healthyfoodsfgs.com
149.56.91.1 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://mysticgarden.cz/js/noa/ 4mo old
Effective URL:
https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSay... 6yr old
Submission: On May 11 via manual (May 11th 2026, 11:59:53 am UTC) from CA — Scanned from CA

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 15 domains to perform 45 HTTP transactions. The main IP is 149.56.91.1, located in Montreal, Canada and belongs to OVH OVH SAS, FR. The main domain is healthyfoodsfgs.com. 6yr old
TLS certificate: Issued by R13 on March 13th 2026. Valid for: 3mo.

This is the only time healthyfoodsfgs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	209.38.222.216 209.38.222.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 1	95.217.117.68 95.217.117.68	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 21	149.56.91.1 149.56.91.1	16276 (OVH OVH SAS) (OVH OVH SAS)
1	104.26.4.7 104.26.4.7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.20.41.165 104.20.41.165	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	172.67.70.180 172.67.70.180	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	23.53.11.179 23.53.11.179	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	3.136.121.110 3.136.121.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.18.13.146 104.18.13.146	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.26.15.100 104.26.15.100	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	67.202.105.33 67.202.105.33	29802 (HVC-AS) (HVC-AS - HIVELOCITY)
3	18.239.6.24 18.239.6.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.67.74.186 172.67.74.186	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	37.187.82.52 37.187.82.52	16276 (OVH OVH SAS) (OVH OVH SAS)
1	67.202.105.31 67.202.105.31	29802 (HVC-AS) (HVC-AS - HIVELOCITY)
2 4	44.196.77.126 44.196.77.126	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	3.218.172.113 3.218.172.113	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
45	17

1 209.38.222.216 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

mysticgarden.cz 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 95.217.117.68 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: fly.hosters.pk

phenomenalfilmproductions.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

21 149.56.91.1 (Montreal, Canada) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: h8.a1center.net

healthyfoodsfgs.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.26.4.7 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

waust.at 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.20.41.165 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

whos.amung.us 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.67.70.180 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

t.dtscout.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 23.53.11.179 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-53-11-179.deploy.static.akamaitechnologies.com

pxdrop.lijit.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.136.121.110 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-136-121-110.us-east-2.compute.amazonaws.com

pd.sharethis.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.13.146 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.tynt.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.26.15.100 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

p.mrktmtrcs.net 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 67.202.105.33 (United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 18.239.6.24 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-18-239-6-24.yul62.r.cloudfront.net

tags.crwdcntrl.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.67.74.186 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

t.dtscdn.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.187.82.52 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31746890.ip-37-187-82.eu

pixel.onaudience.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 67.202.105.31 (United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 44.196.77.126 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-44-196-77-126.compute-1.amazonaws.com

ps.eyeota.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.218.172.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-218-172-113.compute-1.amazonaws.com

bcp.crwdcntrl.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
21	healthyfoodsfgs.com 1 redirects healthyfoodsfgs.com 6yr old	808 KB
4	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1087 13yr old	1 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1012 13yr old bcp.crwdcntrl.net — Cisco Umbrella Rank: 1132 10yr old	24 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 16198 10yr old ic.tynt.com — Cisco Umbrella Rank: 15294 10yr old de.tynt.com — Cisco Umbrella Rank: 2156 10yr old	8 KB
3	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 5119 5yr old	14 KB
3	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 10368 10yr old	5 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 393 10yr old	1 KB
1	onaudience.com pixel.onaudience.com — Cisco Umbrella Rank: 2338 9yr old	99 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 12233 11yr old	575 B
1	mrktmtrcs.net p.mrktmtrcs.net — Cisco Umbrella Rank: 12153 1yr old	14 KB
1	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 43995 8yr old	153 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15146 10yr old	257 B
1	waust.at waust.at — Cisco Umbrella Rank: 31994 9yr old	4 KB
1	phenomenalfilmproductions.com 1 redirects phenomenalfilmproductions.com 1yr old	379 B
1	mysticgarden.cz mysticgarden.cz 4mo old	343 B
45	15

	Domain	Requested by
21	healthyfoodsfgs.com	1 redirects mysticgarden.cz healthyfoodsfgs.com
4	ps.eyeota.net	2 redirects
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	pxdrop.lijit.com	t.dtscout.com pxdrop.lijit.com
3	t.dtscout.com	waust.at t.dtscout.com
2	match.adsrvr.org	2 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	de.tynt.com	cdn.tynt.com
1	pixel.onaudience.com
1	t.dtscdn.com	t.dtscout.com
1	ic.tynt.com
1	p.mrktmtrcs.net	t.dtscout.com
1	cdn.tynt.com	t.dtscout.com
1	pd.sharethis.com	t.dtscout.com
1	whos.amung.us	waust.at
1	waust.at	healthyfoodsfgs.com
1	phenomenalfilmproductions.com	1 redirects
1	mysticgarden.cz
45	18

This site contains no links.

Subject Issuer	Validity	Valid
mysticgarden.cz E7	`2026-04-15` - `2026-07-14`	3mo	crt.sh
*.healthyfoodsfgs.com R13	`2026-03-13` - `2026-06-11`	3mo	crt.sh
waust.at WE1	`2026-04-12` - `2026-07-11`	3mo	crt.sh
amung.us WE1	`2026-04-18` - `2026-07-17`	3mo	crt.sh
dtscout.com WE1	`2026-04-24` - `2026-07-24`	3mo	crt.sh
cert2-prod.aut.a24365.net R13	`2026-05-04` - `2026-08-02`	3mo	crt.sh
sharethis.com Amazon RSA 2048 M01	`2026-02-20` - `2026-09-05`	7mo	crt.sh
*.tynt.com Sectigo Public Server Authentication CA DV R36	`2025-09-12` - `2026-09-30`	1yr	crt.sh
mrktmtrcs.net WE1	`2026-03-25` - `2026-06-23`	3mo	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-09` - `2026-09-07`	1yr	crt.sh
dtscdn.com WE1	`2026-04-19` - `2026-07-18`	3mo	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2026-03-30` - `2026-10-14`	7mo	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2026-04-21` - `2026-11-05`	7mo	crt.sh

This page contains 9 frames:

Primary Page: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Frame ID: 0F47A44B5FF78CE18C3BE9A851B54886
Requests: 24 HTTP requests in this frame

Frame: https://healthyfoodsfgs.com/noa/iframe2.php
Frame ID: 68D7E28C9C26C74668F18E7893AF1DF5
Requests: 15 HTTP requests in this frame

Frame: https://healthyfoodsfgs.com/noa/door/wmms-blk.svg
Frame ID: 1071FC0F809E7F0D247421303F397003
Requests: 1 HTTP requests in this frame

Frame: https://healthyfoodsfgs.com/noa/door/sig-blk-en.svg
Frame ID: 8DBB19256F6C0B01B1F807B677A33C08
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001778500800B7D03FA2E4EECAA6BD
Frame ID: 4D7B2E81FE8878456BD64D0D863FB268
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.2051.1148&cid=c026&cls=sync
Frame ID: 1D4E8B680906E85D033B554467559032
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/1.2051.1148/a/CA/t_.js?cid=c026&cls=sync
Frame ID: 21DDBBDD50667BD1225B1ABB79A1C750
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 62D8F87A313B2969BCA7412A638D4BF7
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=41%2C92%2C54%2C136%2C135%2C168%2C49%2C81%2C33%2C31%2C122%2C121%2C26%2C164%2C22%2C116%2C154%2C106%2C104%2C7%2C100%2C145%2C2&lac=true&c=3825&ch=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22148%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22148%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2224%22%7D%5D%2C%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22148.0.0.0%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22148.0.0.0%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2219.0.0%22%7D
Frame ID: CA22E48BFF7A508CD34481ABF4DFFBC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Step 2: Personal information - Canadian Revenue Agency

Page URL History Show full URLs

https://mysticgarden.cz/js/noa/ Page URL
https://phenomenalfilmproductions.com/wp-admin/js/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/index2.php Page URL
https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=Lm... Page URL

Detected technologies

PHP (Programming languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

ShareThis (Widgets) Expand

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery

33Across (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.tynt\.com/

DTScout (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.dtscout\.com/

Sovrn (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.(?:linksmart|lijit)\.com/

Page Statistics

45
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

17
IPs

6
Countries

877 kB
Transfer

973 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mysticgarden.cz/js/noa/ Page URL
https://phenomenalfilmproductions.com/wp-admin/js/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/index2.php Page URL
https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://phenomenalfilmproductions.com/wp-admin/js/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/ HTTP 302
https://healthyfoodsfgs.com/noa/index2.php

Request Chain 2

https://healthyfoodsfgs.com/favicon.ico HTTP 302
https://healthyfoodsfgs.com/media/2024/12/cropped-HealtyFoods-Iso-White-32x32.png

Request Chain 40

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.2&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.2&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=db1d50ad-ed61-47c8-8422-5d2f77e099d5&bid=1e2n4ou

Request Chain 41

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.3&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.3&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=be4cdb13-b64f-4cd1-8e1f-669f198b697d&bid=1e2n4ou

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
mysticgarden.cz/js/noa/ 199 B
343 B 970ms
414ms Document
text/html 209.38.222.216
DigitalOcean

General

Check archive.org

Download Go to

Full URL

https://mysticgarden.cz/js/noa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.38.222.216 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

a007ac9a6347fe7e809ea4e324d811f64eb9b2dd25bc95ca257c9757ad985503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 May 2026 11:59:54 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

index2.php Show response
healthyfoodsfgs.com/noa/
Redirect Chain

https://phenomenalfilmproductions.com/wp-admin/js/noa/
https://healthyfoodsfgs.com/noa/
https://healthyfoodsfgs.com/noa/index2.php

182 B
927 B

205ms
204ms

Document
text/html

149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/index2.php

Requested by

Host: mysticgarden.cz
URL: https://mysticgarden.cz/js/noa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

ed2382afa8f909b172b1590358f928f1cc4af8183b4789536614bf2277e62a1f

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mysticgarden.cz/js/noa/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Security-Policy: report-to default
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
Transfer-Encoding: chunked
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: report-to default
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: index2.php
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Primary Request personal-info.php Show response
healthyfoodsfgs.com/noa/ 49 KB
50 KB 602ms
172ms Document
text/html 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

6cc61bfe2ccb3f56709bb280265ba2876ad9e64cb6b1aa68ba5c0baeb8d6e4b2

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://healthyfoodsfgs.com/noa/index2.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Security-Policy: report-to default
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=97
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
Transfer-Encoding: chunked
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET

cropped-HealtyFoods-Iso-White-32x32.png
healthyfoodsfgs.com/media/2024/12/
Redirect Chain

https://healthyfoodsfgs.com/favicon.ico
https://healthyfoodsfgs.com/media/2024/12/cropped-HealtyFoods-Iso-White-32x32.png

0
0

GET
H/1.1 200
OK theme_002.css
healthyfoodsfgs.com/noa/door/ 28 KB
29 KB 343ms
229ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/theme_002.css

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

41fbb280ed197740a1c526e9619c00510e2b32dcbba016261890c9052d3243de

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 28605
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK theme.css
healthyfoodsfgs.com/noa/door/ 290 KB
290 KB 363ms
159ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/theme.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

b9adc9d233ab5f39618b6fa8ff5b5a99aff51fbbe0cc4558e8f5024b15cc1281

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=96
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 296651
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK font-awesome.css
healthyfoodsfgs.com/noa/door/ 30 KB
31 KB 506ms
220ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/font-awesome.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

409431c6d45382c6f353dc8d2dbeff98b90e88c1c728f263e7299d68a55dda53

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 30975
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK jquery.css
healthyfoodsfgs.com/noa/door/ 2 KB
2 KB 642ms
278ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/jquery.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

2cc052d474ce6ee267dd164a839814615a04865b2706d1bc1cb73160c55c549f

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 1590
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK theme-jb.css
healthyfoodsfgs.com/noa/door/ 96 KB
97 KB 617ms
178ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/theme-jb.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

840787fa147628e52a9ee2f640e98efdf524beb19bdf532f2d9fed83e494a00b

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 98213
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK typeahead.css
healthyfoodsfgs.com/noa/door/ 2 KB
2 KB 598ms
155ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/typeahead.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

087280e8c5432abfa73e746559de4572d34263fefac3484f125d09386cb836a7

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=99
Date: Mon, 11 May 2026 11:59:58 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 1681
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK project-jb-style.css
healthyfoodsfgs.com/noa/door/ 118 KB
119 KB 723ms
166ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/project-jb-style.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

ea367de6df1889913977d3895f8144334678dd679f9d641b67fc82585a97336b

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=95
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 121050
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK project-style.css
healthyfoodsfgs.com/noa/door/ 42 KB
43 KB 764ms
164ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/project-style.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

59cbf75521f37224126ca5245658398f41f4edb1d1c4abdd08274e9acfefd937

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=98
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 43025
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK css.css
healthyfoodsfgs.com/noa/door/ 15 KB
15 KB 176ms
175ms Stylesheet
text/css 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/css.css

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/theme-jb.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

792c90a99278257ce02b561b401f489f2bd5acf0147ded12115b92cc1fba2154

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/theme-jb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=99
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 15048
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
healthyfoodsfgs.com/noa/door/semi/ 23 KB
23 KB 177ms
176ms Font
font/woff 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/semi/glyphicons-halflings-regular.woff

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/theme.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://healthyfoodsfgs.com
sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=98
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:08 GMT
Content-Type: font/woff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 23320
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK iframe2.php Show response
healthyfoodsfgs.com/noa/ Frame 68D7 261 B
897 B 166ms
166ms Document
text/html 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/iframe2.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

2a3884ae359f0676ddf433943abf236b33779467605b18023f93a44a361edd2b

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Connection: Keep-Alive
Content-Security-Policy: report-to default
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:59 GMT
Keep-Alive: timeout=5, max=99
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
Transfer-Encoding: chunked
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK feature-icon-jobseeker.png
healthyfoodsfgs.com/noa/door/semi/ 2 KB
3 KB 222ms
221ms Image
image/png 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://healthyfoodsfgs.com/noa/door/semi/feature-icon-jobseeker.png

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/theme-jb.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

ace45ead21daa2882ca059516e1fc4de0ac8765a70bad777e2b77ffc4296c105

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/theme-jb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=97
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:08 GMT
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 2318
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK select-arrow-down.png
healthyfoodsfgs.com/noa/door/semi/ 198 B
868 B 151ms
151ms Image
image/png 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://healthyfoodsfgs.com/noa/door/semi/select-arrow-down.png

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/theme-jb.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

cd05e3cf4b3423d6af1aefe69bd8cf0b7184701f197680b7b40a2488a23ffb6b

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/theme-jb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=94
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:10 GMT
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 198
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK gr_custom-inputs-white.png
healthyfoodsfgs.com/noa/door/semi/ 1 KB
2 KB 146ms
145ms Image
image/png 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://healthyfoodsfgs.com/noa/door/semi/gr_custom-inputs-white.png

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/theme-jb.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

3a2795beb9aefd0dfdd3a6de8cf13b9d86e322a26cfa600b443fde7b17f6fec9

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/theme-jb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=99
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:08 GMT
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 1445
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK fontawesome-webfont.woff2
healthyfoodsfgs.com/noa/door/semi/ 75 KB
76 KB 147ms
146ms Font
font/woff2 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/semi/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/door/font-awesome.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://healthyfoodsfgs.com
sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/door/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:08 GMT
Content-Type: font/woff2
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK wmms-blk.svg Show response
healthyfoodsfgs.com/noa/door/ Frame 1071 5 KB
5 KB 349ms
217ms Document
image/svg+xml 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/wmms-blk.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

e3f871276a81f087b28dcadca177edf7511d7fdd6c8287c51030c4ac454296ab

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 4751
Content-Security-Policy: report-to default
Content-Type: image/svg+xml
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:59 GMT
Keep-Alive: timeout=5, max=98
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sig-blk-en.svg Show response
healthyfoodsfgs.com/noa/door/ Frame 8DBB 10 KB
11 KB 287ms
152ms Document
image/svg+xml 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/door/sig-blk-en.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 10710
Content-Security-Policy: report-to default
Content-Type: image/svg+xml
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 11 May 2026 11:59:59 GMT
Keep-Alive: timeout=5, max=93
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; preload
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H3 200 s.js Show response
waust.at/ Frame 68D7 7 KB
4 KB 159ms
76ms Script
application/x-javascript 104.26.4.7
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/noa/iframe2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.7 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03635e64afffd465cd2c59e0bc850fecde2aa979e55240e4737094633f50391

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"69fb8542-1c76"
age: 1019
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=D1Tw4k2JcOIUAl%2BI4Lu2IpZTFF1D60HzkfhdszgbGJZRa1BuFBrv4kTGoWPJ8TzCIWH%2F%2BNU27UwF9W8sX62ad4XKuxicqis3QOqOUjxICzq%2FL9t%2B801H7UJ2"}]}
expires: Tue, 12 May 2026 11:43:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 11 May 2026 11:59:59 GMT
content-type: application/x-javascript
last-modified: Wed, 06 May 2026 18:15:30 GMT
vary: accept-encoding
priority: u=3,i=?0
cache-control: max-age=86400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9fa1054ece2430ff-YVR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 / Show response
whos.amung.us/pingjs/ Frame 68D7 28 B
257 B 213ms
130ms Script
text/javascript 104.20.41.165
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://whos.amung.us/pingjs/?k=eywg3mp7fu&t=Ip%3A%2095.173.219.195%20-%20unn-95-173-219-195.datapacket.com%20%5Bt1%20details%5D&c=s&x=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&y=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&a=0&d=0.18&v=27&r=7454
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.41.165 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a5a105d16339aece59c9847806050c89fbcffa21e699141e47aa161e5694d2

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 9fa1054fd944da76-YVR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 11 May 2026 12:00:00 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: cloudflare
x-wau: web3
priority: u=3,i=?0

GET
H2 200 / Show response
t.dtscout.com/i/ Frame 68D7 8 KB
4 KB 352ms
191ms Script
application/javascript 172.67.70.180
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.180 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f59a4225a65b19ed546e9c5fa3e1f3dc10a82c04fcb9a17297c1b8641c4ae2

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vt9MKsLQ0tPLVzFUOskYtH8NkzgQejsA278Rm2EceGu1wJkx4Ivl1jhEAOINB4LqNT0dFM7ZxWNbATXT5%2FsytkMbnm3rKn887h26ebEErx%2BEZdpGLV6GgLGcgloN4E4%3D"}]}
x-t: 0.566
cf-ray: 9fa105505e5e3f21-YVR
expires: Mon, 11 May 2026 11:59:59 GMT
date: Mon, 11 May 2026 12:00:00 GMT
content-type: application/javascript
x-s: mtl1
server: cloudflare

GET
H/1.1 200
OK favicon.ico
healthyfoodsfgs.com/noa/ 5 KB
6 KB 223ms
222ms Other
image/x-icon 149.56.91.1
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://healthyfoodsfgs.com/noa/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.56.91.1 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

h8.a1center.net

Software

Apache /

Resource Hash

5034923843dc5d27b9e1556fd8205aac74a4776532c05107e6fccac51c447f71

Security Headers

Name	Value
Content-Security-Policy	report-to default
Strict-Transport-Security	max-age=2592000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=92
Date: Mon, 11 May 2026 11:59:59 GMT
Last-Modified: Tue, 13 Aug 2024 18:57:06 GMT
Content-Type: image/x-icon
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: report-to default
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Cross-Origin-Embedder-Policy: unsafe-none
Permissions-Policy: accelerometer=(), gyroscope=(), gamepad=()
Accept-Ranges: bytes
Content-Length: 5430
X-XSS-Protection: 1; mode=block
Server: Apache

GET
DATA 200
OK truncated
/ Frame 68D7 439 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 4D7B 1 KB
968 B 464ms
251ms Document
text/html 172.67.70.180
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001778500800B7D03FA2E4EECAA6BD
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.180 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e9daefb41b44e9a5800efdb3d756c1265823f7c56879b07e91a0d5b04e037f

Request headers

Referer: https://healthyfoodsfgs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9fa105534fc38e05-YVR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 May 2026 12:00:00 GMT
expires: Mon, 11 May 2026 11:59:59 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9UyfF2ytmcLAlwFffnfd4xm9gcwuDtPH%2BEc3g%2B5aqemz39LGje%2FKlHdRm5QdOgBj8Tj89MvJ9OX4%2BIugP70DmD2KHmVfRVKDhNeN4vjit6jOHNSvgwptKIafy2ZyWWg%3D"}]}
server: cloudflare
vary: accept-encoding

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 68D7 2 KB
2 KB 681ms
324ms Script
text/javascript 23.53.11.179
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=healthyfoodsfgs.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.53.11.179 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-53-11-179.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4b9c748e5a0a9822941611fb33145d5188f3f80ab343c0bd8e0e81bd917d03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

X-Robots-Tag: noindex, nofollow
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 11 May 2026 13:00:00 GMT
Content-Length: 1134
Date: Mon, 11 May 2026 12:00:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ Frame 68D7 0
153 B 584ms
128ms Script
text/plain 3.136.121.110
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.136.121.110 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-136-121-110.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Date: Mon, 11 May 2026 12:00:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 68D7 15 KB
6 KB 296ms
74ms Script
application/javascript 104.18.13.146
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.146 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d9d90be07f2c57f91cad6b8c4fd6e3406d1f32da8cd101e45b2aff68f44ea9

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"691e2757-3a58"
age: 179128
cf-ray: 9fa105535e883753-YVR
expires: Thu, 14 May 2026 12:00:00 GMT
date: Mon, 11 May 2026 12:00:00 GMT
content-type: application/javascript
last-modified: Wed, 19 Nov 2025 20:23:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 68D7 51 B
318 B 191ms
190ms Script
application/javascript 172.67.70.180
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=healthyfoodsfgs.com&_ss=yc20i8vwlb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=umb9&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.180 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a48ca1a43176f69e74a6c513f020ebbaebdafd5f7f9216ec61eab99571c0f63

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-c: 0
content-encoding: br
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6WDpUbYvQU9gcWmrYof2bVj1eLO4Z%2BUqv6sxaTMhuXmop%2Byxqc2fJgx6cfW4HcvJCCrnKaRfAElvMmuFbosYYBp%2FkeDZ2UfvLcRaO39pc7GPKAZghbkZdCAxAXB9JhQ%3D"}]}
x-t: 0.195
cf-ray: 9fa10551feed3f21-YVR
expires: Mon, 11 May 2026 11:59:59 GMT
date: Mon, 11 May 2026 12:00:00 GMT
content-type: application/javascript
server: cloudflare

GET
H2 200 mm.js Show response
p.mrktmtrcs.net/ Frame 68D7 39 KB
14 KB 298ms
78ms Script
application/javascript 104.26.15.100
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://p.mrktmtrcs.net/mm.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
content-encoding: br
cf-cache-status: HIT
etag: W/"682e3177-9c10"
age: 2781
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Fnl2UavL7qMIyLNRU7FDoDd2n5BYyd2fH7Zuo5m5p8yF%2BdFuxal9YLcSH4MPbZktOYAcrb2kfI4tSFY49NSsqZ7uHZgZT9rjuMyi%2BzGIlXMXFcblNlhilIIQclbY9Tnkhw%3D%3D"}]}
cf-ray: 9fa105535c78243a-YVR
date: Mon, 11 May 2026 12:00:00 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 20:03:03 GMT
server: cloudflare

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 477ms
204ms Image
image/gif 67.202.105.33
HIVELOCITY

General

Check archive.org

Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!eywg3mp7fu&lm=5&ts=1778500800710&dn=TC&iso=0&pu=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&r=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Findex2.php&t=Step%202%3A%20Personal%20information%20-%20Canadian%20Revenue%20Agency&chpv=19.0.0&chuav=Chromium%3Bv%3D148.0.0.0%2C%20Google%20Chrome%3Bv%3D148.0.0.0%2C%20Not-A.Brand%3Bv%3D24.0.0.0&chp=Windows&chmob=0&chua=Chromium%3Bv%3D148%2C%20Google%20Chrome%3Bv%3D148%2C%20Not-A.Brand%3Bv%3D24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.105.33 , United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag: "4bc8846c-23"
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges: bytes
content-length: 35
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 11 May 2026 12:00:01 GMT
content-type: image/gif
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 68D7 65 KB
20 KB 793ms
212ms Script
text/javascript 18.239.6.24
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.6.24 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-239-6-24.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a18b6db8c35bd7728e5256d4ce035e7898272ce007dd52c4dab69f26d2007d

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"d00e5ccaad3f46d8c1e17c5a7fa5317b"
age: 83137
via: 1.1 bdfe8096748affcfe410aa1a8d05a660.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bG5-1D6cHQgz7VIn9mR2wiXotfkEbje9JR66e2ln6HNGEfXYpcNJKg==
date: Sun, 10 May 2026 12:54:25 GMT
content-type: text/javascript
last-modified: Tue, 21 Apr 2026 21:27:05 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 68D7 0
575 B 405ms
251ms Script
application/javascript 172.67.74.186
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001778500800B7D03FA2E4EECAA6BD&nid=0&p=2114454483&t=420&s=1600x1200x24&u=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&r=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fiframe2.php&j=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL&wk=eywg3mp7fu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.186 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rpd%2FfP18BeR9NQOYNmrxihCIt2aEeEwmkx5opOLcXjYnAvps8R66Uz7NJ1nqaQRePsS%2Fcu0zjQpI5hi6lb7YZcVuHIe16KV%2BtTMSu5hr1h0WANspythNYQ394buefA%3D%3D"}]}
x-t: 2.97
cf-ray: 9fa10555e96e5fdd-YVR
expires: Mon, 11 May 2026 12:00:00 GMT
date: Mon, 11 May 2026 12:00:01 GMT
content-type: application/javascript; charset=UTF-8
x-server: web2.ny1.dtscdn.com
server: cloudflare

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 68D7 35 B
99 B 917ms
428ms Image
image/gif 37.187.82.52
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=6D001778500800B7D03FA2E4EECAA6BD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.82.52 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31746890.ip-37-187-82.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-type: image/gif
content-length: 35

GET
H2 200 v2 Show response
de.tynt.com/deb/ 894 B
2 KB 651ms
291ms Script
application/javascript 67.202.105.31
HIVELOCITY

General

Check archive.org

Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!eywg3mp7fu&dn=TC&cc=1&chpv=19.0.0&chuav=Chromium%3Bv%3D148.0.0.0%2C%20Google%20Chrome%3Bv%3D148.0.0.0%2C%20Not-A.Brand%3Bv%3D24.0.0.0&chp=Windows&chmob=0&chua=Chromium%3Bv%3D148%2C%20Google%20Chrome%3Bv%3D148%2C%20Not-A.Brand%3Bv%3D24&r=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Findex2.php&pu=https%3A%2F%2Fhealthyfoodsfgs.com%2Fnoa%2Fpersonal-info.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DLmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.105.31 , United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: df73cd5180d99ca6ee6205ecd65b00613266ca79ee6a5092a0a03e10ed4d8906

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 894
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date: Mon, 11 May 2026 12:00:01 GMT
content-type: application/javascript

GET
H/1.1 200
OK t_.htm Show response
pxdrop.lijit.com/a/ Frame 1D4E 2 KB
1 KB 600ms
250ms Document
text/html 23.53.11.179
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.2051.1148&cid=c026&cls=sync
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=healthyfoodsfgs.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.11.179 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-53-11-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 133387c425386fb7f3ffc26e6e4bd6ad5d9c0c46315f4d27735e1cf21f5d9f52

Request headers

Referer: https://healthyfoodsfgs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1153
Content-Type: text/html
Date: Mon, 11 May 2026 12:00:01 GMT
Expires: Mon, 18 May 2026 12:00:01 GMT
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
pxdrop.lijit.com/1.2051.1148/a/CA/ Frame 21DD 32 KB
11 KB 155ms
155ms Script
text/javascript 23.53.11.179
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://pxdrop.lijit.com/1.2051.1148/a/CA/t_.js?cid=c026&cls=sync
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.2051.1148&cid=c026&cls=sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.11.179 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-53-11-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 126a27aa500c8107f3068fe2ba472791449d0f11bb669abc8b6c2a253583162b

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.2051.1148&cid=c026&cls=sync
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

X-Robots-Tag: noindex, nofollow
Cache-Control: max-age=604800
Content-Encoding: gzip
Connection: keep-alive
Expires: Mon, 18 May 2026 12:00:01 GMT
Content-Length: 10601
Date: Mon, 11 May 2026 12:00:01 GMT
Content-Type: text/javascript

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 68D7 4 KB
1 KB 1048ms
248ms XHR
application/json 18.239.6.24
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.6.24 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-239-6-24.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
age: 1906
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 600IPf2VSt0okUQ0T11d87-u72bqhmdKvnmpgd38n4Y8crU1kL1oiw==
date: Mon, 11 May 2026 11:28:17 GMT
content-type: application/json
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 21 Apr 2026 21:27:05 GMT
cache-control: public, max-age=86400
via: 1.1 6379d6b929e2547683abd72037eea242.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: YUL62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 204
No Content pixel
ps.eyeota.net/ 0
64 B 626ms
140ms Image
text/plain 44.196.77.126
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.1&cat=33across
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Date: Mon, 11 May 2026 12:00:02 GMT

GET

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.2&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.2&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=db1d50ad-ed61-47c8-8422-5d2f77e099d5&bid=1e2n4ou

0
0

GET
H/1.1

204
No Content

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.3&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=WHieymoBxMFsZuxSexlE7w%3D%3D&us_privacy=&33random=1778500801479.3&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=be4cdb13-b64f-4cd1-8e1f-669f198b697d&bid=1e2n4ou

0
64 B

141ms
141ms

Image
text/plain

44.196.77.126
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=be4cdb13-b64f-4cd1-8e1f-669f198b697d&bid=1e2n4ou
Protocol: HTTP/1.1
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://healthyfoodsfgs.com/noa/personal-info.php?program=tax&target=details&lang=en&idp=cms;jsessnid=LmqievQSLSfZIHLGETOSayiMOQFPqSFWxVsVrcacFUGJVlLqouuXhfmuCEaL

Response headers

Date: Mon, 11 May 2026 12:00:04 GMT

Redirect headers

location: https://ps.eyeota.net/match?uid=be4cdb13-b64f-4cd1-8e1f-669f198b697d&bid=1e2n4ou
content-length: 191
date: Mon, 11 May 2026 12:00:03 GMT
server: Kestrel

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 68D7 418 B
1 KB 600ms
250ms XHR
application/json 3.218.172.113
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://bcp.crwdcntrl.net/6/data?xcid=3825

Requested by

Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.172.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-218-172-113.compute-1.amazonaws.com

Software

Resource Hash

8ff6c5812e553ecc935cf9f908e35c562638d312454114e517ee803e36d641cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://healthyfoodsfgs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://healthyfoodsfgs.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 418
date: Mon, 11 May 2026 12:00:03 GMT
content-type: application/json;charset=utf-8

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 62D8 2 KB
2 KB 1045ms
189ms Document
text/html 18.239.6.24
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.6.24 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-239-6-24.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d3103edf52aa362579d84cccb9ef10b395f2063c89e10335c756bc3a624a24b

Request headers

Referer: https://healthyfoodsfgs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

age: 17399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Mon, 11 May 2026 07:10:06 GMT
etag: W/"fd26505ce4f50091f08997179ab5755d"
last-modified: Tue, 10 Feb 2026 19:38:58 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ba26eb528096786e41b19dec29277dc6.cloudfront.net (CloudFront)
x-amz-cf-id: F65OrnG8lboK_1VYcWBGEDAv7Zb-H3KpZYos3QCrng65PIC6uWtcKQ==
x-amz-cf-pop: YUL62-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET pixels
bcp.crwdcntrl.net/ Frame CA22 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: healthyfoodsfgs.com
URL: https://healthyfoodsfgs.com/media/2024/12/cropped-HealtyFoods-Iso-White-32x32.png

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/match?uid=db1d50ad-ed61-47c8-8422-5d2f77e099d5&bid=1e2n4ou

Domain: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=41%2C92%2C54%2C136%2C135%2C168%2C49%2C81%2C33%2C31%2C122%2C121%2C26%2C164%2C22%2C116%2C154%2C106%2C104%2C7%2C100%2C145%2C2&lac=true&c=3825&ch=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22148%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22148%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2224%22%7D%5D%2C%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22148.0.0.0%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22148.0.0.0%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2219.0.0%22%7D

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

9 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phenomenalfilmproductions.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hn9msd3ol6a18epv90ebu93fvq
healthyfoodsfgs.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d8567d4b6c98f4d1724d7d3db21fb330
.dtscout.com/	1970-01-21 16:25:40	Name: df Value: 1778500800
.dtscout.com/	1970-01-21 16:09:50	Name: l Value: 6D001778500800B7D03FA2E4EECAA6BD
.healthyfoodsfgs.com/	1970-01-21 16:06:57	Name: __dtsu Value: 6D001778500800B7D03FA2E4EECAA6BD
.lijit.com/	1970-01-21 14:03:07	Name: lijitAcc3PC Value: 1
.dtscdn.com/	1970-01-21 18:19:26	Name: uid Value: 6D001778500800B7D03FA2E4EECAA6BD
.tynt.com/	1970-01-21 22:47:16	Name: uid Value: WHieymoBxMFsZuxSexlE7w==
.tynt.com/	1970-01-21 16:11:16	Name: pids Value: %5B%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A3%2C%22ts%22%3A1778500801479%7D%5D
.healthyfoodsfgs.com/	1970-01-21 20:30:28	Name: _pubcid Value: 0b4d92c8-a3db-4ade-9daf-9cc79201872e
.eyeota.net/	1970-01-21 22:47:16	Name: mako_uid Value: 19e16e8986a-182b0000010a55bb
.crwdcntrl.net/	1970-01-21 20:30:28	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 20:30:28	Name: _cc_id Value: 7954bb7c664730db39e0b5c25771ead7
.crwdcntrl.net/	1970-01-21 20:30:28	Name: _cc_cc Value: "ACZ4nGNQMLc0NUlKMk82MzMxNzZISTK2TDVIMk02MjU3N0xNTDFnAIIsxiOHGRAAAE3ACqw%3D"
.crwdcntrl.net/	1970-01-21 20:30:28	Name: _cc_aud Value: "ABR4nGNgYGDIYjxymAEOABd8AfM%3D"
.healthyfoodsfgs.com/	1970-01-21 20:30:28	Name: _cc_id Value: 7954bb7c664730db39e0b5c25771ead7
.healthyfoodsfgs.com/	1970-01-21 20:30:28	Name: _cc_cc Value: ACZ4nGNQMLc0NUlKMk82MzMxNzZISTK2TDVIMk02MjU3N0xNTDFnAIIsxiOHGRAAAE3ACqw%3D
.healthyfoodsfgs.com/	1970-01-21 20:30:28	Name: _cc_aud Value: ABR4nGNgYGDIYjxymAEOABd8AfM%3D
.healthyfoodsfgs.com/	1970-01-21 14:03:07	Name: panoramaId_expiry Value: 1778587203149
.eyeota.net/	1970-01-21 14:01:41	Name: SERVERID Value: 21947~DM
.adsrvr.org/	1970-01-21 22:47:16	Name: TDID Value: db1d50ad-ed61-47c8-8422-5d2f77e099d5
.adsrvr.org/	1970-01-21 22:47:16	Name: TDCPM Value: CAEYBSABKAIyCwjSgZmV8teXPxAFOAE.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn.tynt.com
de.tynt.com
healthyfoodsfgs.com
ic.tynt.com
match.adsrvr.org
mysticgarden.cz
p.mrktmtrcs.net
pd.sharethis.com
phenomenalfilmproductions.com
pixel.onaudience.com
ps.eyeota.net
pxdrop.lijit.com
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
waust.at
whos.amung.us
bcp.crwdcntrl.net
healthyfoodsfgs.com
ps.eyeota.net
104.18.13.146
104.20.41.165
104.26.15.100
104.26.4.7
149.56.91.1
172.67.70.180
172.67.74.186
18.239.6.24
209.38.222.216
23.53.11.179
3.136.121.110
3.218.172.113
35.71.131.137
37.187.82.52
44.196.77.126
67.202.105.31
67.202.105.33
95.217.117.68
087280e8c5432abfa73e746559de4572d34263fefac3484f125d09386cb836a7
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
126a27aa500c8107f3068fe2ba472791449d0f11bb669abc8b6c2a253583162b
133387c425386fb7f3ffc26e6e4bd6ad5d9c0c46315f4d27735e1cf21f5d9f52
17a18b6db8c35bd7728e5256d4ce035e7898272ce007dd52c4dab69f26d2007d
2a3884ae359f0676ddf433943abf236b33779467605b18023f93a44a361edd2b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cc052d474ce6ee267dd164a839814615a04865b2706d1bc1cb73160c55c549f
3a2795beb9aefd0dfdd3a6de8cf13b9d86e322a26cfa600b443fde7b17f6fec9
3d3103edf52aa362579d84cccb9ef10b395f2063c89e10335c756bc3a624a24b
409431c6d45382c6f353dc8d2dbeff98b90e88c1c728f263e7299d68a55dda53
41fbb280ed197740a1c526e9619c00510e2b32dcbba016261890c9052d3243de
5034923843dc5d27b9e1556fd8205aac74a4776532c05107e6fccac51c447f71
59cbf75521f37224126ca5245658398f41f4edb1d1c4abdd08274e9acfefd937
5a48ca1a43176f69e74a6c513f020ebbaebdafd5f7f9216ec61eab99571c0f63
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc61bfe2ccb3f56709bb280265ba2876ad9e64cb6b1aa68ba5c0baeb8d6e4b2
6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b
71e9daefb41b44e9a5800efdb3d756c1265823f7c56879b07e91a0d5b04e037f
792c90a99278257ce02b561b401f489f2bd5acf0147ded12115b92cc1fba2154
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840787fa147628e52a9ee2f640e98efdf524beb19bdf532f2d9fed83e494a00b
8ff6c5812e553ecc935cf9f908e35c562638d312454114e517ee803e36d641cc
a007ac9a6347fe7e809ea4e324d811f64eb9b2dd25bc95ca257c9757ad985503
a8f59a4225a65b19ed546e9c5fa3e1f3dc10a82c04fcb9a17297c1b8641c4ae2
ace45ead21daa2882ca059516e1fc4de0ac8765a70bad777e2b77ffc4296c105
b1d9d90be07f2c57f91cad6b8c4fd6e3406d1f32da8cd101e45b2aff68f44ea9
b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f
b9adc9d233ab5f39618b6fa8ff5b5a99aff51fbbe0cc4558e8f5024b15cc1281
cd05e3cf4b3423d6af1aefe69bd8cf0b7184701f197680b7b40a2488a23ffb6b
d03635e64afffd465cd2c59e0bc850fecde2aa979e55240e4737094633f50391
d6a5a105d16339aece59c9847806050c89fbcffa21e699141e47aa161e5694d2
df73cd5180d99ca6ee6205ecd65b00613266ca79ee6a5092a0a03e10ed4d8906
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f871276a81f087b28dcadca177edf7511d7fdd6c8287c51030c4ac454296ab
ea367de6df1889913977d3895f8144334678dd679f9d641b67fc82585a97336b
ed2382afa8f909b172b1590358f928f1cc4af8183b4789536614bf2277e62a1f
f4b9c748e5a0a9822941611fb33145d5188f3f80ab343c0bd8e0e81bd917d03a
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

healthyfoodsfgs.com 149.56.91.1 Malicious Activity! Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

91 %HTTPS

0 %IPv6

15 Domains

18 Subdomains

17 IPs

6 Countries

877 kBTransfer

973 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

healthyfoodsfgs.com
149.56.91.1 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

45
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

17
IPs

6
Countries

877 kB
Transfer

973 kB
Size

22
Cookies

45 HTTP transactions
1 data transactions