cbd.healthfindings.website Open in urlscan Pro
185.61.152.17 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cbd.healthfindings.website/StopPain/Restore.php
Submission: On August 19 via manual (August 19th 2021, 8:28:37 pm UTC) from US

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 20 domains to perform 72 HTTP transactions. The main IP is 185.61.152.17, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is cbd.healthfindings.website.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 4th 2020. Valid for: a year.

This is the only time cbd.healthfindings.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
19	185.61.152.17 185.61.152.17	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	109.106.250.143 109.106.250.143	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
8 10	34.253.133.188 34.253.133.188	16509 (AMAZON-02) (AMAZON-02)
4	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
7	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.196.76.242 18.196.76.242	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
72	22

19 185.61.152.17 (United Kingdom)

ASN22612 (NAMECHEAP-NET, US)
PTR: server129-3.web-hosting.com

cbd.healthfindings.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.106.250.143 (Germany)

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl91.hosting24.com

onedaytorunlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:bac8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.253.133.188 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.76.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-76-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	healthfindings.website cbd.healthfindings.website	1 MB
14	adroll.com 8 redirects s.adroll.com d.adroll.com	24 KB
7	gstatic.com fonts.gstatic.com	158 KB
7	facebook.com www.facebook.com	838 B
7	bing.com bat.bing.com	10 KB
5	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	779 B
3	facebook.net connect.facebook.net	169 KB
3	cloudflare.com cdnjs.cloudflare.com	34 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	openx.net 1 redirects us-u.openx.net	478 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	869 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	88 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	yahoo.com ads.yahoo.com	446 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	onedaytorunlive.com onedaytorunlive.com
0	trendingnewsnet.com Failed trendingnewsnet.com Failed
72	20

	Domain	Requested by
19	cbd.healthfindings.website	cbd.healthfindings.website
9	d.adroll.com	7 redirects cbd.healthfindings.website
7	fonts.gstatic.com	fonts.googleapis.com
7	www.facebook.com	cbd.healthfindings.website
7	bat.bing.com	cbd.healthfindings.website bat.bing.com
5	s.adroll.com	1 redirects www.googletagmanager.com cbd.healthfindings.website s.adroll.com
4	tr.outbrain.com	amplify.outbrain.com cbd.healthfindings.website
3	connect.facebook.net	cbd.healthfindings.website connect.facebook.net
3	cdnjs.cloudflare.com	cbd.healthfindings.website
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects cbd.healthfindings.website
2	ib.adnxs.com	1 redirects cbd.healthfindings.website
2	x.bidswitch.net	1 redirects cbd.healthfindings.website
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	cbd.healthfindings.website
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	cbd.healthfindings.website
1	idsync.rlcdn.com	cbd.healthfindings.website
1	ads.yahoo.com	cbd.healthfindings.website
1	d.adroll.mgr.consensu.org	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	amplify.outbrain.com	www.googletagmanager.com
1	onedaytorunlive.com	cbd.healthfindings.website
0	trendingnewsnet.com Failed	cbd.healthfindings.website
72	24

This site contains links to these domains. Also see Links.

Domain
thedoctors.healthfindings.website

Subject Issuer	Validity	Valid
*.healthfindings.website Sectigo RSA Domain Validation Secure Server CA	`2020-11-04` - `2021-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
onedaytorunlive.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-02-21`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
adroll.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cbd.healthfindings.website/StopPain/Restore.php
Frame ID: 4E037187F013A912EB0C9DF5F03DC3C5
Requests: 72 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dr. Phil

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

72
Requests

97 %
HTTPS

55 %
IPv6

20
Domains

24
Subdomains

22
IPs

6
Countries

1612 kB
Transfer

2427 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://thedoctors.healthfindings.website/click
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://s.adroll.com/j/exp/IB5XMLV6BBATJIWXRDSVMT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 40

https://d.adroll.mgr.consensu.org/consent/iabcheck/IB5XMLV6BBATJIWXRDSVMT?_s=11c27da275581b5a110d4d73139ed0ec&_b=2 HTTP 302
https://d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT/?_s=11c27da275581b5a110d4d73139ed0ec&_b=2

Request Chain 43

https://d.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&pv=17996246899.49406&cookie=&adroll_s_ref=&keyw=&conv_value=35&adroll_currency=USD HTTP 302
https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js

Request Chain 47

https://d.adroll.com/cm/r/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 48

https://d.adroll.com/cm/b/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM

Request Chain 49

https://d.adroll.com/cm/x/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM

Request Chain 50

https://d.adroll.com/cm/l/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=2b67aaf2e753a6289570c4a42a708e93

Request Chain 51

https://d.adroll.com/cm/o/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2b67aaf2e753a6289570c4a42a708e93 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=2b67aaf2e753a6289570c4a42a708e93

Request Chain 52

https://d.adroll.com/cm/g/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJIWXRDSVMT&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=K2eq8udTpiiVcMSkKnCOkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=K2eq8udTpiiVcMSkKnCOkw&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Restore.php Show response
cbd.healthfindings.website/StopPain/ 45 KB
14 KB 159ms
63ms Document
text/html 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 3afdc143316f6431de754b50ce49cda69782fa12ff682626bfb62fcf9fa8ce96

Request headers

:method: GET
:authority: cbd.healthfindings.website
:scheme: https
:path: /StopPain/Restore.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Aug 2021 20:28:18 GMT
server: LiteSpeed
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179534963-1

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a06a7dc8ee031c7c5f4a527557b262364f2584e6813c80893c683a01000db1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41009
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 19:13:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 20:28:18 GMT

GET
H2 200 styles.css
cbd.healthfindings.website/StopPain/css/ 19 KB
4 KB 39ms
38ms Stylesheet
text/css 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/css/styles.css
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3fa95bd37a4896f076d974fcc1336cbe96257584985bdb09fea0ce3532fbddf7

Request headers

:path: /StopPain/css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3702
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/ 94 KB
30 KB 15ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 847140
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29910
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1762a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12wbwg3VymibjVmupdaf7MfXO4nLL%2BGX6U%2FPjLgMDOYrzf0d42S6Bfxjh4ioQn%2BDzuVe6IPw9pY0tRRrvQac6LO%2F1M474gUPfsZWI12A3VaPNvdpi8t0kMkeePKDl5WKFAOrutAvJkkEWO1Qy%2FCi0Zjl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 681620a5a9602be9-FRA
expires: Tue, 09 Aug 2022 20:28:18 GMT

GET
H2 200 jquery.knob.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.11/ 11 KB
4 KB 20ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.11/jquery.knob.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5540673
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3222
cf-request-id: 0ab772c75200004a567a84e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-2a34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzw937AApi8VDwbtNDzR3Q%2BTXMD1QILmlxQrpXzHRmJRmniSwfOdzr7ySL9DgKe%2BKpzQIlTNLtB7Ahqp%2Bvu0k%2BEjLifKV8VKWy%2BjSe%2F3Hu90xrxiendvS%2Br2qOG6EA79D0gBLzRmVzB25Du4mdZ7Wssv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 681620a5a9632be9-FRA
expires: Tue, 09 Aug 2022 20:28:18 GMT

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/ 731 B
717 B 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1112060
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 382
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o65oPNpZy7UY9bo5VvzQadOhyrwhQXydNHy5neSqjugme3y7WmakT7nyqlVl4RMai0H5rH5eY33LK6S5pHZWuFiGiiHGgfFzBbtYtpzX6SXsEeBDoeHpsZeTv0ID5%2Bg0xKGXM3tPxgpGQxildA7H0NSj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 681620a5a9642be9-FRA
expires: Tue, 09 Aug 2022 20:28:18 GMT

GET
H2 200 jquery.classycountdown.js Show response
cbd.healthfindings.website/StopPain/js/ 33 KB
2 KB 39ms
39ms Script
application/javascript 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/js/jquery.classycountdown.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 59edb893416c6deac40d2b733caf988f4e8aee1e996d718436fcdddb55262fad

Request headers

:path: /StopPain/js/jquery.classycountdown.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 20:05:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1892
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 philoz.jpg
cbd.healthfindings.website/StopPain/images/ 354 KB
354 KB 39ms
38ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/philoz.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7c599a1f1acf20c1a93d38bc62e21b06b73728c5f664597fec4b4a4cd777a698

Request headers

:path: /StopPain/images/philoz.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 362124
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 1311c4b250ddf499f21d1f912991c2f3.jpg
cbd.healthfindings.website/StopPain/images/ 101 KB
101 KB 105ms
104ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/1311c4b250ddf499f21d1f912991c2f3.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: ed9e4c60df028e820ff6358d434c30d6d0cf2010981137b381ac986c4cb96419

Request headers

:path: /StopPain/images/1311c4b250ddf499f21d1f912991c2f3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:36 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 102990
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-2.jpg
cbd.healthfindings.website/StopPain/images/ 12 KB
13 KB 182ms
178ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d4e730980b14b141944005536f28f5092e367cef7bc1d78b409f43cec090f0e0

Request headers

:path: /StopPain/images/CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 12779
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 HappyHACCMan.jpg
cbd.healthfindings.website/StopPain/images/ 11 KB
11 KB 182ms
179ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/HappyHACCMan.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 65c50446ae3ec1cf77b8e71d703ac383f6babed6d1facf62f2ec228c30550d8f

Request headers

:path: /StopPain/images/HappyHACCMan.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11494
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 sam-elliott-e1557189275471.jpg
cbd.healthfindings.website/StopPain/images/ 24 KB
24 KB 184ms
181ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/sam-elliott-e1557189275471.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0e48a851744148120e20c50902cdea6f268c013eda78f87100d6cfa926ecce5c

Request headers

:path: /StopPain/images/sam-elliott-e1557189275471.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:36 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 24142
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 694940094001_5850457368001_5850420935001-vs.jpg
cbd.healthfindings.website/StopPain/images/ 64 KB
64 KB 204ms
201ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/694940094001_5850457368001_5850420935001-vs.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e8783a6e94254f7c6f710d69442152f7a3fdd5791fdd4e94bea126ad32e5c681

Request headers

:path: /StopPain/images/694940094001_5850457368001_5850420935001-vs.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 65086
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 image-resizer.jpg
cbd.healthfindings.website/StopPain/images/ 368 KB
369 KB 206ms
202ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/image-resizer.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 912a9915fedc0c1b4e4e78b512e79971b003bbdbce42cf4a581760f4bef748a7

Request headers

:path: /StopPain/images/image-resizer.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 377256
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 gg.png
cbd.healthfindings.website/ 93 KB
94 KB 207ms
204ms Image
image/png 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/gg.png
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 907c45eedc70bde35f934982a14a722ce95acabb53a0cdf007efdcc530f5c24d

Request headers

:path: /gg.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Fri, 21 May 2021 20:40:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 95718
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 prof10.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
3 KB 210ms
207ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof10.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767

Request headers

:path: /StopPain/images/prof10.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2472
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 prof2.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
3 KB 211ms
208ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad

Request headers

:path: /StopPain/images/prof2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2443
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 pp2.jpg
cbd.healthfindings.website/StopPain/images/ 13 KB
14 KB 267ms
265ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 79a3b0af421c0e4d2f02dc0e777b823100527ea9e28ae1345d3a19a35ede2105

Request headers

:path: /StopPain/images/pp2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 13602
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 prof5.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
2 KB 268ms
265ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof5.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2

Request headers

:path: /StopPain/images/prof5.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2232
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 prof6.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
2 KB 268ms
266ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof6.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a

Request headers

:path: /StopPain/images/prof6.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1814
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 pp5.jpg
cbd.healthfindings.website/StopPain/images/ 13 KB
13 KB 268ms
266ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp5.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 074c3fee1b061ff55a401621ad8c073e912425b70bf05ba2f1c57622d8f00668

Request headers

:path: /StopPain/images/pp5.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 13249
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 prof8.jpg
cbd.healthfindings.website/StopPain/images/ 3 KB
3 KB 268ms
266ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof8.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba

Request headers

:path: /StopPain/images/prof8.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2717
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H2 200 pp6.jpg
cbd.healthfindings.website/StopPain/images/ 11 KB
12 KB 282ms
280ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp6.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 596492fc8fdb5fc82f4a85b54b4a52ed6596f4f8d75d5e04808dfa4cb1688d7e

Request headers

:path: /StopPain/images/pp6.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cbd.healthfindings.website
referer: https://cbd.healthfindings.website/StopPain/Restore.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11573
expires: Thu, 26 Aug 2021 20:28:18 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
48 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22c0de0729e0775043ebcdcdb45a3cf1cd36a83db9fbca0a8eb8f72bf0ad1f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48834
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 19:13:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 20:28:18 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: F7F8A20F317842DCA5A6046AD0A21042 Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179534963-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3104
date: Thu, 19 Aug 2021 19:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 21:36:34 GMT

GET
H2 404 video-bg-normal.jpg
onedaytorunlive.com/img/ 0
0 412ms
125ms Image
text/html 109.106.250.143
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onedaytorunlive.com/img/video-bg-normal.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.106.250.143 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: cpl91.hosting24.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 27011139.js Show response
bat.bing.com/p/action/ 0
92 B 306ms
306ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/27011139.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: D01D53908CBC4E2EA067308130B6BEDF Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=27011139&Ver=2&mid=a57dfb63-fb17-45c0-9b50-0cffc63b6e52&sid=fd25cdc0012b11ecacced1cec7ca81e5&vid=fd25e0b0012b11eca4a52fe480dead37&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=370&evt=pageLoad&msclkid=N&sv=1&rn=965344
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2545543F9F85450091AA0A452F840B5E Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15327201.js Show response
bat.bing.com/p/action/ 0
109 B 193ms
193ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/15327201.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: DD0C2E2244BF44C6855E93475F03E17E Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15327201&Ver=2&mid=965f4a37-4781-437b-ae1e-2cf184e0f827&sid=fd25cdc0012b11ecacced1cec7ca81e5&vid=fd25e0b0012b11eca4a52fe480dead37&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=370&evt=pageLoad&msclkid=N&sv=1&rn=291056
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 234919D7C5504E219D2636F89A9EF124 Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1446338529&t=pageview&_s=1&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&ul=en-us&de=UTF-8&dt=Dr.%20Phil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1526442988&gjid=301648954&cid=1456836178.1629404898&tid=UA-179534963-1&_gid=1882944413.1629404898&_r=1&gtm=2ou8i0&z=1837255103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 20:28:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cbd.healthfindings.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 96ms
26ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 20:28:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Thu, 19 Aug 2021 20:48:18 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 44 KB
15 KB 21ms
6ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 222f47a5e4e424714c9f9198001e343610ab1616ac4c7f585c85ab70ff616e1a

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fqsssg89_BmJPAP8by9dhQEwQhKvwF2Y
Content-Encoding: gzip
ETag: "a1f84e5b42f0e9274c1d471f5ef477f3"
x-amz-request-id: BGHE9YQ3TWJ9YXT1
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 14412
x-amz-id-2: lvuXMqJlEd/CyIbJwBJPSwSQmV2lZgMI3Nqc40aXa1qDfDH5YxcYiGBv1u8YwrTGZq1atUFmNEE=
Last-Modified: Thu, 12 Aug 2021 22:50:35 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 20:28:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: FDDReRmV75uN078EVEiGHmvayHv09+KDy1Hb2EiBCOJMHC8n6xr91GlhvGwjSOU3+k0ynDLEqEMbA6s/TtGX3A==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 19 Aug 2021 20:28:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-179534963-1&cid=1456836178.1629404898&jid=1526442988&gjid=301648954&_gid=1882944413.1629404898&_u=YEBAAUAAAAAAAC~&z=1702638684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 20:28:18 GMT
content-type: text/plain
access-control-allow-origin: https://cbd.healthfindings.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15327707.js Show response
bat.bing.com/p/action/ 0
110 B 223ms
222ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/15327707.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 7F9A61ACE25840E9B3D3431A76BBF660 Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15327707&Ver=2&mid=9f05da8b-9b57-493e-a705-a59917b74dcb&sid=fd25cdc0012b11ecacced1cec7ca81e5&vid=fd25e0b0012b11eca4a52fe480dead37&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=370&evt=pageLoad&msclkid=N&sv=1&rn=986008
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D2542D3D5A2A44A29367A5F23DC30AD3 Ref B: FRAEDGE1217 Ref C: 2021-08-19T20:28:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 411561462880558 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 211ms
210ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411561462880558?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a33682a9c6e423e6fd410e3cd65d2343b7ed128496bdf26e68d0c83c32b0f86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ZTTxu2F3o9zvwAZnjAOMhPDdwbQZ3JzZY2+ElBKrJyiKQKxDsWMFUDXCgxJJJdUspLtXwUrn29IJ1X7t1oaOQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 20:28:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/IB5XMLV6BBATJIWXRDSVMT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: X7H8MMPX5WFXA520
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: xGc9S8mduswjIqyXNMlFXzdoOZOxNg0LRFjDe4C8oPYlpl3WxL3L2+3UrXKHjSaRBd41njhJebg=
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 20:28:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 19 Aug 2021 20:28:18 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/ 0
773 B 736ms
700ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mPs8IDc6cDBQvl4cqPC4iCIxu80QnLB8
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: HTE5Z0HV32KZA8S6
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: 8J9hrULSrELV3b1JBBGZeizvob1+SOoH4qEixiOgxscGEqudcGqRge0dlCPIgFbV9hDRSbyTkIA=
Last-Modified: Wed, 18 Aug 2021 22:30:58 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 20:28:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/IB5XMLV6BBATJIWXRDSVMT?_s=11c27da275581b5a110d4d73139ed0ec&_b=2
https://d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT/?_s=11c27da275581b5a110d4d73139ed0ec&_b=2

396 B
863 B

44ms
43ms

Script
application/javascript

34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT/?_s=11c27da275581b5a110d4d73139ed0ec&_b=2
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 7c37d1ac15db2498050d6e87e37b991d696e86902959db49f577f5d770388668

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 20:28:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 396
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT/?_s=11c27da275581b5a110d4d73139ed0ec&_b=2
date: Thu, 19 Aug 2021 20:28:18 GMT
server: nginx/1.20.0
content-length: 105

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 385ms
96ms Script
application/javascript 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00aef8f39a458de8816ecaacea5f575566
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 20:28:18 GMT
content-encoding: gzip
X-TraceId: 95aff9d9334c685170e66d72edc898f0
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 417ms
102ms Image
image/gif 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00aef8f39a458de8816ecaacea5f575566&obApiVersion=1.0-gtm&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&optOut=false&bust=028345348143044324
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 20:28:18 GMT
Cache-Control: no-cache
X-TraceId: 19fec8eeb9a20fb864ac647820486d66
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1

200
OK

2BSWWYNTQVANPEH65BK7SO.js Show response
s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/
Redirect Chain

https://d.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FResto...
https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js

3 KB
2 KB

716ms
715ms

Script
text/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87ce2a615bc6d2be5c127c56cbcbffd6473b51eda3bfe565effa78e6cd8569c7

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: J0jyJVTotjstr.b419rchgV3wwKsI0ik
Content-Encoding: gzip
ETag: "e7eb2485d3625e5df8baf359ebbd99f1"
x-amz-request-id: HTE3D2YFYBGCE2A8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1353
x-amz-id-2: bYeBsiSBZiY2RzPtcYgMT3hQIk0BQ4cqUApNjXWgEqTE7cXJUJfOd5Iq0BY4ZsE6QhgSL7BFdTw=
Last-Modified: Tue, 08 Dec 2020 23:54:52 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 20:28:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 35
server: nginx/1.20.0
x-rule: *
date: Thu, 19 Aug 2021 20:28:18 GMT
x-segment-eid: 2BSWWYNTQVANPEH65BK7SO
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: 32FNGCRGJBG2PPHERVTTSM
x-segment-name: *
x-advertisable-eid: IB5XMLV6BBATJIWXRDSVMT
content-length: 0
x-conversion-currency: USD

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1629404898708&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629404898707.1971994315&it=1629404898467&coo=false&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 20:28:18 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=Microdata&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1629404899211&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Dr.%20Phil%22%2C%22meta%3Adescription%22%3A%22Dr.%20Phil%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Dr.%20Phil%22%2C%22og%3Adescription%22%3A%22Dr.%20Phil%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629404898707.1971994315&it=1629404898467&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H3-29 200 580923396006047 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 134ms
133ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580923396006047?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abe2dbe3d9a0b7fcedc3997ef5a8ba73b5d283b3a07efca631b28526d9a1c992

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: WwF0E39d14AkfmFRQOA0yhG9f878WoVfvBa3Mtp4oqLEOM5Ny33OjynGgZKK6EJ2MB9sS5aTsWi9t1T8Oz0tTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 20:28:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
446 B

22ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Thu, 19 Aug 2021 20:28:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://x.bidswitch.net/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM

43 B
343 B

22ms
22ms

Image
image/gif

18.196.76.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.76.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-76-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM
date: Thu, 19 Aug 2021 20:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://ib.adnxs.com/setuid?entity=172&code=MmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM

43 B
1 KB

67ms
66ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 20:28:19 GMT
X-Proxy-Origin: 185.236.201.226; 185.236.201.226; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f9fc7f3e-fdac-449a-b33b-bf0d87e79ec8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 20:28:19 GMT
X-Proxy-Origin: 185.236.201.226; 185.236.201.226; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ac7e4d65-4c6f-44e4-83ea-b9a258292790
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMmI2N2FhZjJlNzUzYTYyODk1NzBjNGE0MmE3MDhlOTM
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

451

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://idsync.rlcdn.com/377928.gif?partner_uid=2b67aaf2e753a6289570c4a42a708e93

0
66 B

67ms
27ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=2b67aaf2e753a6289570c4a42a708e93
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/377928.gif?partner_uid=2b67aaf2e753a6289570c4a42a708e93
pragma: no-cache
date: Thu, 19 Aug 2021 20:28:19 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 86
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2b67aaf2e753a6289570c4a42a708e93
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=2b67aaf2e753a6289570c4a42a708e93

43 B
180 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=2b67aaf2e753a6289570c4a42a708e93
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 20:28:19 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=2b67aaf2e753a6289570c4a42a708e93
date: Thu, 19 Aug 2021 20:28:19 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=d09e43f4dcac8c2804820eae6960b751-1629404898684&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&xid_ch=f&advertisable=IB5XMLV6BBATJI...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=K2eq8udTpiiVcMSkKnCOkw
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=K2eq8udTpiiVcMSkKnCOkw&google_tc=
https://d.adroll.com/cm/g/in

42 B
536 B

43ms
43ms

Image
image/gif

34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 20:28:19 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 20:28:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580923396006047&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1629404899617&cd[segment_eid]=2BSWWYNTQVANPEH65BK7SO&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=29&fbp=fb.1.1629404899616.343817935&it=1629404898467&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 104ms
103ms Image
image/gif 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00aef8f39a458de8816ecaacea5f575566&obApiVersion=1.0-gtm&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php%23!%2Fbackbtn&optOut=false&bust=020022667526431004
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 20:28:19 GMT
Cache-Control: no-cache
X-TraceId: 4ec0436031eb31c5d8cfcf6ff7b67f64
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php%23!%2Fbackbtn&rl=&if=false&ts=1629404899836&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1629404899616.343817935&it=1629404898467&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580923396006047&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php%23!%2Fbackbtn&rl=&if=false&ts=1629404899837&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=29&fbp=fb.1.1629404899616.343817935&it=1629404898467&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 97ms
95ms Image
image/gif 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00aef8f39a458de8816ecaacea5f575566&obApiVersion=1.0-gtm&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&optOut=false&bust=0521426513213181
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 20:28:19 GMT
Cache-Control: no-cache
X-TraceId: 238e833a3e065f2a6f350613bc61e3ae
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1629404899838&sw=1600&sh=1200&v=2.9.44&r=stable&ec=3&o=30&fbp=fb.1.1629404899616.343817935&it=1629404898467&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580923396006047&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1629404899839&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=29&fbp=fb.1.1629404899616.343817935&it=1629404898467&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 20:28:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 20:28:19 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 19:31:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
946 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

085f3e3775989a5324a98d6bd9e67431b85dde78802c17eb2221a36759ff50fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:28:20 GMT
server: ESF
date: Thu, 19 Aug 2021 20:28:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 20:28:20 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c247a4fedfd552f87cc23cc7351b9806a3468268047cfa8a3323c7d26f633ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:04:35 GMT
x-content-type-options: nosniff
age: 210225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22548
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:08:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 10:04:35 GMT

GET
H2 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 22 KB
22 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 12:16:39 GMT
x-content-type-options: nosniff
age: 202301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22864
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:08:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:16:39 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3QyNr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 22 KB
22 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3QyNr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84cb469b55c28dff09ba7d3bf153fcbccdfaff024ce4f97b07fadb0e380f2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:49:25 GMT
x-content-type-options: nosniff
age: 250735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22848
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:09:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 22:49:25 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 23 KB
24 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147de4f28324ee3537c8f601d4e36afe0bbb8319fdaa827973f2afa91844e7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 23:51:03 GMT
x-content-type-options: nosniff
age: 247037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23936
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:09:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 23:51:03 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 22 KB
22 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:46:33 GMT
x-content-type-options: nosniff
age: 6107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22492
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 18:46:33 GMT

GET
H2 200 tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
fonts.gstatic.com/s/droidserif/v13/ 20 KB
20 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

629eb98fdc13c8240c7e854c897a9b0ca30127e0ea32fafea172d898398c2d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 03:57:46 GMT
x-content-type-options: nosniff
age: 232234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20528
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:57:46 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
26 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed:300,400,500,600%7CDroid+Serif:400,400i,700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbd.healthfindings.website
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:05:59 GMT
x-content-type-options: nosniff
age: 199341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:05:59 GMT

GET bg_close.jpg
trendingnewsnet.com/xr/files/ 0
0

GET popmin.css
trendingnewsnet.com/xr/files/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trendingnewsnet.com
URL: https://trendingnewsnet.com/xr/files/bg_close.jpg

Domain: trendingnewsnet.com
URL: http://trendingnewsnet.com/xr/files/popmin.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.healthfindings.website/	1970-01-19 22:46:20	Name: _fbp Value: fb.1.1629404899616.343817935

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.googleapis.com
amplify.outbrain.com
bat.bing.com
cbd.healthfindings.website
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
onedaytorunlive.com
s.adroll.com
stats.g.doubleclick.net
tr.outbrain.com
trendingnewsnet.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
trendingnewsnet.com
109.106.250.143
172.217.16.130
18.196.76.242
185.33.220.243
185.61.152.17
2.18.234.190
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c08::9b
2a02:26f0:6c00::210:bac8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.253.133.188
35.244.159.8
35.244.174.68
70.42.32.191
074c3fee1b061ff55a401621ad8c073e912425b70bf05ba2f1c57622d8f00668
085f3e3775989a5324a98d6bd9e67431b85dde78802c17eb2221a36759ff50fd
0e48a851744148120e20c50902cdea6f268c013eda78f87100d6cfa926ecce5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
147de4f28324ee3537c8f601d4e36afe0bbb8319fdaa827973f2afa91844e7c2
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
222f47a5e4e424714c9f9198001e343610ab1616ac4c7f585c85ab70ff616e1a
22c0de0729e0775043ebcdcdb45a3cf1cd36a83db9fbca0a8eb8f72bf0ad1f11
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3a33682a9c6e423e6fd410e3cd65d2343b7ed128496bdf26e68d0c83c32b0f86
3afdc143316f6431de754b50ce49cda69782fa12ff682626bfb62fcf9fa8ce96
3fa95bd37a4896f076d974fcc1336cbe96257584985bdb09fea0ce3532fbddf7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
596492fc8fdb5fc82f4a85b54b4a52ed6596f4f8d75d5e04808dfa4cb1688d7e
59edb893416c6deac40d2b733caf988f4e8aee1e996d718436fcdddb55262fad
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
629eb98fdc13c8240c7e854c897a9b0ca30127e0ea32fafea172d898398c2d5d
65c50446ae3ec1cf77b8e71d703ac383f6babed6d1facf62f2ec228c30550d8f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79a3b0af421c0e4d2f02dc0e777b823100527ea9e28ae1345d3a19a35ede2105
7c37d1ac15db2498050d6e87e37b991d696e86902959db49f577f5d770388668
7c599a1f1acf20c1a93d38bc62e21b06b73728c5f664597fec4b4a4cd777a698
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
87ce2a615bc6d2be5c127c56cbcbffd6473b51eda3bfe565effa78e6cd8569c7
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba
907c45eedc70bde35f934982a14a722ce95acabb53a0cdf007efdcc530f5c24d
912a9915fedc0c1b4e4e78b512e79971b003bbdbce42cf4a581760f4bef748a7
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
a06a7dc8ee031c7c5f4a527557b262364f2584e6813c80893c683a01000db1b9
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
abe2dbe3d9a0b7fcedc3997ef5a8ba73b5d283b3a07efca631b28526d9a1c992
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
c247a4fedfd552f87cc23cc7351b9806a3468268047cfa8a3323c7d26f633ffe
d4e730980b14b141944005536f28f5092e367cef7bc1d78b409f43cec090f0e0
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e84cb469b55c28dff09ba7d3bf153fcbccdfaff024ce4f97b07fadb0e380f2bd
e8783a6e94254f7c6f710d69442152f7a3fdd5791fdd4e94bea126ad32e5c681
ed9e4c60df028e820ff6358d434c30d6d0cf2010981137b381ac986c4cb96419
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

cbd.healthfindings.website Open in urlscan Pro 185.61.152.17 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

55 %IPv6

20 Domains

24 Subdomains

22 IPs

6 Countries

1612 kBTransfer

2427 kBSize

1 Cookies

1 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cbd.healthfindings.website Open in urlscan Pro
185.61.152.17 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

55 %
IPv6

20
Domains

24
Subdomains

22
IPs

6
Countries

1612 kB
Transfer

2427 kB
Size

1
Cookies

72 HTTP transactions
0 data transactions