfirstweb.com
1 fonts.googleapis.com healthfirstweb.com
1 healthfirstweb.com
1 clk.wiki
1 clk.asia 1 redirects
32 18

This site contains links to these domains. Also see Links.

Domain
a.shukriya90.com
Subject Issuer Validity Valid
clk.wiki
GTS CA 1P5		 2024-01-25 -
2024-04-24		 3 months crt.sh
healthfirstweb.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
netpub.media
GTS CA 1P5		 2024-01-11 -
2024-04-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
taghaugh.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
push-sdk.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Frame ID: 33AC4CE036CB7AE635F074541C4A868C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finally! Get Rid of Stubborn Belly Fat with This Delicious Overnight Oats Trick!

Page URL History Show full URLs

  1. https://clk.asia/Canvaprofree HTTP 301
    https://clk.wiki/Canvaprofree Page URL
  2. https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

94 %
HTTPS

61 %
IPv6

16
Domains

18
Subdomains

18
IPs

4
Countries

955 kB
Transfer

3500 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clk.asia/Canvaprofree HTTP 301
    https://clk.wiki/Canvaprofree Page URL
  2. https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clk.asia/Canvaprofree HTTP 301
  • https://clk.wiki/Canvaprofree
Request Chain 5
  • https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709746 HTTP 301
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/service.js HTTP 302
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
Request Chain 7
  • https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709747 HTTP 301
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/service.js HTTP 302
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Canvaprofree
clk.wiki/
Redirect Chain
  • https://clk.asia/Canvaprofree
  • https://clk.wiki/Canvaprofree
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.wiki/Canvaprofree
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
396ccea62b8a8197dd49f07a390c15fd1530b7015cba7323d6e7f935fa65778e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
855ec0a48f2d9b82-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks03XoihDTatr9Md9ca%2BnjiLGz9dBQ97TE7d975gJcnCVgO1B%2FEIXtg7yTi3Y4kEVdXsQWYjqeKV5FZ4tLo8Zn3NBMhMcuaSTG9oo5zP919Lg%2F8wibScQaaZUyAeMApLPOJhI0wgxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
DENY,SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
855ec0a3d8bdbbc1-FRA
date
Thu, 15 Feb 2024 15:58:28 GMT
expires
Thu, 15 Feb 2024 16:58:28 GMT
location
https://clk.wiki/Canvaprofree
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwEGuNldbllv1Tev9APU%2B82Jc04tsWRonHbW%2FZIYd8%2FiExVyQG8gfX%2FX8J5LyjXgUAafeAfWJ%2B37b2Ox%2BVM9GVjgrI7VQtccG2yp8NVA2jckOQDTal7njg3b0Lrfo56QT4T8P%2FaxzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request /
healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/ 		110 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:39ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
396c946e51eb0667acd068f4484cd868b07ec8d06c8f3356fb87df413b53ab08

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
855ec0a72a2a1961-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 15:58:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3YcQ2xwVrsn6Z3K8lxs9ovlh1jl7xJ1PETh14FT25WgQshKYNHR03tSc4P4ujzLA3CnWDo%2BuBP%2FYrO%2F0ORkl%2B5aVJTWORxg9nZhDmwoyClo5QtQFhnavrMoyE3m2OPBexAL2X6xR5kkn2CjCrSJakY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache-control
no-cache
x-litespeed-tag
253_HTTP.200
cmp-gdpr.js
fstatic.netpub.media/extra/cmp/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/extra/cmp/cmp-gdpr.js
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ade78251b1e0723e97a8c7fa14830b473a0074e4780acff43b9a36cb60a5748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 15 Feb 2024 15:58:30 GMT
date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jan 2024 21:48:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucwRGAPcAE4tZbxVIVYZIF3mZxi6zFKZZxIrYkU0SVKJYSqp1LLjOO5cMDtFeIjtUDX1AmfEBpxjvM7sZImCoydevBr3lgReQCs3OfQV9It1B8pgup11tr8m0Dof7v8x75kMMH2LW1%2FTuZEKTVcwv7HL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
855ec0ab7dec1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
css
fonts.googleapis.com/ 		2 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Space+Mono:400,700
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ac4becff47ce1b9958d32cb1d1cdd27fede2d15e7bac91222da486a9e3e097d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 15:53:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 15:58:29 GMT
5491932
taghaugh.com/5/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taghaugh.com/5/5491932
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
79098bb11cf35383079f031e95a9eca74461e187283050a489c36da0afbbcab0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
gzip
x-trace-id
c4393a87a47faaac11fdc306c4433c7b
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=healthfirstweb.com
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/extra/cmp/cmp-gdpr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:17:51 GMT
content-encoding
gzip
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
2438
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
kgel29wKTiytrFF4j6Cr48C7tpBaQDAhZWl8LIJhYsTwWKJMyJvBpQ==
4791058c.js
fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/
Redirect Chain
  • https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709746
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/service.js
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
429 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a7f0794b40556b49b0575a28286209ab809051a29cc80667e1ceec0e63db80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2024 12:35:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1273
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lo6lvdmQ6g483yI8ewRa0wq09bqO9wnTjM5a8O%2FF6oUoCeEiuRYCh1R1sKjWMEmKvFhunjZPd8bIlyz%2F9Otwkuwm69HeEBvKmBEDd5VzqDBOs9yqzxN9P24WGjCDxJhmZgfoLQmbbzwox3HHxhC3zmk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
855ec0ac9ff31b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS

Redirect headers

date
Thu, 15 Feb 2024 15:58:29 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZSOLWQMZk%2BIMCz8ZTNlXbdg3nd%2BDd9yV8H%2FgHewizS3meSzQZkQfVh5b7%2Bp2Y4M5BA23PNTqQHXi3sXgaB2iUNyxdbIa1lzPHzP5S1%2FYDDkqDgM7vq6zYuR%2Bc4aVnI7UmGlbRIUjykBKmi27ISEgOV8"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
cf-ray
855ec0ac3f3d1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
sdk.js
push-sdk.net/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push-sdk.net/f/sdk.js?z=737224
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.72 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub2.1push.io
Software
nginx /
Resource Hash
1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
nginx
content-length
14884
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
4791058c.js
fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/
Redirect Chain
  • https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709747
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/service.js
  • https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
429 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a7f0794b40556b49b0575a28286209ab809051a29cc80667e1ceec0e63db80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2024 12:35:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1273
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J68EWo7%2BnAd%2BduPe%2BsbHnsbM4uUXGOrXqINmre1uFf08A%2FwPmXZL4iW%2B6rWhCsRLhymiIVstZCZoQNE1nIAwcGy3QGZygJCfD%2BQha6uSF1jvS67vdm3rGcnyHLaS0NPWoSL%2BgnNuM2h0bcckSK0qyKkB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
855ec0ac9ff11b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS

Redirect headers

date
Thu, 15 Feb 2024 15:58:29 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCpy4LwGZwsqhYjYGM3BECVTg6eZpMezPA7MjUo282HOPKK8zpSHOokktMCy2YZj9wS5Q6%2BatgVxkip8UwH%2B67kluo0M5gMiRtHmD%2FyWT83QxJwjeIoFuECpDPlUzCEfULceIuSwvH7aICpYQStV6l1v"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fstatic.netpub.media/r/1f25fcb0d80ecb4ae10137bb7949bf8b/4791058c.js?npr=a3079d9151dfff9c6d7298c491ca8801
cf-ray
855ec0ac3f3a1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2fa2c5f3e7cdb9ef6fb9318985ef7413221b8dcb5ca587fb54481da974b27fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: healthfirstweb.com
URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
52797
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
855ec0ac4db39136-FRA
content-length
4547
i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
fonts.gstatic.com/s/spacemono/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spacemono/v13/i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Space+Mono:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe8b511426ee346147ad35a0ee8d29058919cc5327a304078d8c011d01e31d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://healthfirstweb.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 01:15:15 GMT
x-content-type-options
nosniff
age
139394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16180
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 15:14:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 01:15:15 GMT
i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2
fonts.gstatic.com/s/spacemono/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spacemono/v13/i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Space+Mono:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336d60cbe13b695fb4c5e5482cdb71173ab3608ae52cba41e9bbaae6b69ecd9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://healthfirstweb.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 00:17:12 GMT
x-content-type-options
nosniff
age
229277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15836
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:58:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 00:17:12 GMT
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=c0bc01ce33b6431da7cb614d32b716dc
Requested by
Host: taghaugh.com
URL: https://taghaugh.com/5/5491932
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
759e4fcb019082816c58b28709287664757a5d430dc0e06b9c533c613549a21b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://healthfirstweb.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4127600&@f16&@g1&@h1&@i1&@j1708012709830&@k0&@l1&@mFinally!%20Get%20Rid%20of%20Stubborn%20Belly%20Fat%20with%20This%20Delicious%20Overnight%20Oats%20Trick!&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-61062285&@b3:1708012710&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fhealthfirstweb.com%2Ffinally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
52e8c0e20e84f92ff535145638f3ac14f165d57606a62eb8b61254d41a42090a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 15:58:22 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
event
push-sdk.net/ 		0
529 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.net/event?z=737224
Requested by
Host: push-sdk.net
URL: https://push-sdk.net/f/sdk.js?z=737224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.72 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub2.1push.io
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 15:58:29 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://healthfirstweb.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=s711GjbTi9pFOQOqXW98Mi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.122 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub3.1push.io
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://healthfirstweb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://healthfirstweb.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Thu, 15 Feb 2024 15:58:29 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
nginx
sync
uidsync.net/ 		62 B
710 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=s711GjbTi9pFOQOqXW98Mi
Requested by
Host: push-sdk.net
URL: https://push-sdk.net/f/sdk.js?z=737224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.122 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub3.1push.io
Software
nginx /
Resource Hash
89cb48fb1b9e2839f6a140ffaedefcc0ff8d61911abea3bec8ffced7c538da62

Request headers

Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 15:58:29 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://healthfirstweb.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=healthfirstweb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19eb8fce5c74957a27dfe7649fd3da6e2fc7c50261c39927ea83fd00f49dea71

Request headers

Accept
application/json, text/plain, */*
Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:00:45 GMT
content-encoding
br
via
1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
46665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 15 Feb 2024 03:00:42 GMT
server
AmazonS3
etag
W/"3c7c2e289a2768a00cf6607b4a477360"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
crCiGi3PA5VaCG2PmivJVjxbY7tN5G4UXEBDlpJQrEl-pd0O85guzQ==
/
taghaugh.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://taghaugh.com/?rb=UiMmZNpbpmwVDUjJrNYBRXvIAi6kCXkFVGdTiQNv6joFxnjiTZjLQMVmrcLWTRwZ3HPlruiZ12lmJjlKWeAu8oTnQIQpxKx9mE0uSYY918h4h2FlEn1EC6gl1mI176RslAWUtLTn6fzfDwbPM7NdHMfdVpTrcROm1VNnkL_vL3VnCQcGkNaHx5YmizjauF_ypn17SI9udlmPGYZuNSXpuUmMiQlvBoX3WRnO6L3rB9WwGN7TkG-SMn_5cPd3IvQtoILjPOOwo0ZTzj4R_sDY3lnHtQxubvmdoMly_neSaG3JwDmZzTY1yQr4mUguGJ0PYIB7CDlm4iE%3D&request_ab2=0&zoneid=5491932&js_build=iclick-v1.690.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fhealthfirstweb.com%2Ffinally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.690.0&navlng=en-US&pnt=0&pnrc=0&bs=4a71422b-920f-4a57-816f-8e8746dca7c0&userId=c0bc01ce33b6431da7cb614d32b716dc&m=link
Requested by
Host: taghaugh.com
URL: https://taghaugh.com/5/5491932
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d15105a32d783418bff3ff4081377a8e2d97377892c731f8ae4e4e2f7856e70e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:29 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
bc468aa26826d59527bd8fe84c9d8aeb
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://healthfirstweb.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
cmp-gdpr.js
fstatic.netpub.media//extra/cmp/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media//extra/cmp/cmp-gdpr.js?v=1
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ade78251b1e0723e97a8c7fa14830b473a0074e4780acff43b9a36cb60a5748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 15 Feb 2024 15:58:30 GMT
date
Thu, 15 Feb 2024 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jan 2024 21:48:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbBinxF3X4xhv7NHK%2BNWO7GHe%2FdXN9bq0W1Gj6Z8%2FUqj1A%2BjPp5EJbGK3ECQkJzh28P1V%2B0eUMhwkAi%2B%2F6UOmLvvS2Lpljal7fFnnuuLkFz7Ka725VzA7FSvwGAUtBo8jmJordqKg5aHcOHDaIIirtS7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
855ec0ad28ff1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef089f58f31982c4c50c6bb86af2866d6133fa8217b1bb686cfb18fa73c2b27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29175
x-xss-protection
0
server
cafe
etag
956 / 19768 / m202402080201 / config-hash: 15105900805104165388
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 15:58:30 GMT
prebid_240113.js
fstatic.netpub.media/renderer/ 		609 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/renderer/prebid_240113.js
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/1f25fcb0d80ecb4ae10137bb7949bf8b.min.js?1708012709747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7495c6e7250307c951332813253854eb6d50a5ebee3d82b15bf2e4115f46441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 15 Feb 2024 15:58:31 GMT
date
Thu, 15 Feb 2024 15:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Sat, 13 Jan 2024 00:29:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sflKTvNKuXNssN5CljlPICexjnURJgnMp30064kXqtj9XrUwLvnkXG1UAWm4QpPy27cpm4nB0B4QZB%2FHx%2BifzPbPRLOR5EdG8duMHuR%2BQ8WRjcBNOBMAQR0l%2BNvMjBgGODY%2FEezEcTsGEY4mz6FdAcb0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
855ec0adda3f1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
extra
fstatic.netpub.media/extra/onair/ 		418 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/extra/onair/extra?cb=0.6421435261528303
Requested by
Host: clk.wiki
URL: https://clk.wiki/Canvaprofree
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e735487ce54dc488b4a1134f280225475927c6f18135ec34925bf340f42bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 15 Feb 2024 15:58:31 GMT
date
Thu, 15 Feb 2024 15:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDWrAoJAsCHvEZYNESxCaz89v4lqw1gFgTNomV7sfEaDbCUHUSNUbXcFtqaWZfdUkEGkv3AyJSKXygIKphzNLT7S9B9KlV9V0%2FRmB9%2BwUdqsyalzpSXCIcX0W4EtLvtE7pinzFZrmirc1TpInXz%2Baqei"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1
cf-ray
855ec0adea4e1b35-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93961338-NTP
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/extra/onair/extra?cb=0.6421435261528303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c0fc9b9fd75fdd2c6a7cebc70dd2df2a932d1f2e06324b692ce635158fd112f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:58:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67043
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 15:58:30 GMT
cmp2ui-en.js
cmp.inmobi.com/tcfv2/50/ 		279 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=healthfirstweb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:24:12 GMT
content-encoding
br
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
34459
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:04 GMT
server
AmazonS3
etag
W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
sH3RwAeAj2HPub5QnYVcvsw7AHqWpsWNbg3GvD9sWdBpZrCNVFU8Fg==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v2/ 		360 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=healthfirstweb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:16:43 GMT
content-encoding
br
via
1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
57546
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Feb 2024 23:59:17 GMT
server
AmazonS3
etag
W/"e2bcee663677e0a88f6ed90c9cd0c496"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
KNq1WjSgDWA9LyXEge8OmIqVe7xbXm1SXxZFhOO4005VpJDbYstLug==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=healthfirstweb.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7e0a995001acf0498870a8a39aab9df855dd6e2f8e38dc173003e0f2f06991e

Request headers

Accept
application/json, text/plain, */*
Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:00:27 GMT
content-encoding
br
via
1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
46684
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 15 Feb 2024 03:00:24 GMT
server
AmazonS3
etag
W/"a27beaba6e839ef1c5be0604bf5b9d9e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
riwZ1YteAd3KbPKkfLH050-b8AxOs7d7lsi7UKjRoSiZtcaulGTtTg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402080201/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a75ade244357b72c307d1201f4e1a748951dd96f1237beed544b640bde2cb11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 13:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
7539
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138443
x-xss-protection
0
server
cafe
etag
2029179791382905741
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Feb 2025 13:52:51 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93961338-NTP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://healthfirstweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 15:30:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1670
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 17:30:40 GMT
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22domain%22%3A%22healthfirstweb.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1708012710811%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-y2ptaazep52tkuw9k3nx%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.153.172.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-172-61.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Feb 2024 15:58:30 GMT
content-length
2
content-type
text/plain; charset=utf-8
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240215
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/renderer/prebid_240113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7554f60186056f0cae22b36f9027cb5a2f8358a5993e0eb906dfeab832e8fce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 15 Feb 2024 15:58:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
43056
x-jsd-version
1.0.1966
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21982-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"637-eAXGia7uhql25MK6mkGwDu5ap8w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFplbVRGmAX89UQMQNYcQaor6R7UI39CMW9U63f8n%2FgWEUf1evOplDgetCCnFErnMUnhruterRonNASlUD9JiKBk8nrAidVcN9gqukWv7aiE%2B9OVbIi3wFODU3MS05UzseRcwAoTh4FpVPqY9zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
855ec0b31cf02c5d-FRA
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1362843430&t=pageview&_s=1&dl=https%3A%2F%2Fhealthfirstweb.com%2Ffinally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick%2F&ul=en-us&de=UTF-8&dt=Finally!%20Get%20Rid%20of%20Stubborn%20Belly%20Fat%20with%20This%20Delicious%20Overnight%20Oats%20Trick!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1234233970&gjid=1007592009&cid=1766171608.1708012711&tid=UA-93961338-NTP&_gid=724225051.1708012711&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&tcfd=10001&jsscut=1&z=989558611
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://healthfirstweb.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 15:58:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://healthfirstweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __tcfapi function| __uspapi object| timer object| downloadBtn number| timeSec function| removeDisplayed function| showLink function| timeOut object| _Hasync function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| zfgstorage object| 81euq0lhoex object| zfgformats function| onClickTrigger object| syncCallbacks boolean| zfgloadedpopup function| chfh function| chfh2 string| _HST_cntval object| Histats object| regeneratorRuntime function| __tcfapiui object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| __oa360ScriptsState boolean| __isGoogleAllowed object| googletag object| pbjs_netpub240113 object| _HistatsCounterGraphics_0_setValues object| scriptElement object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| dataLayer string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| pbjs_netpub240113Chunk object| _pbjs_netpub240113Globals object| ADAGIO object| mnet object| gaplugins object| gaGlobal object| gaData function| arrive function| unbindArrive function| leave function| unbindLeave

17 Cookies

Domain/Path Name / Value
clk.wiki/ Name: refCanvaprofree
Value: NjQ0NTFjZDkwMTFkNjJmMTEwYTg2NWM4OWU5MmU2OTZmMTZlMmYxNDU3OWZhMmM0YmY5YWI1NWNjZjBjMTFjMjhBY%2FcKRxp15gTm62LA1ivAzeVjqYvSjOr0tK1U%2BgKW
taghaugh.com/ Name: OAID
Value: c0bc01ce33b6431da7cb614d32b716dc
taghaugh.com/ Name: oaidts
Value: 1708012709
healthfirstweb.com/ Name: HstCfa4127600
Value: 1708012709830
healthfirstweb.com/ Name: HstCla4127600
Value: 1708012709830
healthfirstweb.com/ Name: HstCmu4127600
Value: 1708012709830
healthfirstweb.com/ Name: HstPn4127600
Value: 1
healthfirstweb.com/ Name: HstPt4127600
Value: 1
healthfirstweb.com/ Name: HstCnv4127600
Value: 1
healthfirstweb.com/ Name: HstCns4127600
Value: 1
my.rtmark.net/ Name: ID
Value: c0bc01ce33b6431da7cb614d32b716dc
healthfirstweb.com/ Name: prefetchAd_5491932
Value: true
taghaugh.com/ Name: syncedCookie
Value: true
uidsync.net/ Name: rauid
Value: s711GjbTi9pFOQOqXW98Mi
.healthfirstweb.com/ Name: _ga
Value: GA1.2.1766171608.1708012711
.healthfirstweb.com/ Name: _gid
Value: GA1.2.724225051.1708012711
.healthfirstweb.com/ Name: _gat_gtag_UA_93961338_NTP
Value: 1

9 Console Messages

Source Level URL
Text
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://healthfirstweb.com/finally-get-rid-of-stubborn-belly-fat-with-this-delicious-overnight-oats-trick/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cmp.inmobi.com
cdn.jsdelivr.net
clk.asia
clk.wiki
cmp.inmobi.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
healthfirstweb.com
my.rtmark.net
push-sdk.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
taghaugh.com
uidsync.net
www.google-analytics.com
www.googletagmanager.com
139.45.195.8
139.45.197.237
142.250.185.168
157.90.33.122
157.90.33.72
18.153.172.61
2600:9000:275b:3600:1b:cadc:ef40:93a1
2606:4700:10::6814:4f63
2606:4700:20::681a:51a
2606:4700:3035::6815:39ba
2606:4700:3036::ac43:c712
2606:4700::6810:5814
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a06:98c1:3121::3
54.39.128.162
0ef089f58f31982c4c50c6bb86af2866d6133fa8217b1bb686cfb18fa73c2b27
19eb8fce5c74957a27dfe7649fd3da6e2fc7c50261c39927ea83fd00f49dea71
1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7
2ac4becff47ce1b9958d32cb1d1cdd27fede2d15e7bac91222da486a9e3e097d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
336d60cbe13b695fb4c5e5482cdb71173ab3608ae52cba41e9bbaae6b69ecd9a
396c946e51eb0667acd068f4484cd868b07ec8d06c8f3356fb87df413b53ab08
396ccea62b8a8197dd49f07a390c15fd1530b7015cba7323d6e7f935fa65778e
3ade78251b1e0723e97a8c7fa14830b473a0074e4780acff43b9a36cb60a5748
52e8c0e20e84f92ff535145638f3ac14f165d57606a62eb8b61254d41a42090a
54e735487ce54dc488b4a1134f280225475927c6f18135ec34925bf340f42bcf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a75ade244357b72c307d1201f4e1a748951dd96f1237beed544b640bde2cb11
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
7554f60186056f0cae22b36f9027cb5a2f8358a5993e0eb906dfeab832e8fce1
759e4fcb019082816c58b28709287664757a5d430dc0e06b9c533c613549a21b
79098bb11cf35383079f031e95a9eca74461e187283050a489c36da0afbbcab0
79a7f0794b40556b49b0575a28286209ab809051a29cc80667e1ceec0e63db80
89cb48fb1b9e2839f6a140ffaedefcc0ff8d61911abea3bec8ffced7c538da62
a7495c6e7250307c951332813253854eb6d50a5ebee3d82b15bf2e4115f46441
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
c0fc9b9fd75fdd2c6a7cebc70dd2df2a932d1f2e06324b692ce635158fd112f2
d15105a32d783418bff3ff4081377a8e2d97377892c731f8ae4e4e2f7856e70e
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2fa2c5f3e7cdb9ef6fb9318985ef7413221b8dcb5ca587fb54481da974b27fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e0a995001acf0498870a8a39aab9df855dd6e2f8e38dc173003e0f2f06991e
fe8b511426ee346147ad35a0ee8d29058919cc5327a304078d8c011d01e31d08