cbd.healthfindings.website Open in urlscan Pro
185.61.152.17 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cbd.healthfindings.website/StopPain/Restore.php
Submission: On September 14 via api (September 14th 2023, 10:49:50 pm UTC) from US — Scanned from US

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 56 HTTP transactions. The main IP is 185.61.152.17, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is cbd.healthfindings.website.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2022. Valid for: a year.

This is the only time cbd.healthfindings.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
19	185.61.152.17 185.61.152.17	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.245.214.84 216.245.214.84	46475 (LIMESTONE...) (LIMESTONENETWORKS)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2	23.199.49.127 23.199.49.127	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	2600:9000:23c... 2600:9000:23cb:2000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f00d:115:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1 2	2600:1f18:61c... 2600:1f18:61c0:2204:88f:7f81:1924:3a44	14618 (AMAZON-AES) (AMAZON-AES)
1	3.218.16.35 3.218.16.35	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f10... 2a03:2880:f10d:183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
56	16

19 185.61.152.17 (United Kingdom)

ASN22612 (NAMECHEAP-NET, US)
PTR: server129-3.web-hosting.com

cbd.healthfindings.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.245.214.84 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 84-214-245-216.static.reverse.lstn.net

onedaytorunlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.199.49.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-49-127.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:23cb:2000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00d:115:face:b00c:0:3 (Los Angeles, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:61c0:2204:88f:7f81:1924:3a44 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.16.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-16-35.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10d:183:face:b00c:0:25de (Los Angeles, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	healthfindings.website cbd.healthfindings.website	1 MB
10	adroll.com 3 redirects s.adroll.com — Cisco Umbrella Rank: 3293 d.adroll.com — Cisco Umbrella Rank: 1465 ipv4.d.adroll.com — Cisco Umbrella Rank: 12133	31 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 421	14 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3248 tr.outbrain.com — Cisco Umbrella Rank: 2995 wave.outbrain.com — Cisco Umbrella Rank: 3199	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	247 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	302 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	34 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	208 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 905 script.hotjar.com — Cisco Umbrella Rank: 1125	59 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	353 B
1	onedaytorunlive.com onedaytorunlive.com	204 B
56	12

	Domain	Requested by
19	cbd.healthfindings.website	cbd.healthfindings.website
7	s.adroll.com	2 redirects www.googletagmanager.com cbd.healthfindings.website s.adroll.com
7	bat.bing.com	cbd.healthfindings.website bat.bing.com
3	www.facebook.com	cbd.healthfindings.website
3	connect.facebook.net	cbd.healthfindings.website connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdnjs.cloudflare.com	cbd.healthfindings.website
3	www.googletagmanager.com	cbd.healthfindings.website www.googletagmanager.com
2	d.adroll.com	1 redirects s.adroll.com
2	tr.outbrain.com	amplify.outbrain.com
1	ipv4.d.adroll.com	cbd.healthfindings.website
1	stats.g.doubleclick.net	www.google-analytics.com
1	wave.outbrain.com	amplify.outbrain.com
1	script.hotjar.com	static.hotjar.com
1	amplify.outbrain.com	www.googletagmanager.com
1	onedaytorunlive.com	cbd.healthfindings.website
1	static.hotjar.com	cbd.healthfindings.website
56	17

This site contains links to these domains. Also see Links.

Domain
thedoctors.healthfindings.website

Subject Issuer	Validity	Valid
*.healthfindings.website Sectigo RSA Domain Validation Secure Server CA	`2022-12-22` - `2024-01-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
onedaytorunlive.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cbd.healthfindings.website/StopPain/Restore.php
Frame ID: 4EBF7C2127A0B0877278341EADC1F4BC
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dr. Phil

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

95 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

2
Countries

2199 kB
Transfer

6609 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://thedoctors.healthfindings.website/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://s.adroll.com/j/exp/IB5XMLV6BBATJIWXRDSVMT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 44

https://s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 49

https://d.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM?adroll_fpc=5b79026da8358bb51b0bce555a58b813-1694731781338&pv=37152789773.71226&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&cookie=&adroll_s_ref=&keyw=&conv_value=35&adroll_currency=USD&p0=630 HTTP 302
https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Restore.php Show response
cbd.healthfindings.website/StopPain/ 46 KB
15 KB 612ms
272ms Document
text/html 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: f35d90682eff9386920e289024377d9afb52de8039ff25e49cc779450a94ffa2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 14792
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 22:49:40 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 270ms
93ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179534963-1

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d390748ccc28edeb9da34d0c048bdbba1ea710a003ae079acbe9aae7f266589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68734
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 21:25:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 22:49:40 GMT

GET
H2 200 styles.css
cbd.healthfindings.website/StopPain/css/ 19 KB
4 KB 146ms
145ms Stylesheet
text/css 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/css/styles.css
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3fa95bd37a4896f076d974fcc1336cbe96257584985bdb09fea0ce3532fbddf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3702
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/ 94 KB
30 KB 229ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 615259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29866
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-74aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlpp0oy1YBvM5XpfghUf5QwT61ydeCxhdWExY3S9b%2FfvTKfR02QpbDOfft%2FoP%2BUmgLyrIAs8MnYSLPBwIWUU4OeC8rAU%2BAEvXHmY815xTvIuNhYYXK7mDE%2B01hDIc8stVgcTB0qNgnpg9YpgSN24xJ6J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 806c2f3c8fe74bbb-BUF
expires: Tue, 03 Sep 2024 22:49:40 GMT

GET
H2 200 jquery.knob.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.11/ 11 KB
3 KB 232ms
56ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.11/jquery.knob.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3817123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3223
last-modified: Thu, 22 Jun 2023 11:05:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b10-c97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkEGVbon6RLsvI%2Fr%2Bi5iEThdhdFLtP3QCZor4CCtLRt5r%2B53s4jiXR6Lo4XkIrSd0wWPcPHioZtDGuOX%2BxAxc%2B0qT1bMKfQN%2F2Ex8HvSJdvIAH6vB8N2mvBfMNUAx5H3XwlNL4xmmrO%2Bq4ZTnug0bC%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 806c2f3c8fe84bbb-BUF
expires: Tue, 03 Sep 2024 22:49:40 GMT

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/ 731 B
731 B 231ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.min.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4187937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 383
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-17f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQenfR1dgOdYGmP0N7skT%2BVuj82Vu9qe0dFFgl3PbwHamKePqQZaNf9gDjc3it2RWjwC5%2BzRSnrgfIxSAGBmZAy8%2FVNiRyNYno%2FSUSo%2FxmcdAZEGqgevzMzsPx5%2BqyfWa0nee1vYmW6%2BUwmw4fn%2FL5%2FE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 806c2f3c8fe94bbb-BUF
expires: Tue, 03 Sep 2024 22:49:40 GMT

GET
H2 200 jquery.classycountdown.js Show response
cbd.healthfindings.website/StopPain/js/ 33 KB
2 KB 147ms
146ms Script
application/javascript 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cbd.healthfindings.website/StopPain/js/jquery.classycountdown.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 59edb893416c6deac40d2b733caf988f4e8aee1e996d718436fcdddb55262fad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 20:05:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1892
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 philoz.jpg
cbd.healthfindings.website/StopPain/images/ 354 KB
354 KB 142ms
141ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/philoz.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7c599a1f1acf20c1a93d38bc62e21b06b73728c5f664597fec4b4a4cd777a698

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 362124
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 im11.png
cbd.healthfindings.website/StopPain/ 3 MB
0 839ms
836ms Image
image/png 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/im11.png
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Mon, 14 Feb 2022 21:49:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3904324
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-2.jpg
cbd.healthfindings.website/StopPain/images/ 12 KB
13 KB 977ms
973ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d4e730980b14b141944005536f28f5092e367cef7bc1d78b409f43cec090f0e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 12779
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 HappyHACCMan.jpg
cbd.healthfindings.website/StopPain/images/ 11 KB
11 KB 978ms
974ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/HappyHACCMan.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 65c50446ae3ec1cf77b8e71d703ac383f6babed6d1facf62f2ec228c30550d8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11494
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 sam-elliott-e1557189275471.jpg
cbd.healthfindings.website/StopPain/images/ 24 KB
24 KB 983ms
979ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/sam-elliott-e1557189275471.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0e48a851744148120e20c50902cdea6f268c013eda78f87100d6cfa926ecce5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:36 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 24142
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 694940094001_5850457368001_5850420935001-vs.jpg
cbd.healthfindings.website/StopPain/images/ 64 KB
64 KB 983ms
980ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/694940094001_5850457368001_5850420935001-vs.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e8783a6e94254f7c6f710d69442152f7a3fdd5791fdd4e94bea126ad32e5c681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 65086
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 image-resizer.jpg
cbd.healthfindings.website/StopPain/images/ 368 KB
369 KB 1126ms
1122ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/image-resizer.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 912a9915fedc0c1b4e4e78b512e79971b003bbdbce42cf4a581760f4bef748a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 377256
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 mg.png
cbd.healthfindings.website/ 615 KB
616 KB 1126ms
1123ms Image
image/png 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/mg.png
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 08690966c12a3b844dc48179995f054cdc17e066fa4447706c2505b0ecc8bf57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Tue, 31 Jan 2023 22:10:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 629822
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 prof10.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
3 KB 1123ms
1120ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof10.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2472
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 prof2.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
3 KB 1124ms
1121ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2443
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 pp2.jpg
cbd.healthfindings.website/StopPain/images/ 13 KB
14 KB 1896ms
1893ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp2.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 79a3b0af421c0e4d2f02dc0e777b823100527ea9e28ae1345d3a19a35ede2105

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 13602
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 prof5.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
2 KB 1896ms
1894ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof5.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2232
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 prof6.jpg
cbd.healthfindings.website/StopPain/images/ 2 KB
2 KB 1942ms
1939ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof6.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1814
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 pp5.jpg
cbd.healthfindings.website/StopPain/images/ 13 KB
13 KB 1947ms
1944ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp5.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 074c3fee1b061ff55a401621ad8c073e912425b70bf05ba2f1c57622d8f00668

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 13249
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 prof8.jpg
cbd.healthfindings.website/StopPain/images/ 3 KB
3 KB 1947ms
1945ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/prof8.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2717
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 pp6.jpg
cbd.healthfindings.website/StopPain/images/ 11 KB
12 KB 1948ms
1946ms Image
image/jpeg 185.61.152.17
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbd.healthfindings.website/StopPain/images/pp6.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.61.152.17 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 596492fc8fdb5fc82f4a85b54b4a52ed6596f4f8d75d5e04808dfa4cb1688d7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 15 Apr 2020 20:05:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11573
expires: Thu, 21 Sep 2023 22:49:40 GMT

GET
H2 200 hotjar-2823701.js Show response
static.hotjar.com/c/ 10 KB
4 KB 257ms
140ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2823701.js?sv=6

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

596678f4f4f8f0c48143c0f6fb7673d66803da844aee1e01be3324226b7288e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 22:49:40 GMT
via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/07427cc2e14ba67e521923d4f114d9fd
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Jc22g717OGfge8_r_m7pCaDHNG-w52U4EF02cFSqE2DKNxfwK-6jNw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
62 KB 105ms
103ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8ad7ec66701f8ed8c3309d44148f7ef652684f87bd616406d395afd12b285e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63035
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 21:25:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 22:49:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 193ms
74ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 14 Sep 2023 22:49:40 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1AC0D411F3EB47FCB6F45A08E56A780E Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 404 video-bg-normal.jpg
onedaytorunlive.com/img/ 9 B
204 B 402ms
82ms Image
text/plain 216.245.214.84
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onedaytorunlive.com/img/video-bg-normal.jpg
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.245.214.84 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 84-214-245-216.static.reverse.lstn.net
Software: Cowboy /
Resource Hash: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy
content-length: 9

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 86ms
84ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F106R6NH85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179534963-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ca8278fbed1a28d9ff7c710cecda4f4402bb0c8512da02ba3dc496a72f43b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:49:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 22:49:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 158ms
50ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179534963-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 22:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 525
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 00:40:55 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 172ms
55ms Script
application/x-javascript 23.199.49.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 22:49:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 10:04:36 GMT
Server: AkamaiNetStorage
ETag: "5815fbf64c9af594c239523fd631e077:1692096292.680957"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7087
Expires: Thu, 14 Sep 2023 23:09:40 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 75 KB
24 KB 212ms
58ms Script
text/javascript 2600:9000:23cb:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ8TCSL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

X-Amz-Version-Id: 2W0nFhLgp3U9gUvvEzXT9GuNEpd6A6yg
Content-Encoding: gzip
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Date: Thu, 14 Sep 2023 21:53:55 GMT
Age: 3345
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 03 Aug 2023 19:17:31 GMT
Server: AmazonS3
Etag: W/"67e54a60303cfbf4c3b977aa390ad408"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vBGSnYZ9nVSpUnieEqE2843SN07MC0TK0-x7XeReL-MzC2vnkLNgAA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 304ms
102ms Script
application/x-javascript 2a03:2880:f00d:115:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00d:115:face:b00c:0:3 Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 22:49:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: lDwfwP2I3gQfoJkxscvTgcO6VUiSAxtpZ3tnQol9paYKuiu7Xe9mvVapY1kplku8Bd1HPL4KMCuu8twctcQPvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 15327201.js Show response
bat.bing.com/p/action/ 0
118 B 74ms
74ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15327201.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49DC361498AB4A7D8B904951998E24DF Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 167ms
167ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15327201&Ver=2&mid=a1b5debf-baed-4ab3-adac-49417ead7fb1&sid=fd5cd810535011ee8c268fa6baf0f9e8&vid=fd5d21a0535011eeb1476944b7f2607f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=931&evt=pageLoad&sv=1&rn=18991

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6753956CC82C4142BA9DE82002AC31ED Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27011139.js Show response
bat.bing.com/p/action/ 0
120 B 165ms
165ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27011139.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B60C1E895384CCFB68A546FBAC3374D Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
231 B 164ms
163ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27011139&Ver=2&mid=e54c069a-2bb2-4f12-b1cc-5f35aaeab6f3&sid=fd5cd810535011ee8c268fa6baf0f9e8&vid=fd5d21a0535011eeb1476944b7f2607f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=931&evt=pageLoad&sv=1&rn=788552

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA82BC6EF4B5469688ADB7EC81A0A618 Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15327707.js Show response
bat.bing.com/p/action/ 0
119 B 163ms
163ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15327707.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D814552398E41C99ADB187395ECBBBB Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
231 B 162ms
161ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15327707&Ver=2&mid=2489a99a-8f81-4301-8e22-818a831c57db&sid=fd5cd810535011ee8c268fa6baf0f9e8&vid=fd5d21a0535011eeb1476944b7f2607f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Dr.%20Phil&p=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&r=&lt=931&evt=pageLoad&sv=1&rn=492854

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Sep 2023 22:49:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE8A666DBA4B461AB812A1AD63D374B3 Ref B: EWR311000104033 Ref C: 2023-09-14T22:49:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.b1d0ab810250ab067071.js Show response
script.hotjar.com/ 223 KB
55 KB 185ms
66ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b1d0ab810250ab067071.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2823701.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 33575
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55750
last-modified: Thu, 14 Sep 2023 13:29:45 GMT
etag: "6b776c41a374521051e75fc2d87b8d0a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nwPhw9SAqQrsumYHVdy633obLyqjG6LQydc8SOLo8biSLaw6r_-LUQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
178 B 119ms
118ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F106R6NH85&gtm=45je39d0&_p=1391849035&cid=1498946934.1694731781&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694731780&sct=1&seg=0&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&dt=Dr.%20Phil&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F106R6NH85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 22:49:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cbd.healthfindings.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 104ms
104ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1391849035&t=pageview&_s=1&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&ul=en-us&de=UTF-8&dt=Dr.%20Phil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1416160112&gjid=1184886617&cid=1498946934.1694731781&tid=UA-179534963-1&_gid=872855798.1694731781&_r=1&gtm=457e39d0&jsscut=1&z=1752971152

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 22:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cbd.healthfindings.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 237ms
58ms Ping
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0008390998906271596&referrer=&cht=gtm&marketerId=00aef8f39a458de8816ecaacea5f575566&name=PAGE_VIEW&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&g=1&obApiVersion=1.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 22:49:41 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 82fa75c69e540072204c2e02ebace290
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 219ms
56ms Script
application/javascript 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00aef8f39a458de8816ecaacea5f575566
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 22:49:41 GMT
content-encoding: br
X-TraceId: db88e2abae7696fd35ffcf93619e8b48
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00aef8f39a458de8816ecaacea5f575566 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 171ms
55ms Script
text/html 23.199.49.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00aef8f39a458de8816ecaacea5f575566
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 22:49:41 GMT
Content-Encoding: gzip
ob-sent-time: 1694283852018
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
X-TraceId: ab9b46cac3f3cbef4b9711626320c18b
Content-Length: 22
Expires: Thu, 14 Sep 2023 22:50:41 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/IB5XMLV6BBATJIWXRDSVMT/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

111ms
57ms

Script
application/javascript

2600:9000:23cb:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Server: 2600:9000:23cb:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

X-Amz-Version-Id: e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Date: Thu, 14 Sep 2023 16:33:18 GMT
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Age: 22584
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Aug 2023 18:30:18 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nALNHXoXXqTrCFtUA_3A_V3pCEpN6Afy6X9VgHACV1qlYJQk3BPCsA==

Redirect headers

Date: Thu, 14 Sep 2023 14:52:24 GMT
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Age: 28636
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JuPsPwoDVi1HA9PPOqerFojhOiw7gHxUf_HkziCmL4TGfFKZEF-jAQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

56ms
56ms

Script
application/javascript

2600:9000:23cb:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Server: 2600:9000:23cb:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 14 Sep 2023 15:34:27 GMT
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Age: 26115
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2zNwda6lg_BWyfd25mCwbq4VMERaEkGLUlCh_d86iE4HjmKrpug38w==

Redirect headers

Date: Thu, 14 Sep 2023 14:52:25 GMT
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Age: 28636
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _3bM5EKHle5ahmwsNNqx-GMPxOiYDjBXTSACWweLi1SKw7PgXraeBw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/ 0
809 B 166ms
56ms Script
text/javascript 2600:9000:23cb:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

X-Amz-Version-Id: Vxa93X9bd74CMVMlDozfPI7cMrGtqeFM
Date: Thu, 14 Sep 2023 22:38:32 GMT
Via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
Age: 1128
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 09 Sep 2023 11:21:38 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vc-au-Eu5_gMSAI1Ict2P_KASoG7PeYsHnAfpFsleZ8PmHQHc3hNjw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
353 B 175ms
61ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-179534963-1&cid=1498946934.1694731781&jid=1416160112&gjid=1184886617&_gid=872855798.1694731781&_u=YADAAUAAAAAAACAAI~&z=996403795

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbd.healthfindings.website/StopPain/Restore.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Sep 2023 22:49:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cbd.healthfindings.website
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IB5XMLV6BBATJIWXRDSVMT Show response
d.adroll.com/consent/check/ 494 B
980 B 216ms
51ms Script
application/javascript 2600:1f18:61c0:2204:88f:7f81:1924:3a44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/IB5XMLV6BBATJIWXRDSVMT?pv=37152789773.71226&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&_s=bc1c63d71724727841912bf770ff56b4&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2204:88f:7f81:1924:3a44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e027ec61c052cd76c5d3afe2047367d4300e9865a18eb972443a5bf2fe4083bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 14 Sep 2023 22:49:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 494
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 411561462880558 Show response
connect.facebook.net/signals/config/ 490 KB
134 KB 195ms
194ms Script
application/x-javascript 2a03:2880:f00d:115:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411561462880558?v=2.9.127&r=stable&domain=cbd.healthfindings.website

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00d:115:face:b00c:0:3 Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd8609fbecb269f0cceebd29bc999560e5ed56ca0e84e17acd7fe9bf8d2e0915

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 22:49:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UjLQh0tgJvTAFG7/IVo7sNrnpfOYE78W0Tk+D/2Qaxiq2eWgfLvNGAvumvrNTYvx/pNyhbvs45eKH0oDEX9AGg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

2BSWWYNTQVANPEH65BK7SO.js Show response
s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/
Redirect Chain

https://d.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM?adroll_fpc=5b79026da8358bb51b0bce555a58b813-1694731781338&pv=37152789773.71226&arrfrr=https%3A%2F%2Fcbd.healthfindings.websi...
https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js

3 KB
2 KB

56ms
56ms

Script
text/javascript

2600:9000:23cb:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: HTTP/1.1
Server: 2600:9000:23cb:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a537611dff4d5d417882ca757b7bb757829b1d770fe2028f4eea522d5e259c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

X-Amz-Version-Id: Ht7_g8d9BnYfsmW0x9DwD55GpxBNj6b6
Content-Encoding: gzip
Via: 1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Date: Thu, 14 Sep 2023 22:38:32 GMT
Age: 1127
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 12 Jul 2023 12:16:41 GMT
Server: AmazonS3
Etag: W/"438076d611c83d631cabef22e8fa921e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0N7WPVb1A1eSVw22fursZG3oJfmFRs7cM9qvUVt8TfAGS1tzZ_0MnQ==

Redirect headers

date: Thu, 14 Sep 2023 22:49:41 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 35
server: nginx/1.22.1
x-rule: *
x-segment-eid: 2BSWWYNTQVANPEH65BK7SO
location: https://s.adroll.com/pixel/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM/2BSWWYNTQVANPEH65BK7SO.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 32FNGCRGJBG2PPHERVTTSM
x-segment-name: *
x-advertisable-eid: IB5XMLV6BBATJIWXRDSVMT
x-conversion-currency: USD

GET
H2 200 32FNGCRGJBG2PPHERVTTSM
ipv4.d.adroll.com/px4/IB5XMLV6BBATJIWXRDSVMT/ 42 B
176 B 209ms
63ms Image
image/gif 3.218.16.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/IB5XMLV6BBATJIWXRDSVMT/32FNGCRGJBG2PPHERVTTSM?adroll_fpc=5b79026da8358bb51b0bce555a58b813-1694731781338&pv=37152789773.71226&arrfrr=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&cookie=&adroll_s_ref=&keyw=&conv_value=35&adroll_currency=USD&p0=630
Requested by: Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.16.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-16-35.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 22:49:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
content-type: image/gif

GET
H3 200 580923396006047 Show response
connect.facebook.net/signals/config/ 420 KB
115 KB 262ms
261ms Script
application/x-javascript 2a03:2880:f00d:115:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580923396006047?v=2.9.127&r=stable&domain=cbd.healthfindings.website

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00d:115:face:b00c:0:3 Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bda5ea974840e7e0f939577d12bc5ea352f45b24f548acefc5907d9f23c9e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 22:49:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: t4hhoQJ5nX9PQpfNnocc4P4VpsueSiRCcagw8lw2wSgyzQO1N3AtG3FC7zKQC9+4TL5JE3n9/QMOF+0rv69gEQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 964ms
86ms Image
text/plain 2a03:2880:f10d:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1694731781699&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694731781697.311052793&cs_est=true&it=1694731781326&coo=false&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10d:183:face:b00c:0:25de Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 22:49:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 84ms
84ms Image
text/plain 2a03:2880:f10d:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580923396006047&ev=PageView&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1694731782594&cd[segment_eid]=2BSWWYNTQVANPEH65BK7SO&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=29&fbp=fb.1.1694731781697.311052793&it=1694731781326&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10d:183:face:b00c:0:25de Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 22:49:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 84ms
84ms Image
text/plain 2a03:2880:f10d:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411561462880558&ev=Microdata&dl=https%3A%2F%2Fcbd.healthfindings.website%2FStopPain%2FRestore.php&rl=&if=false&ts=1694731782595&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Dr.%20Phil%22%2C%22meta%3Adescription%22%3A%22Dr.%20Phil%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Dr.%20Phil%22%2C%22og%3Adescription%22%3A%22Dr.%20Phil%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.127&r=stable&ec=1&o=30&fbp=fb.1.1694731781697.311052793&it=1694731781326&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: cbd.healthfindings.website
URL: https://cbd.healthfindings.website/StopPain/Restore.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10d:183:face:b00c:0:25de Los Angeles, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cbd.healthfindings.website/StopPain/Restore.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 22:49:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.healthfindings.website/	1970-01-20 14:46:58	Name: _uetsid Value: fd5cd810535011ee8c268fa6baf0f9e8
.healthfindings.website/	1970-01-21 00:07:07	Name: _uetvid Value: fd5d21a0535011eeb1476944b7f2607f
.healthfindings.website/	1970-01-21 00:21:31	Name: _ga_F106R6NH85 Value: GS1.1.1694731780.1.0.1694731780.0.0.0
.healthfindings.website/	1970-01-21 00:21:31	Name: _ga Value: GA1.2.1498946934.1694731781
.healthfindings.website/	1970-01-20 14:46:58	Name: _gid Value: GA1.2.872855798.1694731781
.healthfindings.website/	1970-01-20 14:45:31	Name: _gat_gtag_UA_179534963_1 Value: 1
.bat.bing.com/	1970-01-20 14:55:36	Name: MR Value: 0
.bing.com/	1970-01-21 00:07:07	Name: MUID Value: 356082F9564F671E0AED917557C5662F
.healthfindings.website/	1970-01-20 23:31:07	Name: _hjSessionUser_2823701 Value: eyJpZCI6ImVlMzg5NDQ2LWUzYTctNTVkOC04ZGY3LWEyZGE3OGZlOTFlMSIsImNyZWF0ZWQiOjE2OTQ3MzE3ODExNzcsImV4aXN0aW5nIjpmYWxzZX0=
.healthfindings.website/	1970-01-20 14:45:33	Name: _hjFirstSeen Value: 1
.healthfindings.website/	1970-01-20 14:45:31	Name: _hjIncludedInSessionSample_2823701 Value: 0
.healthfindings.website/	1970-01-20 14:45:33	Name: _hjSession_2823701 Value: eyJpZCI6IjI3YzgwZGFmLTA4MjgtNDBjMy1hNDZmLTk3ODk4ODZlYzQ4NCIsImNyZWF0ZWQiOjE2OTQ3MzE3ODExNzgsImluU2FtcGxlIjpmYWxzZX0=
.healthfindings.website/	1970-01-20 14:45:33	Name: _hjAbsoluteSessionInProgress Value: 0
cbd.healthfindings.website/	1970-01-20 14:45:32	Name: outbrain_cid_fetch Value: true
.d.adroll.com/	1970-01-21 00:14:19	Name: __adroll Value: d6622b61b6f387e4aa61b4cd0842feb8-a_1694731781
.adroll.com/	1970-01-21 00:14:19	Name: __adroll_shared Value: d6622b61b6f387e4aa61b4cd0842feb8-a_1694731781
.cbd.healthfindings.website/	1970-01-20 23:31:29	Name: __adroll_fpc Value: 5b79026da8358bb51b0bce555a58b813-1694731781338
.cbd.healthfindings.website/	1970-01-20 23:31:07	Name: __ar_v4 Value: %7CIB5XMLV6BBATJIWXRDSVMT%3A20230914%3A1%7C32FNGCRGJBG2PPHERVTTSM%3A20230914%3A1%7C2BSWWYNTQVANPEH65BK7SO%3A20230914%3A1
.healthfindings.website/	1970-01-20 16:55:07	Name: _fbp Value: fb.1.1694731781697.311052793

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cbd.healthfindings.website/StopPain/Restore.php(Line 772) Message: Mixed Content: The page at 'https://cbd.healthfindings.website/StopPain/Restore.php' was loaded over HTTPS, but requested an insecure element 'http://onedaytorunlive.com/img/video-bg-normal.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://onedaytorunlive.com/img/video-bg-normal.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
bat.bing.com
cbd.healthfindings.website
cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
ipv4.d.adroll.com
onedaytorunlive.com
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
108.138.106.49
18.164.96.90
185.61.152.17
216.245.214.84
23.199.49.127
2600:1f18:61c0:2204:88f:7f81:1924:3a44
2600:9000:23cb:2000:6:9280:1080:93a1
2606:4700::6811:190e
2607:f8b0:4004:c09::9b
2607:f8b0:4006:809::2008
2607:f8b0:4006:816::200e
2620:1ec:c11::200
2a03:2880:f00d:115:face:b00c:0:3
2a03:2880:f10d:183:face:b00c:0:25de
3.218.16.35
70.42.32.255
074c3fee1b061ff55a401621ad8c073e912425b70bf05ba2f1c57622d8f00668
08690966c12a3b844dc48179995f054cdc17e066fa4447706c2505b0ecc8bf57
0e48a851744148120e20c50902cdea6f268c013eda78f87100d6cfa926ecce5c
0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
3ca8278fbed1a28d9ff7c710cecda4f4402bb0c8512da02ba3dc496a72f43b99
3fa95bd37a4896f076d974fcc1336cbe96257584985bdb09fea0ce3532fbddf7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
596492fc8fdb5fc82f4a85b54b4a52ed6596f4f8d75d5e04808dfa4cb1688d7e
596678f4f4f8f0c48143c0f6fb7673d66803da844aee1e01be3324226b7288e9
59edb893416c6deac40d2b733caf988f4e8aee1e996d718436fcdddb55262fad
5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929
65c50446ae3ec1cf77b8e71d703ac383f6babed6d1facf62f2ec228c30550d8f
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79a3b0af421c0e4d2f02dc0e777b823100527ea9e28ae1345d3a19a35ede2105
7bda5ea974840e7e0f939577d12bc5ea352f45b24f548acefc5907d9f23c9e3c
7c599a1f1acf20c1a93d38bc62e21b06b73728c5f664597fec4b4a4cd777a698
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
912a9915fedc0c1b4e4e78b512e79971b003bbdbce42cf4a581760f4bef748a7
9a537611dff4d5d417882ca757b7bb757829b1d770fe2028f4eea522d5e259c6
9d390748ccc28edeb9da34d0c048bdbba1ea710a003ae079acbe9aae7f266589
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bd8609fbecb269f0cceebd29bc999560e5ed56ca0e84e17acd7fe9bf8d2e0915
d4e730980b14b141944005536f28f5092e367cef7bc1d78b409f43cec090f0e0
d8ad7ec66701f8ed8c3309d44148f7ef652684f87bd616406d395afd12b285e1
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86
e027ec61c052cd76c5d3afe2047367d4300e9865a18eb972443a5bf2fe4083bc
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8783a6e94254f7c6f710d69442152f7a3fdd5791fdd4e94bea126ad32e5c681
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35d90682eff9386920e289024377d9afb52de8039ff25e49cc779450a94ffa2
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

cbd.healthfindings.website Open in urlscan Pro 185.61.152.17 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

56 %IPv6

12 Domains

17 Subdomains

16 IPs

2 Countries

2199 kBTransfer

6609 kBSize

19 Cookies

1 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cbd.healthfindings.website Open in urlscan Pro
185.61.152.17 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

2
Countries

2199 kB
Transfer

6609 kB
Size

19
Cookies

56 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!