www.healthfirstnews.com Open in urlscan Pro
89.35.39.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Submission: On November 24 via manual (November 24th 2018, 4:31:42 pm UTC) from US

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 14 HTTP transactions. The main IP is 89.35.39.126, located in Romania and belongs to PARFUMURI-FEMEI-AS, RO. The main domain is www.healthfirstnews.com.

This is the only time www.healthfirstnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	89.35.39.126 89.35.39.126	44220 (PARFUMURI...) (PARFUMURI-FEMEI-AS)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2604:9e00:1:1... 2604:9e00:1:138::12	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	192.95.33.34 192.95.33.34	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	108.168.193.183 108.168.193.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
14	11

2 89.35.39.126 (Romania)

ASN44220 (PARFUMURI-FEMEI-AS, RO)

www.healthfirstnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p303968.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybestmv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.mybestmv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2604:9e00:1:138::12 (United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

bg6s0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.95.33.34 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: ns5001604.ip-192-95-33.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p303968.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p0.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com

wwwhealthfirstnewscom.imageshack.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	mycdn.co p303968.mycdn.co p0.mycdn.co	78 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	bg6s0.com bg6s0.com
2	mybestmv.com mybestmv.com beta.mybestmv.com	19 KB
2	clksite.com 2 redirects p303968.clksite.com clksite.com	528 B
2	jsdelivr.net 1 redirects cdn.jsdelivr.net	10 KB
2	cloudflare.com cdnjs.cloudflare.com	157 KB
2	healthfirstnews.com www.healthfirstnews.com	42 KB
1	imageshack.host wwwhealthfirstnewscom.imageshack.host	626 B
14	9

	Domain	Requested by
2	bg6s0.com	www.healthfirstnews.com
2	cdn.jsdelivr.net	1 redirects www.healthfirstnews.com
2	cdnjs.cloudflare.com	www.healthfirstnews.com
2	www.healthfirstnews.com	www.healthfirstnews.com
1	wwwhealthfirstnewscom.imageshack.host
1	p0.mycdn.co	beta.mybestmv.com
1	beta.mybestmv.com
1	clksite.com	1 redirects
1	p303968.mycdn.co	mybestmv.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	www.healthfirstnews.com
1	mybestmv.com	www.healthfirstnews.com
1	p303968.clksite.com	1 redirects
14	13

This site contains links to these domains. Also see Links.

Domain
www.intango.com

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-27` - `2019-05-05`	6 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Frame ID: 9F1B1C7C4A5CED1E7E8240DF8B5516A5
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Zepto$/i

Page Statistics

14
Requests

21 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

11
IPs

5
Countries

311 kB
Transfer

896 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js

Request Chain 1

http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP 301
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Request Chain 2

http://p303968.clksite.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true HTTP 301
http://mybestmv.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true

Request Chain 10

http://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf

Request Chain 12

http://clksite.com/adServe/banners?tid=303968_592849_1&pause=5 HTTP 301
http://beta.mybestmv.com/adServe/banners?tid=303968_592849_1&pause=5

14 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request football1-hls.php Show response
www.healthfirstnews.com/fitness/weight/ 90 KB
32 KB 146ms
83ms Document
text/html 89.35.39.126
PARFUMURI-FEMEI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 89.35.39.126 , Romania, ASN44220 (PARFUMURI-FEMEI-AS, RO),
Reverse DNS
Software: nginx /
Resource Hash: 96e6541aa00b83b59595c4168b9e6875fff09e30f34fcb782d9f778a74632a12

Request headers

Host: www.healthfirstnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sat, 24 Nov 2018 16:31:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 32644
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
S

200

clappr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js
https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js

470 KB
125 KB

13ms
13ms

Script
application/javascript

2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js

Requested by

Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7da00e88e864ad64d22d2a8888680d5d1fa9c073028d6dcb780521650f853f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 16:31:26 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.003
last-modified: Thu, 17 May 2018 09:18:28 GMT
server: cloudflare
etag: W/"5afd48e4-758c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 47ed440e2fb7c2c4-FRA
expires: Thu, 14 Nov 2019 16:31:26 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/clappr.min.js
Non-Authoritative-Reason: HSTS

GET
S

200

level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/
Redirect Chain

http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

28 KB
10 KB

40ms
20ms

Script
application/javascript

2606:4700::6810:5914
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bdf94e66a0dc8c0eca6001fe07f803900d529ca1517467bb5585492cc0592d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 16:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 9494
x-served-by: cache-ams4129-AMS, cache-fra19126-FRA
timing-allow-origin: *
server: cloudflare
etag: "6f6b-vgbRlqLauOCQaXa4SuVzEN3iIOw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 47ed440e69bdc2ce-FRA

Redirect headers

Date: Sat, 24 Nov 2018 16:31:26 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 47ed440e214a9706-FRA
Expires: Sat, 24 Nov 2018 17:31:26 GMT

GET
H/1.1

200

banners Show response
mybestmv.com/adServe/
Redirect Chain

http://p303968.clksite.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true
http://mybestmv.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true

26 KB
10 KB

270ms
130ms

Script
text/javascript

108.168.193.189
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://mybestmv.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true
Requested by: Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b260266347486ba7b9406298d3d786c67babcab1ba669fb7bb66fb71ac172e0d

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Nov 2018 16:31:26 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: http://mybestmv.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true
Date: Sat, 24 Nov 2018 16:31:26 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 178
Content-Type: text/html

GET
H/1.1 403
Forbidden 3213bdf63aa6532da1d7bd203ae20e1e.js
bg6s0.com/32/13/bd/ 0
0 196ms
93ms Script
application/javascript 2604:9e00:1:138::12
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://bg6s0.com/32/13/bd/3213bdf63aa6532da1d7bd203ae20e1e.js
Requested by: Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 2604:9e00:1:138::12 , United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: nginx/1.15.1 /
Resource Hash

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Nov 2018 16:31:26 GMT
Server: nginx/1.15.1
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 10 KB
4 KB 30ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 24 Nov 2018 16:26:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP: 137.74.120.32/27
ETag: "1262556565"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 4761
Content-Type: text/javascript
X-CDN-Pop: sbg
Accept-Ranges: bytes
Content-Length: 4243

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
323 B 201ms
97ms Script
text/html 192.95.33.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?4164339&@f16&@g1&@h1&@i1&@j1543077086894&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Fwww.healthfirstnews.com%2Ffitness%2Fweight%2Ffootball1-hls.php&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 192.95.33.34 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5001604.ip-192-95-33.net
Software: /
Resource Hash: 33c88c184da8d3df2a7ab83845bf2079f1a889ba9f85a53fa2951a858e7fbf4a

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 24 Nov 2018 16:31:27 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 403
Forbidden 3213bdf63aa6532da1d7bd203ae20e1e.js
bg6s0.com/32/13/bd/ 0
0 87ms
86ms Script
application/javascript 2604:9e00:1:138::12
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://bg6s0.com/32/13/bd/3213bdf63aa6532da1d7bd203ae20e1e.js
Requested by: Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 2604:9e00:1:138::12 , United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: nginx/1.15.1 /
Resource Hash

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Nov 2018 16:31:27 GMT
Server: nginx/1.15.1
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK watermark.png
www.healthfirstnews.com/images/ 9 KB
10 KB 42ms
42ms Image
image/png 89.35.39.126
PARFUMURI-FEMEI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.healthfirstnews.com/images/watermark.png
Requested by: Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Protocol: HTTP/1.1
Server: 89.35.39.126 , Romania, ASN44220 (PARFUMURI-FEMEI-AS, RO),
Reverse DNS
Software: nginx /
Resource Hash: 1659afce3d20964f556030975fb34c363bc6890500d4a37ab283d46305e68ae7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.healthfirstnews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Cookie: HstCfa4164339=1543077086894; HstCla4164339=1543077086894; HstCmu4164339=1543077086894; HstPn4164339=1; HstPt4164339=1; HstCnv4164339=1; HstCns4164339=1; rhid_c=0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 24 Nov 2018 16:31:27 GMT
Last-Modified: Fri, 23 Nov 2018 15:49:17 GMT
Server: nginx
ETag: "5bf8217d-258e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 9614
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S

200

38861cba61c66739c1452c3a71e39852.ttf
cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf
https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf

32 KB
32 KB

49ms
49ms

Font
application/octet-stream

2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf

Requested by

Host: www.healthfirstnews.com
URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 16:31:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 32652
served-in-seconds: 0.000
last-modified: Thu, 17 May 2018 09:18:28 GMT
server: cloudflare
etag: "5afd48e4-7f8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 47ed4412accfc27e-FRA
expires: Thu, 14 Nov 2019 16:31:27 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/clappr/0.2.86/38861cba61c66739c1452c3a71e39852.ttf
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.healthfirstnews.com

GET
H/1.1 200
OK rhpop_61.2-1.js Show response
p303968.mycdn.co/script/ 154 KB
59 KB 34ms
7ms Script
application/javascript 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://p303968.mycdn.co/script/rhpop_61.2-1.js
Requested by: Host: mybestmv.com
URL: http://mybestmv.com/adServe/banners?tid=303968_627372_0&tagid=2&hybridPop=true
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 301c0ef22eef185e465005c929ef9f1e0b49e563b8ddddffeec498674f8376f3

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 24 Nov 2018 16:31:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Sep 2018 14:42:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"5b8feb56-266d2"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Expires: Tue, 19 Nov 2019 16:31:27 GMT

GET
H/1.1

200

banners Show response
beta.mybestmv.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=303968_592849_1&pause=5
http://beta.mybestmv.com/adServe/banners?tid=303968_592849_1&pause=5

25 KB
9 KB

265ms
127ms

Script
text/javascript

108.168.193.189
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://beta.mybestmv.com/adServe/banners?tid=303968_592849_1&pause=5
Protocol: HTTP/1.1
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 4c1d7f811be99b79d101c5f2214caa216732480fb2aac9dfc53e3c9d1d6cc816

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Nov 2018 16:31:27 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: http://beta.mybestmv.com/adServe/banners?tid=303968_592849_1&pause=5
Date: Sat, 24 Nov 2018 16:31:27 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK bounce-tag_61.2-1.js Show response
p0.mycdn.co/banners/bounce/ 49 KB
19 KB 24ms
6ms Script
application/javascript 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://p0.mycdn.co/banners/bounce/bounce-tag_61.2-1.js
Requested by: Host: beta.mybestmv.com
URL: http://beta.mybestmv.com/adServe/banners?tid=303968_592849_1&pause=5
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5d66ed0b4304f7382a0228d17e4401305db0270c06c5bf03bdb528f40f035832

Request headers

Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 24 Nov 2018 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Sep 2018 14:42:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"5b8feb56-c361"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Expires: Tue, 19 Nov 2019 16:31:28 GMT

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200 favicon.ico.png
wwwhealthfirstnewscom.imageshack.host/itab/rapidcdn/sjv_58.10/ 163 B
626 B 284ms
133ms Image
image/png 108.168.193.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wwwhealthfirstnewscom.imageshack.host/itab/rapidcdn/sjv_58.10/favicon.ico.png
Protocol: HTTP/1.1
Server: 108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b04e43d74d99d49c08e71bbb495e27920a6e4fc6422072c53f842b5a446b59e1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.healthfirstnews.com/fitness/weight/football1-hls.php
Origin: http://www.healthfirstnews.com

Response headers

Pragma: no-cache
Date: Sat, 24 Nov 2018 16:31:30 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=5
Content-Length: 163
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstCns4164339 Value: 1
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstCnv4164339 Value: 1
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstPn4164339 Value: 1
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstCmu4164339 Value: 1543077086894
www.healthfirstnews.com/	1969-12-31 23:59:59	Name: rhid_c Value: 0
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstCla4164339 Value: 1543077086894
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstPt4164339 Value: 1
www.healthfirstnews.com/	1970-01-19 05:23:33	Name: HstCfa4164339 Value: 1543077086894

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.healthfirstnews.com/fitness/weight/football1-hls.php(Line 18) Message: %c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.mybestmv.com
bg6s0.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clksite.com
mybestmv.com
p0.mycdn.co
p303968.clksite.com
p303968.mycdn.co
s10.histats.com
s4.histats.com
www.healthfirstnews.com
wwwhealthfirstnewscom.imageshack.host
108.168.193.183
108.168.193.189
173.192.101.24
192.95.33.34
2604:9e00:1:138::12
2606:4700::6810:5614
2606:4700::6810:5914
2606:4700::6813:c397
2606:4700::6813:c697
46.105.201.240
89.35.39.126
94.31.29.128
1659afce3d20964f556030975fb34c363bc6890500d4a37ab283d46305e68ae7
301c0ef22eef185e465005c929ef9f1e0b49e563b8ddddffeec498674f8376f3
33c88c184da8d3df2a7ab83845bf2079f1a889ba9f85a53fa2951a858e7fbf4a
3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205
4c1d7f811be99b79d101c5f2214caa216732480fb2aac9dfc53e3c9d1d6cc816
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d66ed0b4304f7382a0228d17e4401305db0270c06c5bf03bdb528f40f035832
7da00e88e864ad64d22d2a8888680d5d1fa9c073028d6dcb780521650f853f9d
90bdf94e66a0dc8c0eca6001fe07f803900d529ca1517467bb5585492cc0592d
967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5
96e6541aa00b83b59595c4168b9e6875fff09e30f34fcb782d9f778a74632a12
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b04e43d74d99d49c08e71bbb495e27920a6e4fc6422072c53f842b5a446b59e1
b260266347486ba7b9406298d3d786c67babcab1ba669fb7bb66fb71ac172e0d
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

www.healthfirstnews.com Open in urlscan Pro 89.35.39.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

21 %HTTPS

42 %IPv6

9 Domains

13 Subdomains

11 IPs

5 Countries

311 kBTransfer

896 kBSize

8 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

www.healthfirstnews.com Open in urlscan Pro
89.35.39.126 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

21 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

11
IPs

5
Countries

311 kB
Transfer

896 kB
Size

8
Cookies

14 HTTP transactions
3 data transactions