urlscan.io logo urlscan.io
SecurityTrails logo

hardwoodtonic.com Open in urlscan Pro
199.168.170.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.myfitandhealth.com/campaigns/cw784ctfm7631/track-url/cg786xmj2b489/3d45cc4e5dba489f1f8237c4a7c7d41790a6f145
Effective URL: https://hardwoodtonic.com/?hop=rkkk321
Submission: On November 30 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 26 HTTP transactions. The main IP is 199.168.170.185, located in St Louis, United States and belongs to AXXA-RACKCO, US. The main domain is hardwoodtonic.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 9th 2020. Valid for: 3 months.
This is the only time hardwoodtonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 138.201.100.236 24940 (HETZNER-AS)
2 2 35.155.121.25 16509 (AMAZON-02)
9 199.168.170.185 36529 (AXXA-RACKCO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 151.101.112.217 54113 (FASTLY)
1 44.238.254.101 16509 (AMAZON-02)
4 34.96.102.137 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.64.217 54113 (FASTLY)
4 143.204.215.66 16509 (AMAZON-02)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
26 11
1    138.201.100.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.100.201.138.clients.your-server.de
news.myfitandhealth.com
2    35.155.121.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-121-25.us-west-2.compute.amazonaws.com
rkkk321.hwtonic.hop.clickbank.net
9    199.168.170.185 (St Louis, United States)

ASN36529 (AXXA-RACKCO, US)
hardwoodtonic.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
2    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
1    44.238.254.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-254-101.us-west-2.compute.amazonaws.com
cbtb.clickbank.net
4    34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.64.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
4    143.204.215.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-66.fra53.r.cloudfront.net
prod.cbstatic.net
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)
seal-boise.bbb.org
Domain Requested by
9 hardwoodtonic.com hardwoodtonic.com
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
4 dev.visualwebsiteoptimizer.com hardwoodtonic.com
dev.visualwebsiteoptimizer.com
2 player.vimeo.com hardwoodtonic.com
player.vimeo.com
2 cdnjs.cloudflare.com hardwoodtonic.com
cdnjs.cloudflare.com
2 rkkk321.hwtonic.hop.clickbank.net 2 redirects
1 seal-boise.bbb.org
1 vimeo.com player.vimeo.com
1 cbtb.clickbank.net hardwoodtonic.com
1 maxcdn.bootstrapcdn.com hardwoodtonic.com
1 ajax.googleapis.com hardwoodtonic.com
1 news.myfitandhealth.com 1 redirects
26 12

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
hwtonic.pay.clickbank.net
Subject Issuer Validity Valid
hardwoodtonic.com
Let's Encrypt Authority X3		 2020-11-09 -
2021-02-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-07 -
2021-04-24		 9 months crt.sh
*.clickbank.net
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.cbstatic.net
Amazon		 2020-10-16 -
2021-11-15		 a year crt.sh
*.bbb.org
GeoTrust RSA CA 2018		 2020-05-15 -
2022-07-03		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://hardwoodtonic.com/?hop=rkkk321
Frame ID: 79DA894F6BFD6F8D7D51D0338AF0F313
Requests: 25 HTTP requests in this frame

Frame: https://player.vimeo.com/video/388023328?title=0&byline=0&portrait=0&muted=1&autoplay=1&app_id=122963
Frame ID: E964C22CA27440F9A8D31274714C8990
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://news.myfitandhealth.com/campaigns/cw784ctfm7631/track-url/cg786xmj2b489/3d45cc4e5dba489f1f8237c4a7c7... HTTP 301
    http://rkkk321.hwtonic.hop.clickbank.net/?tid=SM112720 HTTP 301
    http://rkkk321.hwtonic.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fhardwoodtonic.com%3Fhop%3Drkkk321&hstr=1606733... HTTP 301
    https://hardwoodtonic.com/?hop=rkkk321 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /dev\.visualwebsiteoptimizer\.com/i

Page Statistics

26
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

697 kB
Transfer

1269 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.myfitandhealth.com/campaigns/cw784ctfm7631/track-url/cg786xmj2b489/3d45cc4e5dba489f1f8237c4a7c7d41790a6f145 HTTP 301
    http://rkkk321.hwtonic.hop.clickbank.net/?tid=SM112720 HTTP 301
    http://rkkk321.hwtonic.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fhardwoodtonic.com%3Fhop%3Drkkk321&hstr=1606733522448%7Crkkk321.SM112720%7C%7C8a13cbc5-c291-4c73-9cb5-814a147f281b%7C%7Chwtonic&code=%7B0%7D&key=3804B55F&parms=&s=default&ds=2&ts=01.6B943E56C0BB5CC1C4CB67F5A5D4DCBBA70020CD HTTP 301
    https://hardwoodtonic.com/?hop=rkkk321 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hardwoodtonic.com/
Redirect Chain
  • http://news.myfitandhealth.com/campaigns/cw784ctfm7631/track-url/cg786xmj2b489/3d45cc4e5dba489f1f8237c4a7c7d41790a6f145
  • http://rkkk321.hwtonic.hop.clickbank.net/?tid=SM112720
  • http://rkkk321.hwtonic.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fhardwoodtonic.com%3Fhop%3Drkkk321&hstr=1606733522448%7Crkkk321.SM112720%7C%7C8a13cbc5-c291-4c73-9cb5-814a147f281b%7C%7Chwtonic...
  • https://hardwoodtonic.com/?hop=rkkk321
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
0dd1abe68a4e6942ae41da0572813522a9dd4c3672bfd2e82b2f64da8ed0c1c3

Request headers

Host
hardwoodtonic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 30 Nov 2020 10:52:03 GMT
content-type
text/html; charset=utf-8
transfer-encoding
chunked
vary
Accept-Encoding Accept-Encoding
set-cookie
cbst-6-pv=b; path=/; expires=Tue, 30 Nov 2021 10:52:03 GMT; httponly persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; httponly user_id=CgDJvV/EztMY0gBAAwr4Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cache-control
public
pragma
public
content-encoding
gzip

Redirect headers

Cache-Control
no-store
Content-Type
text/html;charset=UTF-8
Date
Mon, 30 Nov 2020 10:52:02 GMT
Expires
0
Location
https://hardwoodtonic.com?hop=rkkk321
P3P
CP="ADM OUR IND COM"
Pragma
no-cache
Server
Apache
Content-Length
0
Connection
keep-alive
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
863636
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
10134
cf-request-id
06ba6101a700002bb96d18e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
etag
"5eb03e60-dff5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KMe%2BRtG7%2FVpkKsyXFl2z%2B%2FsvsqzQh6rp76iAYhYJVHpR2kH0UTeTiA%2Bpsn5KMQ2ybijxlovbgMhfcCJGb6dWltWKNt2y3WzgtwRsm4apNbo9bKuAYSkHJvyfhAY6BrIiEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fa404490d552bb9-FRA
expires
Sat, 20 Nov 2021 10:52:03 GMT
bootstrap.css
hardwoodtonic.com/landing-assets/css/ 		143 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/landing-assets/css/bootstrap.css
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:27:51 GMT
server
nginx
etag
W/"5e983327-23a5a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
transfer-encoding
chunked
expires
Thu, 31 Dec 2037 23:55:55 GMT
landing.css
hardwoodtonic.com/landing-assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/landing-assets/css/landing.css?v13
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
ebe16ee88b64998c928782a04af9ec285a97bc2b0be0f68b1d34e5f1a9a7dea6

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Jun 2020 14:30:45 GMT
server
nginx
etag
W/"5ee39195-1705"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
transfer-encoding
chunked
expires
Thu, 31 Dec 2037 23:55:55 GMT
add-to-cart.png
hardwoodtonic.com/landing-assets/images/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hardwoodtonic.com/landing-assets/images/add-to-cart.png?v=1.6
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
a385f2584c9837d82220e7a182b07eba24d5e67d210255e6ee44e6a3f0455eb1

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
last-modified
Thu, 16 Apr 2020 10:28:04 GMT
server
nginx
etag
"5e983334-20f68"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
135016
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 00:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38726
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Nov 2021 00:06:37 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
bounceback.min.js
hardwoodtonic.com/landing-assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/landing-assets/js/bounceback.min.js
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:28:16 GMT
server
nginx
etag
W/"5e983340-b1f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
transfer-encoding
chunked
expires
Thu, 31 Dec 2037 23:55:55 GMT
player.js
player.vimeo.com/api/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f49ed5154a95ba1e306ce12fe21fc83596bd55865a19a845a075d1a92738fbcd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
57
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-9
Content-Length
5869
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4065-HHN
X-Player-Backend
p
Expires
Mon, 30 Nov 2020 11:21:06 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1606733523.482988,VS0,VE0
Date
Mon, 30 Nov 2020 10:52:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
164
vimeo-sound-on.js
hardwoodtonic.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/js/vimeo-sound-on.js?v7
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
43cf5cae911207ad4ec021215e85eae5396d8db7d1fa864e21e661838b21c00c

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 09:07:05 GMT
server
nginx
etag
W/"5ef1c639-6b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
transfer-encoding
chunked
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
cbtb.clickbank.net/ 		936 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=hwtonic
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.254.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-254-101.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 10:52:04 GMT
Cache-Control
max-age=900, no-cache="set-cookie"
Server
Apache
Connection
keep-alive
Content-Length
936
Content-Type
text/javascript;charset=UTF-8
j.php
dev.visualwebsiteoptimizer.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=54472&u=https%3A%2F%2Fhardwoodtonic.com%2F%3Fhop%3Drkkk321&f=1&r=0.7212078949324938
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0af09d7bca1fb11e017dadc25d191bcfb2ec22d5943c3724a80270b31bfcd8d4

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Nov 2020 10:52:03 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
visits
hardwoodtonic.com/api/ 		509 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hardwoodtonic.com/api/visits?page_id=1&_=1606733523274&querystring=hop%3Drkkk321&referrer=
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
6190f2746e4ced48b8b5bbf76d2151a013adacf9b5fd12d107d7c7e396bfef91

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
public
transfer-encoding
chunked
va-3f0c180483cb4e78e02f988160e89ee1.js
dev.visualwebsiteoptimizer.com/7.0/ 		205 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-3f0c180483cb4e78e02f988160e89ee1.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=54472&u=https%3A%2F%2Fhardwoodtonic.com%2F%3Fhop%3Drkkk321&f=1&r=0.7212078949324938
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
21ee8850a6388fe5ab66b9ec47c1764518c385b7f569b2599ee426e757547f9c

Request headers

Origin
https://hardwoodtonic.com
Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:03 GMT
content-encoding
br
last-modified
Mon, 23 Nov 2020 10:45:06 GMT
server
gfra1
etag
"5fbb92b2-e9c9"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59849
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=54472&d=hardwoodtonic.com&u=DBE65400C1D145F2CAA0F0DD9FE70CF9C&h=85b12cad576e9e78d3fd000851721c40&t=false&r=0.20134525146957793
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/?hop=rkkk321
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 10:52:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		34 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=54472&settings_type=1&vn=7.0&r=0.0653141269328954
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-3f0c180483cb4e78e02f988160e89ee1.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
84811eb37cfc7b503a12ec48d751f9892e1e6d8284aca9fd263380dac041d5f6

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:03 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
light-background.jpg
hardwoodtonic.com/landing-assets/images/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hardwoodtonic.com/landing-assets/images/light-background.jpg?v=1.22
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/landing-assets/css/landing.css?v13
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
e41bdde5b85f50c0391dc6e79174ed338f457bdc46e08cae9228605a16e9d54f

Request headers

Referer
https://hardwoodtonic.com/landing-assets/css/landing.css?v13
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:03 GMT
last-modified
Thu, 16 Apr 2020 10:28:05 GMT
server
nginx
etag
"5e983335-3ddea"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
253418
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://hardwoodtonic.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:03 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
423470
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
76120
cf-request-id
06ba6103a200002c3e7004b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
etag
"5eb03e60-12958"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R4BDzz%2FRW3SUYvJUZxHqO4p9F04WXt7CIFhldlR8QCl8YO7fFDycwnTHgZGza7aLcTlut8W2qi6cqN8SZfFwG5aSKXhgxCigYWamvGMA3NGTPa82Zw%2FwoT75iWDTBGHFOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fa4044c0a7f2c3e-FRA
expires
Sat, 20 Nov 2021 10:52:03 GMT
oembed.json
vimeo.com/api/ 		963 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/api/oembed.json?url=https%3A%2F%2Fvimeo.com%2F388023328&id=388023328&width=760&height=427&loop=false&autoplay=1&title=0&byline=0&portrait=0&muted=1
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a093ab166b033e582aff3342db093130f01c161b3b4df46d4f4f389c8cbc360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
Content-Length
511
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Access-Control-Allow-Origin
*
Last-Modified
Mon, 30 Nov 2020 10:35:21 GMT
Server
nginx
Cache-Control
max-age=60
X-Timer
S1606733524.009031,VS0,VE135
X-Frame-Options
sameorigin
Date
Mon, 30 Nov 2020 10:52:04 GMT
X-Served-By
cache-bwi5135-BWI, cache-hhn4022-HHN
Vary
User-Agent, Accept-Encoding
Content-Type
application/json
Via
1.1 varnish, 1.1 varnish
Expires
Mon, 30 Nov 2020 10:53:04 GMT
X-Vimeo-DC
ge
X-BApp-Server
api-v6062-fgprw
Etag
"36540f0de72c10c2a733f4fae1f546b17f58ae68"
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 0
388023328
player.vimeo.com/video/ Frame E964 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/388023328?title=0&byline=0&portrait=0&muted=1&autoplay=1&app_id=122963
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hardwoodtonic.com/?hop=rkkk321
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hardwoodtonic.com/?hop=rkkk321

Response headers

Connection
keep-alive
Content-Length
4743
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Mon, 30 Nov 2020 10:55:39 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-8
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Mon, 30 Nov 2020 10:52:04 GMT
Age
0
X-Served-By
cache-hhn4065-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1606733524.196671,VS0,VE102
Vary
Accept-Encoding
X-Player-Backend
p
injectable.js
prod.cbstatic.net/dist/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=hwtonic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b900e748a9d23bc0c4757100d9767fc8ea223706e64db260eb0b8e5efe05844

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 22:30:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"37e570979a62930979b1fe24ea99ad42"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-version-id
XsGoOhklzICWwGDoRpyuIiuEjxHw1f_E
x-amz-cf-id
fHTUAeTWoEQkqQ1RSwTgon9D1YVKWgu2AIHdeg8fcJAa5EnDUUHhkg==
click-sound.gif
hardwoodtonic.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hardwoodtonic.com/images/click-sound.gif
Requested by
Host: hardwoodtonic.com
URL: https://hardwoodtonic.com/landing-assets/css/landing.css?v13
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.168.170.185 St Louis, United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
62d79327fe50d41c4c96e8c7a12f10fde39caa9b73e26f05fa1ff96ab5509947

Request headers

Referer
https://hardwoodtonic.com/landing-assets/css/landing.css?v13
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 30 Nov 2020 10:52:04 GMT
last-modified
Thu, 28 May 2020 12:57:12 GMT
server
nginx
etag
"5ecfb528-2b2b"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11051
expires
Thu, 31 Dec 2037 23:55:55 GMT
app-strings-en.json
prod.cbstatic.net/dist/i18n/ 		9 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:06 GMT
via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 20:38:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
RN1TXn7wMm81vBhMMwkQc4hdhIcKsoZQ
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
content-type
application/json
content-length
9
x-amz-cf-id
FPGZ3rYEBePRlPfejwMg7iZljYKbp4q8sr3AvrLtxNNQKWFLO4jTjw==
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:06 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 20:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
x-amz-version-id
AWO4a8ea5aP8Q9BC82HKj7HnoRmYoJMP
content-type
image/png
content-length
3472
x-amz-cf-id
Lp8TIt4S_A1rxYPn_Zo9IojiGxaHxksiQuaIb95TTTuDywf6n_BaTA==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:06 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 20:38:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
x-amz-version-id
fRGll1q7LITzzIHoNFS.KgnAVvy2.WGr
content-type
image/png
content-length
4341
x-amz-cf-id
0AOoNzNFvMjkeT2URYgVKG4XkaOHriijmAWNm1GUh3tKEKYfvkNP5Q==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
665f4f1a6972be907c5594d4f6068a0ef47d48e8bfe07a0194ef4c571358c628

Request headers

Referer
https://hardwoodtonic.com/?hop=rkkk321
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 10:52:04 GMT
last-modified
Wed, 11 Nov 2020 01:49:16 GMT
server
keycdn-engine
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-shield
active
content-length
4267
expires
Mon, 30 Nov 2020 14:52:04 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out function| $ function| jQuery object| Bounceback object| exit1 object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| player number| muteStatusvid object| voptions function| mutevideo function| unmutevideo function| resetvideo undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb

12 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: player
Value: ""
.vimeo.com/ Name: vuid
Value: pl1585183175.1499682561
hardwoodtonic.com/ Name: timer_931_
Value: 1
hardwoodtonic.com/ Name: affiliate
Value: rkkk321
.hardwoodtonic.com/ Name: _vwo_sn
Value: 0%3A1
hardwoodtonic.com/ Name: user_id
Value: CgDJvV/EztMY0gBAAwr4Ag==
.hardwoodtonic.com/ Name: _vwo_ds
Value: 3%241606733523%3A7.63312805%3A%3A
.hardwoodtonic.com/ Name: _vwo_uuid
Value: DBE65400C1D145F2CAA0F0DD9FE70CF9C
.hardwoodtonic.com/ Name: _vis_opt_s
Value: 1%7C
.hardwoodtonic.com/ Name: _vis_opt_test_cookie
Value: 1
hardwoodtonic.com/ Name: cbst-6-pv
Value: b
.hardwoodtonic.com/ Name: _vwo_uuid_v2
Value: DBE65400C1D145F2CAA0F0DD9FE70CF9C|85b12cad576e9e78d3fd000851721c40

2 Console Messages

Source Level URL
Text
console-api log URL: https://hardwoodtonic.com/js/vimeo-sound-on.js?v7(Line 27)
Message:
the player is ready
console-api log URL: https://hardwoodtonic.com/js/vimeo-sound-on.js?v7(Line 31)
Message:
the video is played

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cbtb.clickbank.net
cdnjs.cloudflare.com
dev.visualwebsiteoptimizer.com
hardwoodtonic.com
maxcdn.bootstrapcdn.com
news.myfitandhealth.com
player.vimeo.com
prod.cbstatic.net
rkkk321.hwtonic.hop.clickbank.net
seal-boise.bbb.org
vimeo.com
138.201.100.236
143.204.215.66
151.101.112.217
151.101.64.217
199.168.170.185
2001:4de0:ac19::1:b:2b
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1450:4001:801::200a
2a0b:4d07:102::1
34.96.102.137
35.155.121.25
44.238.254.101
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
0a093ab166b033e582aff3342db093130f01c161b3b4df46d4f4f389c8cbc360
0af09d7bca1fb11e017dadc25d191bcfb2ec22d5943c3724a80270b31bfcd8d4
0dd1abe68a4e6942ae41da0572813522a9dd4c3672bfd2e82b2f64da8ed0c1c3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21ee8850a6388fe5ab66b9ec47c1764518c385b7f569b2599ee426e757547f9c
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
43cf5cae911207ad4ec021215e85eae5396d8db7d1fa864e21e661838b21c00c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9
6190f2746e4ced48b8b5bbf76d2151a013adacf9b5fd12d107d7c7e396bfef91
62d79327fe50d41c4c96e8c7a12f10fde39caa9b73e26f05fa1ff96ab5509947
665f4f1a6972be907c5594d4f6068a0ef47d48e8bfe07a0194ef4c571358c628
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80
7b900e748a9d23bc0c4757100d9767fc8ea223706e64db260eb0b8e5efe05844
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84811eb37cfc7b503a12ec48d751f9892e1e6d8284aca9fd263380dac041d5f6
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
a385f2584c9837d82220e7a182b07eba24d5e67d210255e6ee44e6a3f0455eb1
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
e41bdde5b85f50c0391dc6e79174ed338f457bdc46e08cae9228605a16e9d54f
ebe16ee88b64998c928782a04af9ec285a97bc2b0be0f68b1d34e5f1a9a7dea6
f49ed5154a95ba1e306ce12fe21fc83596bd55865a19a845a075d1a92738fbcd