urlscan.io logo urlscan.io
SecurityTrails logo

heart-healthy-tips.com Open in urlscan Pro
104.21.32.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/amanadis/hrefly.html#?Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg==
Effective URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=62...
Submission: On October 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 104.21.32.141, located in United States and belongs to CLOUDFLARENET, US. The main domain is heart-healthy-tips.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2021. Valid for: a year.
This is the only time heart-healthy-tips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.186.176 15169 (GOOGLE)
4 4 134.119.194.231 29066 (VELIANET-...)
1 207.142.22.79 27229 (WEBHOST-ASN1)
1 1 34.107.208.114 15169 (GOOGLE)
9 104.21.32.141 13335 (CLOUDFLAR...)
1 3 104.16.169.131 13335 (CLOUDFLAR...)
4 162.159.135.79 13335 (CLOUDFLAR...)
6 104.16.168.131 13335 (CLOUDFLAR...)
24 7
1    142.250.186.176 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f16.1e100.net
storage.googleapis.com
4    134.119.194.231 (France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
134.119.194.231
rubiron.com
1    207.142.22.79 (United States)

ASN27229 (WEBHOST-ASN1, US)
equinoxbags.com
1    34.107.208.114 (United States)

ASN15169 (GOOGLE, US)
PTR: 114.208.107.34.bc.googleusercontent.com
www.3etrk.com
9    104.21.32.141 (United States)

ASN13335 (CLOUDFLARENET, US)
heart-healthy-tips.com
3    104.16.169.131 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
4    162.159.135.79 (None, )

ASN13335 (CLOUDFLARENET, US)
tls-size-experiment-c.cloudflareresearch.com
4.tls-size-experiment-1.cloudflareresearch.com
6    104.16.168.131 (United States)

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
hcaptcha.com
Domain Requested by
9 heart-healthy-tips.com equinoxbags.com
heart-healthy-tips.com
6 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 hcaptcha.com 1 redirects newassets.hcaptcha.com
3 rubiron.com 3 redirects
2 4.tls-size-experiment-1.cloudflareresearch.com storage.googleapis.com
2 tls-size-experiment-c.cloudflareresearch.com storage.googleapis.com
1 www.3etrk.com 1 redirects
1 equinoxbags.com storage.googleapis.com
1 storage.googleapis.com
24 9

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
uswest-qwest.com
www.cloudflare.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
equinoxbags.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-06 -
2022-08-05		 a year crt.sh
*.tls-size-experiment-c.cloudflareresearch.com
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Frame ID: B0996244F7F7FA4157C9406707ADDAAD
Requests: 15 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-challenge.html
Frame ID: B074E7E2085B99A41DC25F27B457EA81
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-checkbox.html
Frame ID: C5A76F0825473FB096E36BCCE5A514B4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please Wait... | Cloudflare

Page URL History Show full URLs

  1. https://storage.googleapis.com/amanadis/hrefly.html Page URL
  2. http://134.119.194.231/??Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg== HTTP 302
    http://rubiron.com/public/?:nav=default::index&go=1&s1=1228717&s2=42347143 HTTP 302
    http://rubiron.com/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTIyODcxNyZ1c2VyPWhncC5nbGFzZXIlNDB... HTTP 302
    http://rubiron.com/public/?:nav=click::tracker&deploy=1228717&user=hgp.glaser%40gmail.com&email... HTTP 302
    https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS... Page URL
  3. https://www.3etrk.com/CP11R5/M2GJW/?sub1=350318&sub2=621856008 HTTP 302
    https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <style[^>]+[^<]+#cf-hcaptcha-container[^<]+</style>

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

210 kB
Transfer

592 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/amanadis/hrefly.html Page URL
  2. http://134.119.194.231/??Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg== HTTP 302
    http://rubiron.com/public/?:nav=default::index&go=1&s1=1228717&s2=42347143 HTTP 302
    http://rubiron.com/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTIyODcxNyZ1c2VyPWhncC5nbGFzZXIlNDBnbWFpbC5jb20mZW1haWxfaWQ9NDIzNDcxNDMmdXJsPWFIUjBjSE02THk5bGNYVnBibTk0WW1GbmN5NWpiMjB2TUM4d0x6QXZaak5tWW1GaE1HVXpabVV4WldZeU1ESTJaakJrWmpaa09EUmxNR1psT1RBdk1USXlPRGN4TnkxQlJESmZXVUZUVFU5TFh6SXdNakZmUmtWV1gwTk1TVVZEUzBWU1UxOUhUVUZKVEMwME1qa3pOREV2TkRJek5EY3hORE5mTkRJNU16VXdYekk9 HTTP 302
    http://rubiron.com/public/?:nav=click::tracker&deploy=1228717&user=hgp.glaser%40gmail.com&email_id=42347143&url=aHR0cHM6Ly9lcXVpbm94YmFncy5jb20vMC8wLzAvZjNmYmFhMGUzZmUxZWYyMDI2ZjBkZjZkODRlMGZlOTAvMTIyODcxNy1BRDJfWUFTTU9LXzIwMjFfRkVWX0NMSUVDS0VSU19HTUFJTC00MjkzNDEvNDIzNDcxNDNfNDI5MzUwXzI= HTTP 302
    https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2 Page URL
  3. https://www.3etrk.com/CP11R5/M2GJW/?sub1=350318&sub2=621856008 HTTP 302
    https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://134.119.194.231/??Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg== HTTP 302
  • http://rubiron.com/public/?:nav=default::index&go=1&s1=1228717&s2=42347143 HTTP 302
  • http://rubiron.com/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTIyODcxNyZ1c2VyPWhncC5nbGFzZXIlNDBnbWFpbC5jb20mZW1haWxfaWQ9NDIzNDcxNDMmdXJsPWFIUjBjSE02THk5bGNYVnBibTk0WW1GbmN5NWpiMjB2TUM4d0x6QXZaak5tWW1GaE1HVXpabVV4WldZeU1ESTJaakJrWmpaa09EUmxNR1psT1RBdk1USXlPRGN4TnkxQlJESmZXVUZUVFU5TFh6SXdNakZmUmtWV1gwTk1TVVZEUzBWU1UxOUhUVUZKVEMwME1qa3pOREV2TkRJek5EY3hORE5mTkRJNU16VXdYekk9 HTTP 302
  • http://rubiron.com/public/?:nav=click::tracker&deploy=1228717&user=hgp.glaser%40gmail.com&email_id=42347143&url=aHR0cHM6Ly9lcXVpbm94YmFncy5jb20vMC8wLzAvZjNmYmFhMGUzZmUxZWYyMDI2ZjBkZjZkODRlMGZlOTAvMTIyODcxNy1BRDJfWUFTTU9LXzIwMjFfRkVWX0NMSUVDS0VSU19HTUFJTC00MjkzNDEvNDIzNDcxNDNfNDI5MzUwXzI= HTTP 302
  • https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2
Request Chain 8
  • https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP 302
  • https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hrefly.html
storage.googleapis.com/amanadis/ 		246 B
822 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/amanadis/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.176 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f16.1e100.net
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/amanadis/hrefly.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdsv6JueUaRN9WimPGv8yykaDvpZW-MDwD0gpK2ZGUQLesxm_Y53q2oamJ_IEG4iKY25vwYSxfiZtp1Cn_gghpw
expires
Sun, 24 Oct 2021 04:47:57 GMT
date
Sun, 24 Oct 2021 03:47:57 GMT
last-modified
Wed, 31 Mar 2021 15:49:50 GMT
etag
"f169dbc20fe4adfca3fc4f5e1444afc9"
x-goog-generation
1617205790614242
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
246
content-type
text/html
x-goog-hash
crc32c=U1B9Pw== md5=8Wnbwg/krfyj/E9eFESvyQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
246
server
UploadServer
age
968
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
42347143_429350_2
equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/
Redirect Chain
  • http://134.119.194.231/??Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg==
  • http://rubiron.com/public/?:nav=default::index&go=1&s1=1228717&s2=42347143
  • http://rubiron.com/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTIyODcxNyZ1c2VyPWhncC5nbGFzZXIlNDBnbWFpbC5jb20mZW1haWxfaWQ9NDIzNDcxNDMmdXJsPWFIUjBjSE02THk5bGNYVnBibTk0WW1GbmN5NWpiMjB2TUM4d0x6QXZaak5tW...
  • http://rubiron.com/public/?:nav=click::tracker&deploy=1228717&user=hgp.glaser%40gmail.com&email_id=42347143&url=aHR0cHM6Ly9lcXVpbm94YmFncy5jb20vMC8wLzAvZjNmYmFhMGUzZmUxZWYyMDI2ZjBkZjZkODRlMGZlOTAvM...
  • https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2
125 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/amanadis/hrefly.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.142.22.79 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
equinoxbags.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/amanadis/hrefly.html#?Z289MSZzMT0xMjI4NzE3JnMyPTQyMzQ3MTQzJnMzPUdMQg==

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
content-type
text/html; charset=UTF-8
server
Apache
set-cookie
uid391=621856008-20211024000406-11d04bbb536d7f435e520c44982fcc05-; domain=; expires=Wed, 24-Nov-2021 03:04:06 GMT; path=/; SameSite=None; Secure
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Date
Sun, 24 Oct 2021 04:04:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2
Content-Length
0
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request index.php
heart-healthy-tips.com/landers/
Redirect Chain
  • https://www.3etrk.com/CP11R5/M2GJW/?sub1=350318&sub2=621856008
  • https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=62185600...
14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Requested by
Host: equinoxbags.com
URL: https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86733231cadd8119ffe2328937a7fb3e1e6f6f06abaac4615ebbe8125e9c8bbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
heart-healthy-tips.com
:scheme
https
:path
/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://equinoxbags.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://equinoxbags.com/0/0/0/f3fbaa0e3fe1ef2026f0df6d84e0fe90/1228717-AD2_YASMOK_2021_FEV_CLIECKERS_GMAIL-429341/42347143_429350_2

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPn4F7XYTw%2Fngoz1BZ5YDSHkiPYsDyYboNV5yuomL9A5Mw2unvqudOof7YejXrE9Cmtb3eUDUyMNLS4ainVpoY1IT7AkumZzRpPP19Nav%2FSm8TkoK%2BHvY0PFsp6V09%2BBfOeITCtXGod5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a3051b6bda04049-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx
date
Sun, 24 Oct 2021 04:04:06 GMT
content-type
text/html; charset=utf-8
content-length
326
location
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
set-cookie
uniqueClick_M2GJW=f10cbca5-8baf-4cc4-a7e7-3123e15b7b64:1635048246; Path=/; Expires=Sat, 22 Jan 2022 04:04:06 GMT; Secure; SameSite=None transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4; Path=/; Expires=Sat, 22 Jan 2022 04:04:06 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
0173d7d3-54a2-4cd9-85fe-4db050466223
via
1.1 google
alt-svc
clear
cf.errors.css
heart-healthy-tips.com/cdn-cgi/styles/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/styles/cf.errors.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:25:51 GMT
server
cloudflare
etag
W/"616eb94f-5c88"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=7200 public
cf-ray
6a3051b6edc24049-CDG
vary
Accept-Encoding
expires
Sun, 24 Oct 2021 06:04:06 GMT
transparent.gif
heart-healthy-tips.com/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heart-healthy-tips.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=6a3051b6bda04049
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=6a3051b6bda04049
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:25:51 GMT
server
cloudflare
etag
"616eb94f-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
6a3051b71de74049-CDG
vary
Accept-Encoding
content-length
42
expires
Sun, 24 Oct 2021 06:04:06 GMT
v1
heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=6a3051b6bda04049
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc032fd387f245b0f9e75809a2606e7c49a23873b41942d897f25296071fc957

Request headers

:path
/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=6a3051b6bda04049
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks14%2BuImh0eZlnbRjyEQw4W8GZqHInCXkG3zTWaaqnLoow14YSpe4SvvyTWxoye0T5MzXkOuemIs8Txf0J7Uymu1HyyoRwgmtTJ3kwtee%2BRjBzVvk%2BY2FkeQkliID5KxUyePb6S18dWX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6a3051b72e9e084f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
transparent.gif
heart-healthy-tips.com/cdn-cgi/images/trace/managed/js/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heart-healthy-tips.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=6a3051b6bda04049
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/managed/js/transparent.gif?ray=6a3051b6bda04049
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:25:51 GMT
server
cloudflare
etag
"616eb94f-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
6a3051b72ea1084f-CDG
vary
Accept-Encoding
content-length
42
expires
Sun, 24 Oct 2021 06:04:06 GMT
browser-bar.png
heart-healthy-tips.com/cdn-cgi/images/ 		715 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heart-healthy-tips.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/browser-bar.png?1376755637
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:25:51 GMT
server
cloudflare
etag
"616eb94f-2cb"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
6a3051b73ea9084f-CDG
vary
Accept-Encoding
content-length
715
expires
Sun, 24 Oct 2021 06:04:06 GMT
cf-no-screenshot-warn.png
heart-healthy-tips.com/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heart-healthy-tips.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/cf-no-screenshot-warn.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:25:51 GMT
server
cloudflare
etag
"616eb94f-a20"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
6a3051b73eab084f-CDG
vary
Accept-Encoding
content-length
2592
expires
Sun, 24 Oct 2021 06:04:06 GMT
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/64a0dba/
Redirect Chain
  • https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
  • https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha.js
85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da48830c867cf29bd0dc9f986650d3f8d9f08d5d239034ad9667e507ba84bc71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
211062
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26843
last-modified
Thu, 21 Oct 2021 17:25:57 GMT
server
cloudflare
etag
"aef36af1cc599b3c179ea33d803a7b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
cf-ray
6a3051b7e9737175-DUS
x-amz-cf-id
KRJ7zpoZeS3pUo0IJpW_E04XZt0gxDv6L3RLptNagvHPfbcHrC-Rdw==

Redirect headers

date
Sun, 24 Oct 2021 04:04:07 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6a3051b7b9577175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
2d828aae880a2b7
heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/ 		63 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/2d828aae880a2b7
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=6a3051b6bda04049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5e6959ed06d777eff3fbb576ebbf5496d54b0e5bfbe352696e7e46857ee74d

Request headers

sec-fetch-mode
cors
origin
https://heart-healthy-tips.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
cf_chl_2=2d828aae880a2b7; cf_chl_prog=e
content-length
2294
:path
/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/2d828aae880a2b7
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
cf-challenge
2d828aae880a2b7
:method
POST
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
CF-Challenge
2d828aae880a2b7
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwBq67X8kgJAm2TqjlJBei6I74xhDzlW6b3ZTPXz8ZIlUjjCtE5GEoPqCj3R8viYdi0Pggex94l%2Fe%2Fl1pz86e8dPPQMU4aEqnWDTnLz01iYtP%2FXe7ubpkC4hzj3N0Ey%2BwbX5X%2FLAkOkv"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_2d828aae880a2b7=a29686d7793c778;SameSite=Strict;Secure;HttpOnly
cf-ray
6a3051b7bef2084f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
tls-size-experiment-c.cloudflareresearch.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tls-size-experiment-c.cloudflareresearch.com/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/amanadis/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c38e99d798d50c8b4ec0093f34d53624ade03dc29f9cd30cbdf5611c617f7f

Request headers

Referer
https://heart-healthy-tips.com/
x-pqtlsse-id
17cb0784f32-187a6fd235c38-4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-pqtlsse-type
cpm

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDLcQMiRaGMqVYlI3o1qqkhLg5mIII%2FN9%2F%2FdSjwplACBwUkSZ0w7zb3LWXd6d47btvHw1ltOzNK%2F%2BQ3xmLOP4jFUzXWdWDDTQYuOzY9rfo%2FX6pTiQZXAiogHap3aaTQ0IYFOLaMLEVtNO6UuOj9i7IT979Aa1Rzrc%2FhVmNwc"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6a3051b8b5b02181-DUS
content-length
1119
expires
0
/
4.tls-size-experiment-1.cloudflareresearch.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.tls-size-experiment-1.cloudflareresearch.com/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/amanadis/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7902a560288b9e16a5a5321f57af67d2bf7c46b05a29a9d3809160f66eaca

Request headers

Referer
https://heart-healthy-tips.com/
x-pqtlsse-id
17cb0784f32-187a6fd235c38-4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-pqtlsse-type
cpm

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zxDM%2BI7Uhl4cnYXiypyY46To5CvSAI%2FI3xLGANx6J5dyn1%2FXPA1DvujdYT4Ixnvnz%2BfvD2pmd8LBBYNM5tucqEktvZBeVoEBCPO7pk1daMLW5I%2F0gv9fb0IGiLqLQVCbJUOVzrqVplqP0cE67WBMwGK%2B1AC1aN%2B4DQ5fS4MJfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6a3051b8c6fa7160-DUS
content-length
1118
expires
0
/
tls-size-experiment-c.cloudflareresearch.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tls-size-experiment-c.cloudflareresearch.com/
Protocol
H2
Server
162.159.135.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-pqtlsse-id,x-pqtlsse-type
Origin
https://heart-healthy-tips.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-pqtlsse-id, x-pqtlsse-type
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
6a3051b895af2181-DUS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn%2Fn%2BBF6hphQK2GxVEwzIeHiy7i2Qn6LRRnqwQ9W0WaI1Ojj2NIh5OC4hTsgl52BAgX6cZTOEk4suDc9M2d8ZA8bFIGnzNdD1sSj4HHhDUw4X%2FPVB1ajOUSgrJHuqC6YxRCuZPzum9tAtI4CwOPwWRALr%2Bi65oE%2BXT9SFO5o"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
content-length
0
date
Sun, 24 Oct 2021 04:04:07 GMT
/
4.tls-size-experiment-1.cloudflareresearch.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://4.tls-size-experiment-1.cloudflareresearch.com/
Protocol
H2
Server
162.159.135.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-pqtlsse-id,x-pqtlsse-type
Origin
https://heart-healthy-tips.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-pqtlsse-id, x-pqtlsse-type
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
6a3051b896f37160-DUS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZTq5LubxwJB68ZObMAs0xGkDUJ%2BckYDOjaYTLlWQ447utIqxmINWTrnLyF9G8UL0v%2FJsNfxj4DaAiL8%2FXuHXyVG0FEolHTgnJyZ%2B9iskrpf4LrLtLayew2fx7UkXl5HmmF5xtPYaPwXwQGibw6CJ8NAfJGUByYHWXKUN2e7ASc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
content-length
0
date
Sun, 24 Oct 2021 04:04:07 GMT
781375c8-5821-47e2-a26b-717298d13a02
https://heart-healthy-tips.com/ 		120 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://heart-healthy-tips.com/781375c8-5821-47e2-a26b-717298d13a02
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
120
Content-Type
application/javascript
2d828aae880a2b7
heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/2d828aae880a2b7
Requested by
Host: heart-healthy-tips.com
URL: https://heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=6a3051b6bda04049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc63511c97d4b48324f04fb80035200d4bd693c3839ab117c39ef0bb46e2162e

Request headers

sec-fetch-mode
cors
origin
https://heart-healthy-tips.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
cf_chl_seq_2d828aae880a2b7=a29686d7793c778; cf_chl_2=2d828aae880a2b7; cf_chl_prog=e
content-length
20077
:path
/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049/2d828aae880a2b7
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
heart-healthy-tips.com
referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
:scheme
https
sec-fetch-site
same-origin
cf-challenge
2d828aae880a2b7
:method
POST
Referer
https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
CF-Challenge
2d828aae880a2b7
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOMEAwFNOHZ5QPnVvcMcw3UMWVRwJGZ5CIc83Dqr0cMC0X%2BD4YAT%2BGcSkq2sxGf%2BnN2KVnMufDZm2TXSyBu8CaYOTuHkFMepcViRO8gO%2B3qeGRscI1CJcrk4EMVCx7D8OpLru5E07hwj"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_2d828aae880a2b7=bf42fa093c8fa3e;SameSite=Strict;Secure;HttpOnly
cf-ray
6a3051ba487e084f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/64a0dba/static/ Frame B074 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4192d314e4bd8f36c47e32ec8f990bbaaec131d5a8494d95e77e909e8ca5b354
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/64a0dba/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heart-healthy-tips.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-type
text/html
last-modified
Thu, 21 Oct 2021 17:25:56 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
xW4sHYL8ZAFLb5ZpJbh4I0zqNLCWt7JEPQDhuxIhNRdlIQoD04u3Aw==
age
211063
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6a3051bb296f7181-DUS
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/64a0dba/static/ Frame C5A7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b5f405191243d24aa2f2b2e6f075222a4572e6e3b2f8968b9d1d0ddc916884
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/64a0dba/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heart-healthy-tips.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://heart-healthy-tips.com/

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-type
text/html
last-modified
Thu, 21 Oct 2021 17:25:56 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
QCYtiCr2kvrRx7J6MKaKSljk7i_rhGZBNVBERzUoIcOwjcXJq9imMg==
age
211062
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6a3051bb29707181-DUS
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/64a0dba/ Frame B074 		211 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a045de2f4abf7dcc8bf4de0cb814ca56b00e5b19376a3014623792363d5a1d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
211062
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61050
last-modified
Thu, 21 Oct 2021 17:25:57 GMT
server
cloudflare
etag
"43485497a992a2db086f3a35b05540d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
cf-ray
6a3051bb599b7181-DUS
x-amz-cf-id
UXzGilZ5bDpgtnAJklG7KEE-f706_te68vCRi_FQR8Mrn9O33XeB5w==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/64a0dba/ Frame C5A7 		135 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e06d3693b31e02cd4419bab91e1d283900e6f5284df8dc640e7a72d22c94705
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-checkbox.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
211062
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43221
last-modified
Thu, 21 Oct 2021 17:25:57 GMT
server
cloudflare
etag
"50660c1d7f1fbb0b79aba7b454a10fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
via
1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
cf-ray
6a3051bbd9ff7181-DUS
x-amz-cf-id
zKz7nD-AnmuzGfnhLFeHA6LY3YgVawI92p9Sxny1MWgaXANYWDTq1w==
truncated
/ Frame C5A7 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=heart-healthy-tips.com&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
Protocol
H3
Server
104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6a3051bc3a48215d-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame C5A7 		508 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=heart-healthy-tips.com&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1635fabf734bc10cb2b4c06d70396cc16f1066b9dbe08d038f389b748d01cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6a3051bc5a667181-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hsl.js
newassets.hcaptcha.com/c/c31b00f7/ Frame B074 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/c31b00f7/hsl.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/64a0dba/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239a7ae1d45d699771a224df3db01548cc9cfa70d03cc7a0eeb4ab92f1233555
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/64a0dba/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 04:04:07 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
134880
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 22 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"a01b80d5b75b082c8f8bcacbf4254200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
AMS1-C1
cf-ray
6a3051bc7a837181-DUS
x-amz-cf-id
308lPQAxd9eM7Y4H03qENq500eUMVoLQFf2sdzXsiSlLJOzV5YzT7Q==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _cf_chl_opt function| a function| b object| _cf_translation function| sendRequest function| _cf_atob function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| _cf_chl_hload object| _cf_chl_ctx object| hcaptcha boolean| _cf_chl_hloaded function| _ number| d number| kkpe string| prop

6 Cookies

Domain/Path Name / Value
heart-healthy-tips.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9875646580978263:1635044940:da5d5fd1cee7aac4e4020ba7fc26ff7b49484742a0ec8e8c09a07acef3bdcc2a/6a3051b6bda04049 Name: cf_chl_seq_2d828aae880a2b7
Value: bf42fa093c8fa3e
equinoxbags.com/ Name: uid391
Value: 621856008-20211024000406-11d04bbb536d7f435e520c44982fcc05-
www.3etrk.com/ Name: uniqueClick_M2GJW
Value: f10cbca5-8baf-4cc4-a7e7-3123e15b7b64:1635048246
www.3etrk.com/ Name: transaction_id
Value: 626d9cca6b414a45ac8446a5c5e2fbd4
heart-healthy-tips.com/ Name: cf_chl_2
Value: 2d828aae880a2b7
heart-healthy-tips.com/ Name: cf_chl_prog
Value: b

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://heart-healthy-tips.com/landers/index.php?utm_source=Affiliate&utm_medium=network&utm_campaign=236&_ef_transaction_id=626d9cca6b414a45ac8446a5c5e2fbd4&affid=236&subid1=350318&subid2=621856008&subid3=&subid4=&subid5=&clickid=626d9cca6b414a45ac8446a5c5e2fbd4
Message:
Failed to load resource: the server responded with a status of 403 ()
deprecation warning (Line 4)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.tls-size-experiment-1.cloudflareresearch.com
equinoxbags.com
hcaptcha.com
heart-healthy-tips.com
newassets.hcaptcha.com
rubiron.com
storage.googleapis.com
tls-size-experiment-c.cloudflareresearch.com
www.3etrk.com
104.16.168.131
104.16.169.131
104.21.32.141
134.119.194.231
142.250.186.176
162.159.135.79
207.142.22.79
34.107.208.114
15b5f405191243d24aa2f2b2e6f075222a4572e6e3b2f8968b9d1d0ddc916884
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
239a7ae1d45d699771a224df3db01548cc9cfa70d03cc7a0eeb4ab92f1233555
25c38e99d798d50c8b4ec0093f34d53624ade03dc29f9cd30cbdf5611c617f7f
4192d314e4bd8f36c47e32ec8f990bbaaec131d5a8494d95e77e909e8ca5b354
4e06d3693b31e02cd4419bab91e1d283900e6f5284df8dc640e7a72d22c94705
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
64c7902a560288b9e16a5a5321f57af67d2bf7c46b05a29a9d3809160f66eaca
86733231cadd8119ffe2328937a7fb3e1e6f6f06abaac4615ebbe8125e9c8bbe
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
bd5e6959ed06d777eff3fbb576ebbf5496d54b0e5bfbe352696e7e46857ee74d
c1635fabf734bc10cb2b4c06d70396cc16f1066b9dbe08d038f389b748d01cd1
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
d8a045de2f4abf7dcc8bf4de0cb814ca56b00e5b19376a3014623792363d5a1d
da48830c867cf29bd0dc9f986650d3f8d9f08d5d239034ad9667e507ba84bc71
dc63511c97d4b48324f04fb80035200d4bd693c3839ab117c39ef0bb46e2162e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc032fd387f245b0f9e75809a2606e7c49a23873b41942d897f25296071fc957