glp1.havashealth.com Open in urlscan Pro
209.126.30.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://baf252d3c1.nxcli.io/
Effective URL:
https://glp1.havashealth.com/
Submission: On June 12 via api (June 12th 2024, 12:45:32 pm UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 209.126.30.3, located in United States and belongs to NEXCESS-NET, US. The main domain is glp1.havashealth.com.
TLS certificate: Issued by R10 on June 11th 2024. Valid for: 3 months.

This is the only time glp1.havashealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	209.126.30.3 209.126.30.3	36444 (NEXCESS-NET) (NEXCESS-NET)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2

29 209.126.30.3 (United States) 1 redirects

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-2840116.us-midwest-1.nxcli.net

baf252d3c1.nxcli.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glp1.havashealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	havashealth.com glp1.havashealth.com	2 MB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2158
1	nxcli.io 1 redirects baf252d3c1.nxcli.io	433 B
29	3

	Domain	Requested by
28	glp1.havashealth.com	glp1.havashealth.com
1	player.vimeo.com	glp1.havashealth.com
1	baf252d3c1.nxcli.io	1 redirects
29	3

This site contains links to these domains. Also see Links.

Domain
havashealthandyou.com

Subject Issuer	Validity	Valid
baf252d3c1.nxcli.io R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
player.vimeo.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://glp1.havashealth.com/
Frame ID: B1250278E8253250723703EADBB7F9EF
Requests: 28 HTTP requests in this frame

Frame: https://player.vimeo.com/video/900586364?h=480f8adc04&dnt=1&app_id=122963
Frame ID: AC40C71E0FF9EF24BEA1C0E35963F7D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HAVAS Health – GLP1 – HAVAS Health – GLP1

Page URL History Show full URLs

https://baf252d3c1.nxcli.io/ HTTP 301
https://glp1.havashealth.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1676 kB
Transfer

2073 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://havashealthandyou.com/terms-and-conditions-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://havashealthandyou.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://baf252d3c1.nxcli.io/ HTTP 301
https://glp1.havashealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
glp1.havashealth.com/
Redirect Chain

https://baf252d3c1.nxcli.io/
https://glp1.havashealth.com/

63 KB
13 KB

1010ms
284ms

Document
text/html

209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

911f3bc48395b38da224a0517864a2261ab9fb871bce131879f4cb1cfb684397

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 12:45:27 GMT
expect-ct: max-age=7776000, enforce
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/" <https://glp1.havashealth.com/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json" <https://glp1.havashealth.com/>; rel=shortlink
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache-nxaccel: BYPASS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 12:45:26 GMT
expect-ct: max-age=7776000, enforce
location: https://glp1.havashealth.com/
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
server: nginx
strict-transport-security: max-age=31536000
x-cache-nxaccel: BYPASS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H2 200 formidableforms.css
glp1.havashealth.com/wp-content/plugins/formidable/css/ 49 KB
8 KB 137ms
136ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/formidable/css/formidableforms.css?ver=5291631

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

d5323a36e17d4b56f40efa5235cebfe54b25169f8ba08217e3cf2ea226638f0d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 29 May 2024 16:31:17 GMT
server: nginx
etag: W/"c3f0-6199a4796ff40"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 style.min.css
glp1.havashealth.com/wp-includes/css/dist/block-library/ 111 KB
14 KB 150ms
148ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-nocache: 1
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 03 Apr 2024 02:09:45 GMT
server: nginx
etag: W/"1bae5-61527b764ac40"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 terms-of-use-modal.css
glp1.havashealth.com/wp-content/plugins/terms-of-use-modal/ 553 B
291 B 171ms
170ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/terms-of-use-modal/terms-of-use-modal.css?ver=6.5.4

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

d93481ca0e523a96cf12a3208831a94f52e93af12863ea44c4272032b9889244

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Fri, 05 Jan 2024 11:54:14 GMT
server: nginx
etag: W/"229-60e3181cac580"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 global.min.css
glp1.havashealth.com/wp-content/themes/kadence/assets/css/ 23 KB
5 KB 179ms
177ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.2.5

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

51c37e2481f00ce5621846f274d523d0cf4af1039aa98760f7017952558e2957

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 28 May 2024 14:49:37 GMT
server: nginx
etag: W/"5aed-61984be290240"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 style-blocks-rowlayout.css
glp1.havashealth.com/wp-content/plugins/kadence-blocks/dist/ 8 KB
1 KB 179ms
178ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/kadence-blocks/dist/style-blocks-rowlayout.css?ver=3.2.42

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

317a04800478e0b650ad0dfe5665501e971f99aeb761bfd19039ccfdfe44572d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 11 Jun 2024 14:21:52 GMT
server: nginx
etag: W/"1e52-61a9dfcb32afa"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 style-blocks-column.css
glp1.havashealth.com/wp-content/plugins/kadence-blocks/dist/ 1 KB
480 B 296ms
295ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/kadence-blocks/dist/style-blocks-column.css?ver=3.2.42

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

3f243ba66777c8ca1305faa1a2d01f6cffd1220655a9d204b63acb9c190b4628

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 11 Jun 2024 14:21:52 GMT
server: nginx
etag: W/"5c5-61a9dfcb32afa"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 jquery.min.js Show response
glp1.havashealth.com/wp-includes/js/jquery/ 86 KB
29 KB 170ms
169ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-nocache: 1
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Fri, 22 Dec 2023 14:57:26 GMT
server: nginx
etag: W/"15601-60d1a6f302180"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 jquery-migrate.min.js Show response
glp1.havashealth.com/wp-includes/js/jquery/ 13 KB
5 KB 171ms
170ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-nocache: 1
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Fri, 22 Dec 2023 14:57:26 GMT
server: nginx
etag: W/"3509-60d1a6f302180"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 terms-of-use-modal.js Show response
glp1.havashealth.com/wp-content/plugins/terms-of-use-modal/ 1 KB
517 B 170ms
169ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/terms-of-use-modal/terms-of-use-modal.js?ver=6.5.4

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

6aa08d19d73948030960996c6afde4f79ea5a9b5b8f5dfd6fd656cf019e118a8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Fri, 05 Jan 2024 11:54:14 GMT
server: nginx
etag: W/"471-60e3181cac580"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 header.min.css
glp1.havashealth.com/wp-content/themes/kadence/assets/css/ 26 KB
4 KB 309ms
308ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.2.5

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 28 May 2024 14:49:37 GMT
server: nginx
etag: W/"67ee-61984be290240"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 content.min.css
glp1.havashealth.com/wp-content/themes/kadence/assets/css/ 33 KB
6 KB 320ms
319ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.2.5

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

d1238f3c6be9ef32aba35dbc212d0719036f360b827648853c75450897de25ae

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 28 May 2024 14:49:37 GMT
server: nginx
etag: W/"8315-61984be290240"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 footer.min.css
glp1.havashealth.com/wp-content/themes/kadence/assets/css/ 20 KB
2 KB 317ms
317ms Stylesheet
text/css 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.2.5

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 28 May 2024 14:49:37 GMT
server: nginx
etag: W/"4e07-61984be290240"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 logo-1.png
glp1.havashealth.com/wp-content/uploads/2024/01/ 5 KB
5 KB 250ms
249ms Image
image/png 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/uploads/2024/01/logo-1.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

9f41743a975165266dfcaff6de142fc5b3aa8390086588b872c1fb170e978a09

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-cache-nxaccel: MISS
content-length: 5135
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 04 Jan 2024 14:18:37 GMT
server: nginx
etag: "140f-60e1f684e4940"
expect-ct: max-age=7776000, enforce
x-frame-options: SAMEORIGIN
content-type: image/png
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes

GET
H2 200 Forward-CarePod-Interior-Carousel-1-1024x372.png
glp1.havashealth.com/wp-content/uploads/2024/01/ 495 KB
495 KB 272ms
272ms Image
image/png 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/uploads/2024/01/Forward-CarePod-Interior-Carousel-1-1024x372.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

d4762a82ba56bd22d116b59aa4b8c454b48e72e675a7d1227b8caf4a91fd8594

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-cache-nxaccel: MISS
content-length: 506477
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 03 Jan 2024 20:14:54 GMT
server: nginx
etag: "7ba6d-60e1044a20b80"
expect-ct: max-age=7776000, enforce
x-frame-options: SAMEORIGIN
content-type: image/png
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes

GET
H2 200 welltainment2.png
glp1.havashealth.com/wp-content/uploads/2024/01/ 944 KB
945 KB 259ms
259ms Image
image/png 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/uploads/2024/01/welltainment2.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

43df13f3042c6ca6c72d543e71decbfabe608892ee0df7a58b384d5e16192226

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-cache-nxaccel: MISS
content-length: 967047
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 08 Jan 2024 16:22:07 GMT
server: nginx
etag: "ec187-60e71995769c0"
expect-ct: max-age=7776000, enforce
x-frame-options: SAMEORIGIN
content-type: image/png
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes

GET
H2 200 navigation.min.js Show response
glp1.havashealth.com/wp-content/themes/kadence/assets/js/ 18 KB
4 KB 359ms
358ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.2.5

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

86a58db20431c5440161f6e8b7e530af816f3d91945912a6cb262ff64942090f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 28 May 2024 14:49:37 GMT
server: nginx
etag: W/"468e-61984be290240"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 200 frm.min.js Show response
glp1.havashealth.com/wp-content/plugins/formidable/js/ 35 KB
9 KB 290ms
289ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/plugins/formidable/js/frm.min.js?ver=6.10

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

69028daad2443ea6c9b1618feb46f945e37875069f7ff70119cb7e0afbd4e25c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-cache-nxaccel: MISS
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 29 May 2024 16:31:17 GMT
server: nginx
etag: W/"8d69-6199a4796ff40"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 404 Baikal-Regular.woff2
glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/ 0
0 397ms
396ms Font
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-Regular.woff2

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Origin: https://glp1.havashealth.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK 900586364
player.vimeo.com/video/ Frame AC40 0
0 367ms
284ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/900586364?h=480f8adc04&dnt=1&app_id=122963

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://glp1.havashealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8929f02d0d0c195e-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Jun 2024 12:45:28 GMT
Server: cloudflare
Transfer-Encoding: chunked
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-699d6dbdb7-9fr2z
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-699d6dbdb7-9fr2z
x-player-backend: g
x-served-by: cache-fra-eddf8230082-FRA
x-timer: S1718196329.512834,VS0,VE224
x-xss-protection: 1; mode=block

GET
H2 404 Solid.png
glp1.havashealth.com/wp-content/themes/kadence/assets/images/ 42 KB
42 KB 394ms
391ms Image
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/Solid.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

361c1ed58d0f10a4ef36b2a7eb76b5345ecdeeed64e60014c1709ee42753616f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 quote.png
glp1.havashealth.com/wp-content/themes/kadence/assets/images/ 42 KB
42 KB 426ms
423ms Image
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/quote.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

361c1ed58d0f10a4ef36b2a7eb76b5345ecdeeed64e60014c1709ee42753616f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Baikal-UltraExpandedMedium.woff2
glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/ 0
0 412ms
411ms Font
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-UltraExpandedMedium.woff2

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Origin: https://glp1.havashealth.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Baikal-ExpandedMedium.woff2
glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/ 0
0 410ms
410ms Font
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-ExpandedMedium.woff2

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Origin: https://glp1.havashealth.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Baikal-Book.woff2
glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/ 0
0 410ms
409ms Font
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-Book.woff2

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Origin: https://glp1.havashealth.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Baikal-UltraExpandedSemiBold.woff2
glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/ 0
0 416ms
416ms Font
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-UltraExpandedSemiBold.woff2

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Origin: https://glp1.havashealth.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
glp1.havashealth.com/wp-includes/js/ 18 KB
5 KB 211ms
210ms Script
application/javascript 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-nocache: 1
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 03 Apr 2024 02:09:45 GMT
server: nginx
etag: W/"4926-61527b764ac40"
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()

GET
H2 404 X.png
glp1.havashealth.com/wp-content/themes/kadence/assets/images/ 38 KB
38 KB 241ms
241ms Image
text/html 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/X.png

Requested by

Host: glp1.havashealth.com
URL: https://glp1.havashealth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

850f62015cab6512c1e0b59d16d97b4257ce0db948d9d7caecc7c957073916d3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
link: <https://glp1.havashealth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 H512-1-150x150.png
glp1.havashealth.com/wp-content/uploads/2024/01/ 2 KB
2 KB 129ms
129ms Other
image/png 209.126.30.3
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://glp1.havashealth.com/wp-content/uploads/2024/01/H512-1-150x150.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.126.30.3 , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

cloudhost-2840116.us-midwest-1.nxcli.net

Software

nginx /

Resource Hash

59e0caa5cac3d9ea9a359ec525af67c61ca041e841afd4b92de7ecd30a780806

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://glp1.havashealth.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 12:45:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-cache-nxaccel: MISS
content-length: 1936
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 08 Jan 2024 15:12:06 GMT
server: nginx
etag: "790-60e709ef13d80"
expect-ct: max-age=7776000, enforce
x-frame-options: SAMEORIGIN
content-type: image/png
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vimeo.com/	1970-01-20 21:16:38	Name: __cf_bm Value: 6CTmt5mAo72WHYYg_Gr9ulEdIzCmUvA359Hwnh2d0Nk-1718196328-1.0.1.1-ihW6sDbNDGFBS0Ex.GGarXQAXU7PrgFtp0vN3vWbr__JADqQiE2..uCGvW6H7azK2xZPRfKcW64i9UcL1ihsfA
			.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ZldtijK5rfPGqKPBbw1syI0SafM11D7mcFGA9KxRE4g-1718196328741-0.0.1.1-604800000

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
security	error	URL: https://glp1.havashealth.com/(Line 13) Message: Refused to create a worker from 'blob:https://glp1.havashealth.com/083b6646-ab15-44e5-9be6-64984ab16191' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/Solid.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/quote.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-Book.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-ExpandedMedium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-UltraExpandedMedium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/fonts/Baikal-UltraExpandedSemiBold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://glp1.havashealth.com/wp-content/themes/kadence/assets/images/X.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://glp1.havashealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://glp1.havashealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baf252d3c1.nxcli.io
glp1.havashealth.com
player.vimeo.com
162.159.138.60
209.126.30.3
317a04800478e0b650ad0dfe5665501e971f99aeb761bfd19039ccfdfe44572d
361c1ed58d0f10a4ef36b2a7eb76b5345ecdeeed64e60014c1709ee42753616f
3f243ba66777c8ca1305faa1a2d01f6cffd1220655a9d204b63acb9c190b4628
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2
43df13f3042c6ca6c72d543e71decbfabe608892ee0df7a58b384d5e16192226
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
51c37e2481f00ce5621846f274d523d0cf4af1039aa98760f7017952558e2957
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59e0caa5cac3d9ea9a359ec525af67c61ca041e841afd4b92de7ecd30a780806
69028daad2443ea6c9b1618feb46f945e37875069f7ff70119cb7e0afbd4e25c
6aa08d19d73948030960996c6afde4f79ea5a9b5b8f5dfd6fd656cf019e118a8
850f62015cab6512c1e0b59d16d97b4257ce0db948d9d7caecc7c957073916d3
86a58db20431c5440161f6e8b7e530af816f3d91945912a6cb262ff64942090f
911f3bc48395b38da224a0517864a2261ab9fb871bce131879f4cb1cfb684397
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9f41743a975165266dfcaff6de142fc5b3aa8390086588b872c1fb170e978a09
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1238f3c6be9ef32aba35dbc212d0719036f360b827648853c75450897de25ae
d4762a82ba56bd22d116b59aa4b8c454b48e72e675a7d1227b8caf4a91fd8594
d5323a36e17d4b56f40efa5235cebfe54b25169f8ba08217e3cf2ea226638f0d
d93481ca0e523a96cf12a3208831a94f52e93af12863ea44c4272032b9889244
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

glp1.havashealth.com Open in urlscan Pro 209.126.30.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1676 kBTransfer

2073 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

glp1.havashealth.com Open in urlscan Pro
209.126.30.3 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1676 kB
Transfer

2073 kB
Size

2
Cookies

29 HTTP transactions
0 data transactions