www.healthyfree.xyz Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://healthyfree.xyz/
Effective URL:
https://www.healthyfree.xyz/
Submission: On March 16 via api (March 16th 2020, 5:19:11 am UTC) from DE

Summary HTTP 53 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 23 domains to perform 53 HTTP transactions. The main IP is 2a00:1450:4001:806::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.healthyfree.xyz.
TLS certificate: Issued by GTS CA 1D2 on February 20th 2020. Valid for: 3 months.

This is the only time www.healthyfree.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
24	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2009	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1 4	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	52.29.126.123 52.29.126.123	16509 (AMAZON-02) (AMAZON-02)
1	34.234.137.236 34.234.137.236	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.50.175.184 52.50.175.184	16509 (AMAZON-02) (AMAZON-02)
1 1	46.4.31.20 46.4.31.20	24940 (HETZNER-AS) (HETZNER-AS)
1	104.19.139.80 104.19.139.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.185.207.113 18.185.207.113	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
1	23.105.245.4 23.105.245.4	7979 (SERVERS) (SERVERS)
1 1	52.59.108.16 52.59.108.16	16509 (AMAZON-02) (AMAZON-02)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1 1	23.105.254.36 23.105.254.36	7979 (SERVERS) (SERVERS)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	95.216.106.100 95.216.106.100	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
53	15

1 216.239.32.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

healthyfree.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.healthyfree.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0k-c4-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-08-c4-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.214.103 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.126.123 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-126-123.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.137.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-137-236.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.175.184 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-175-184.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.31.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.31.4.46.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.139.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.207.113 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-207-113.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.108.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-108-16.eu-central-1.compute.amazonaws.com

sandbox.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.36 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.106.100 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.106.216.95.clients.your-server.de

palladiumpin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	249 KB
6	bidswitch.net 6 redirects x.bidswitch.net sandbox.bidswitch.net	2 KB
6	gstatic.com fonts.gstatic.com	81 KB
5	blogspot.com 1.bp.blogspot.com	126 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
4	healthyfree.xyz 2 redirects healthyfree.xyz www.healthyfree.xyz	31 KB
3	google.com 2 redirects drive.google.com adservice.google.com	2 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	710 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	googleusercontent.com doc-0k-c4-docs.googleusercontent.com doc-08-c4-docs.googleusercontent.com	8 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	google.de adservice.google.de	171 B
1	palladiumpin.com palladiumpin.com	82 KB
1	googlesyndication.com pagead2.googlesyndication.com	38 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	lentainform.com cm.lentainform.com	329 B
1	doubleclick.net 1 redirects cm.g.doubleclick.net	785 B
1	steepto.com cm.steepto.com	280 B
1	loopme.me 1 redirects csync.loopme.me	192 B
1	postrelease.com jadserve.postrelease.com	426 B
1	blogger.com www.blogger.com	52 KB
1	blogblog.com resources.blogblog.com	539 B
53	23

	Domain	Requested by
9	cm.mgid.com	jsc.mgid.com www.healthyfree.xyz
7	s-img.mgid.com	www.healthyfree.xyz
6	fonts.gstatic.com	www.healthyfree.xyz jsc.mgid.com
5	1.bp.blogspot.com	www.healthyfree.xyz
5	x.bidswitch.net	5 redirects
4	sb.scorecardresearch.com	1 redirects jsc.mgid.com www.healthyfree.xyz
3	servicer.mgid.com	jsc.mgid.com
3	www.healthyfree.xyz	1 redirects www.healthyfree.xyz
2	c.mgid.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	match.adsrvr.org	2 redirects
2	drive.google.com	2 redirects
2	jsc.mgid.com	www.healthyfree.xyz
2	fonts.googleapis.com	www.healthyfree.xyz jsc.mgid.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	palladiumpin.com	www.healthyfree.xyz
1	pagead2.googlesyndication.com	doc-08-c4-docs.googleusercontent.com
1	udata.mixmarket.biz	1 redirects
1	sandbox.bidswitch.net	1 redirects
1	cm.lentainform.com	www.healthyfree.xyz
1	cm.g.doubleclick.net	1 redirects
1	cm.steepto.com	www.healthyfree.xyz
1	csync.loopme.me	1 redirects
1	jadserve.postrelease.com	www.healthyfree.xyz
1	cdn.mgid.com	www.healthyfree.xyz
1	www.blogger.com	www.healthyfree.xyz
1	doc-08-c4-docs.googleusercontent.com	www.healthyfree.xyz
1	doc-0k-c4-docs.googleusercontent.com	www.healthyfree.xyz
1	resources.blogblog.com	www.healthyfree.xyz
1	healthyfree.xyz	1 redirects
53	32

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
brainberries.co
herbeauty.co
zestradar.com
www.blogger.com
1kdailyprofit
twitter.com
instagram.com
www.youtube.com
www.goinsan.com

Subject Issuer	Validity	Valid
www.healthyfree.xyz GTS CA 1D2	`2020-02-20` - `2020-05-20`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
ssl382684.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
ssl382690.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.healthyfree.xyz/
Frame ID: 3FEF457EDA2BCED618FF9FE5D7F98A2A
Requests: 53 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=158433593076565140541
Frame ID: 48FC463E2E0A84655E5D9C8AF4830078
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://healthyfree.xyz/ HTTP 301
http://www.healthyfree.xyz/ HTTP 301
https://www.healthyfree.xyz/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

53
Requests

98 %
HTTPS

38 %
IPv6

23
Domains

32
Subdomains

15
IPs

6
Countries

671 kB
Transfer

1102 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=www.healthyfree.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=819574

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/7-mysteriose-entdeckungen-die-selbst-archaologen-verbluften/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/6-stinkreiche-promis-die-unter-extrem-bescheidenen-verhaltnissen-leben/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/relationships/15-sternzeichen-die-die-besten-paare-bilden-wurden/

Search URL Search Domain Scan URL

URL: https://zestradar.com/entertainment/miss-universe-2019-zozibini-tunzi-wins-the-title-with-her-stunning-final-words/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=3866346309382490424&widgetType=HTML&widgetId=HTML2&action=editWidget&sectionId=iklan-atas-1
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.healthyfree.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=825761

Search URL Search Domain Scan URL

URL: https://zestradar.com/curiosities/6-of-the-most-unusual-kids-in-the-world/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=3866346309382490424&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=3866346309382490424&widgetType=Label&widgetId=Label1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=3866346309382490424&widgetType=HTML&widgetId=HTML4&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://1kdailyprofit/Clever_22yr_Girl_Made_Over_1644250_After_Watching_This_Video

Search URL Search Domain Scan URL

URL: https://zestradar.com/movietv/sci-fi-and-fantasy-tv-series-characters-that-we-would-love-to-see-together/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=3866346309382490424&widgetType=HTML&widgetId=HTML3&action=editWidget&sectionId=iklan-bawah-1
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/

Search URL Search Domain Scan URL

URL: https://www.goinsan.com/
Title: Goinsan™

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://healthyfree.xyz/ HTTP 301
http://www.healthyfree.xyz/ HTTP 301
https://www.healthyfree.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://drive.google.com/uc?export=download&id=1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU HTTP 302
https://doc-0k-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hs6a9dobdd2tbun65thlb1afkmimb2at/1584335925000/02574408475763707990/*/1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU?e=download

Request Chain 10

https://drive.google.com/uc?export=download&id=13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0 HTTP 302
https://doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0?e=download

Request Chain 28

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=

Request Chain 29

https://x.bidswitch.net/sync?dsp_id=303&user_id=k2fOyGCe04im HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k2fOyGCe04im HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=e7a611e4-5659-417f-88b9-453af2f9b901

Request Chain 30

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=7720dbe8-a1e8-4e31-b3ae-92cda0874ebd&ttl=1586927931

Request Chain 31

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=3508a16a-35d8-497b-9858-9081ac1878ae

Request Chain 33

https://prod.perf-serving.com/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=371154&c=4041d74a-6031-4641-988f-75c8e4c7f7a8

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJmT3lHQ2UwNGlt&muidn=k2fOyGCe04im HTTP 302
https://cm.mgid.com/google?muidn=k2fOyGCe04im&google_ula={guid},5&google_gid=CAESENP9af__z3JGsQRWfUeSOaY&google_cver=1

Request Chain 36

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://sandbox.bidswitch.net/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=58&expires=14&user_id=e7a611e4-5659-417f-88b9-453af2f9b901&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=e7a611e4-5659-417f-88b9-453af2f9b901

Request Chain 37

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=04a20c2e-6212-492f-9628-59a0e78d8250

Request Chain 38

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

53 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.healthyfree.xyz/
Redirect Chain

http://healthyfree.xyz/
http://www.healthyfree.xyz/
https://www.healthyfree.xyz/

103 KB
28 KB

219ms
195ms

Document
text/html

2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f9f64364378930386481cef33521cd3321e4d181b47f3550f47c7d8ebb51a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.healthyfree.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Mon, 16 Mar 2020 05:18:50 GMT
date: Mon, 16 Mar 2020 05:18:50 GMT
cache-control: private, max-age=0
last-modified: Mon, 16 Mar 2020 00:31:16 GMT
etag: W/"ab8fefd3118793608c29f36ab7466714f59fad97891b0427cb2c3ba9fb7abc63"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28107
server: GSE

Redirect headers

Location: https://www.healthyfree.xyz/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 16 Mar 2020 05:18:50 GMT
Expires: Mon, 16 Mar 2020 05:18:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 176
Server: GSE

GET
H2 200 css
fonts.googleapis.com/ 5 KB
762 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 05:18:50 GMT
server: ESF
date: Mon, 16 Mar 2020 05:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Mar 2020 05:18:50 GMT

GET
H2 200 healthyfree.xyz.819574.js Show response
jsc.mgid.com/h/e/ 130 KB
36 KB 55ms
21ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573bcc4c08e15d8cc439f6ceedd01d4612d7559c660bd7f221d7da40e4b7ce53

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 20
cf-polished: origSize=133090
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 2719DD03C05E242E
x-amz-id-2: Uj0Y6u/cNgxTpuaQQhjsiZvlGMPHBy3EQ6+79+8ljueIAFRDJ71S8jPbWm7pf5tCscn/KqoUwXM=
last-modified: Wed, 11 Mar 2020 17:07:18 GMT
server: cloudflare
etag: W/"9f1524631adc2aa7976b94b78f0d9818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Mon, 16 Mar 2020 06:18:50 GMT
cache-control: public, max-age=3600
cf-ray: 574c040dcefdbdeb-AMS
cf-bgj: minify

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
539 B 6ms
6ms Image
image/png 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 13 Mar 2020 08:12:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 07:31:02 GMT
server: sffe
age: 248788
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
expires: Fri, 20 Mar 2020 08:12:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 3904111
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1542704
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 289323e998586e08acecfa33b134cfefde757a5436758ca329193fd612bfcac8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 2 KB
628 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 05:18:50 GMT
server: ESF
date: Mon, 16 Mar 2020 05:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Mar 2020 05:18:50 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 healthyfree.xyz.825761.js Show response
jsc.mgid.com/h/e/ 133 KB
36 KB 22ms
21ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/e/healthyfree.xyz.825761.js
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd8bd35fcf5bc4ef908c8c8ff5703433c37f03aa50e1f9e2986af4580f7023d

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 20
cf-polished: origSize=136425
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 2542EEF4DB633C30
x-amz-id-2: xSPsVctISBP1E9un4WA/Y9/d6MBiClDG1oVHkgcB0B7wgu9umQD3K/xz1LnE6K8OBVeaC9TSCD4=
last-modified: Wed, 11 Mar 2020 17:22:05 GMT
server: cloudflare
etag: W/"ca1910673c7c74105cc3afa8d224b30f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Mon, 16 Mar 2020 06:18:50 GMT
cache-control: public, max-age=3600
cf-ray: 574c040e2f3bbdeb-AMS
cf-bgj: minify

GET
H2

200

1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU
doc-0k-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hs6a9dobdd2tbun65thlb1afkmimb2at/1584335925000/02574408475763707990/*/
Redirect Chain

https://drive.google.com/uc?export=download&id=1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU
https://doc-0k-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hs6a9dobdd2tbun65thlb1afkmimb2at/1584335925000/02574408475763707990/*/1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU?e...

4 KB
4 KB

179ms
178ms

Stylesheet
text/css

2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-0k-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hs6a9dobdd2tbun65thlb1afkmimb2at/1584335925000/02574408475763707990/*/1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU?e=download
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f64771621f48c8eff58c25586eba070cc88f42ea1f37cc34d096dd2748d83369

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=aLvoyA==
date: Mon, 16 Mar 2020 05:18:51 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: UploadServer
access-control-allow-origin: *
x-guploader-uploadid: AEnB2Ury03ZuHt92yblcFZ5dPSGjVjkxMWobSJjyxanXTU7HhwB6MOLRGsaPTGGc5BzHf-xce1uU0BrVc0v6x02G_9sB1JdP3g
access-control-allow-methods: GET,OPTIONS
content-type: text/css
status: 200
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: attachment;filename="KillAdBlock.css";filename*=UTF-8''KillAdBlock.css
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Goog-Meeting-Botguardid, X-Goog-Meeting-Debugid, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id
content-length: 3647
expires: Mon, 16 Mar 2020 05:18:51 GMT

Redirect headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 317
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0k-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hs6a9dobdd2tbun65thlb1afkmimb2at/1584335925000/02574408475763707990/*/1xbqHJLay8msxXdXPo1kb8TxEq_4wN7EU?e=download
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-KpJz91BS3F/G76QHvsP6TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0 Show response
doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/
Redirect Chain

https://drive.google.com/uc?export=download&id=13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0
https://doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0?e...

3 KB
5 KB

170ms
169ms

Script
application/javascript

2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0?e=download
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9fa85dd35285df5c97c839f91e1ef88d9d1c5c6a483ad0b8ae6a657f288c2516

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=jWSybQ==
date: Mon, 16 Mar 2020 05:18:51 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: UploadServer
access-control-allow-origin: *
x-guploader-uploadid: AEnB2UqMVGO4S_4NvJEha6nLLs2N_MgtE_JaVMOww3WgwBZL69hIwJvlkCnV2Iz8KvSwaSFXEBT-rAM6vob0KzCZN-gjDT48GDSY3YBz6MbBMMYVVC66h4U
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
status: 200
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: attachment;filename="KillAdBlock.js";filename*=UTF-8''KillAdBlock.js
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Goog-Meeting-Botguardid, X-Goog-Meeting-Debugid, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id
content-length: 2807
expires: Mon, 16 Mar 2020 05:18:51 GMT

Redirect headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 315
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0?e=download
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-JbrapY8WiPuZaVb6gWM6wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookienotice.js Show response
www.healthyfree.xyz/js/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthyfree.xyz/js/cookienotice.js

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Mar 2020 19:11:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Mon, 23 Mar 2020 05:18:50 GMT

GET
H2 200 367476687-widgets.js Show response
www.blogger.com/static/v1/widgets/ 140 KB
52 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/367476687-widgets.js

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565a182d06fe331b55193b05f1aeb0de2f683aea827d2e95f80b31862106a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 14:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 20:29:09 GMT
server: sffe
age: 52332
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52855
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:46:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1759492
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:33:58 GMT

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 15:36:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 567734
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19684
x-xss-protection: 0
expires: Tue, 09 Mar 2021 15:36:36 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 09:11:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 1541252
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16224
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:11:18 GMT

GET
H2 200 1 Show response
servicer.mgid.com/819574/ 3 KB
2 KB 103ms
62ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/819574/1?w=980&h=229&cols=4&pv=5&cbuster=1584335930653437724035&uniqId=0d91a&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.healthyfree.xyz%2F&pageView=1&pvid=170e1c7c51da160c8b1&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7be23d6fbdf38bbce327f350c70751155e47efa4e6163aef62bdd324354c05

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 574c040edfb8bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/825761/ 3 KB
1 KB 71ms
65ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/825761/1?w=300&h=1148&cols=1&pv=5&cbuster=1584335930688523133574&uniqId=15791&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.healthyfree.xyz%2F&pageView=0&pvid=170e1c7c540803e6c96&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.825761.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d51cc1cc7bf437b7488c42cc1611058d54a567917e30b35d5f3294849ea952

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 574c040edfb9bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 993 B
439 B 142ms
141ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1584335930761391958580
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969a59fbea5ab027be5bc20e975f86d1745d8eb571314c8d3334417a7601bd1f

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c040f480fbdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
Origin: https://www.healthyfree.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 10:48:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 1535440
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15556
x-xss-protection: 0
expires: Fri, 26 Feb 2021 10:48:10 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 48FC 186 B
488 B 142ms
142ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=158433593076565140541
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c040f4812bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 23ms
8ms Script
application/x-javascript 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 05:18:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 17 Mar 2020 05:18:50 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 18ms
17ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 5051
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: EAF7B034ECC7CD43
x-amz-id-2: NEXLpYC2QMlJJ8xJnvcjvFokJbS72AcxCmLS+Z/P2wD3v+SgB/33ejfTU4wUNfKU3D1VCJ/TgEE=
last-modified: Thu, 05 Mar 2020 10:34:13 GMT
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 574c040f5816bdeb-AMS
expires: Mon, 16 Mar 2020 09:18:50 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTA4LTIyL2Y4M2E1MmZkYzFhNGY3Nzk3ZjQwYTliOTE0MDAzNDU4LmpwZz90PTE0NzE4NzQ5NDk2Mzc*.webp
s-img.mgid.com/g/1999476/492x328/0x0x492x328/ 45 KB
45 KB 20ms
18ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/1999476/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTA4LTIyL2Y4M2E1MmZkYzFhNGY3Nzk3ZjQwYTliOTE0MDAzNDU4LmpwZz90PTE0NzE4NzQ5NDk2Mzc*.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afb32d537e6f7dd0cfd8fa592aa06afe826e9208247a52b503bd2cb06206f41

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 03:33:33 GMT
server: cloudflare
age: 14771188
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c040f681bbdeb-AMS
access-control-allow-origin: *
content-length: 45992

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTA3LTE0L2RkYWNlNzUwZmVmNWEzOGIxMGY5ZDQ3MDczNWNlNmY3LmpwZz90PTE0Njg1NDQ1Mjk5NzY*.webp
s-img.mgid.com/g/2008917/492x328/0x0x492x328/ 14 KB
14 KB 17ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/2008917/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTA3LTE0L2RkYWNlNzUwZmVmNWEzOGIxMGY5ZDQ3MDczNWNlNmY3LmpwZz90PTE0Njg1NDQ1Mjk5NzY*.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7254dae38a01964b659131b7332f95b8a7b7df5fb121a2abd98b3b3051a47fc7

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2019 11:15:35 GMT
server: cloudflare
age: 18632253
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c040f681cbdeb-AMS
access-control-allow-origin: *
content-length: 14256

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDMtMTgvMTAxOTI0LzUwNzA5MWI4NmFlMTg1Mjc1MzkwYWQ1NjdiM2U4MzZhLmpwZWc_dD0xNTIxNDE4ODkyNTY1.webp
s-img.mgid.com/g/2663706/492x328/0x0x999x666/ 14 KB
14 KB 23ms
22ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/2663706/492x328/0x0x999x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDMtMTgvMTAxOTI0LzUwNzA5MWI4NmFlMTg1Mjc1MzkwYWQ1NjdiM2U4MzZhLmpwZWc_dD0xNTIxNDE4ODkyNTY1.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cf79c97db75eb2dbbf2f87d9ab2247f8d3f51497a39ddc6776ce128caa816a

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
cf-cache-status: HIT
last-modified: Sun, 15 Sep 2019 16:33:29 GMT
server: cloudflare
age: 15465378
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c040f681ebdeb-AMS
access-control-allow-origin: *
content-length: 14384

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMzEwMTQxL2UzNzFjNjMzNzQ0Nzc1NjM0ZTgxOWUxNDBmYTliYmVhLmpwZWc*.webp
s-img.mgid.com/g/4777828/492x328/77x0x866x577/ 32 KB
32 KB 18ms
17ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4777828/492x328/77x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMzEwMTQxL2UzNzFjNjMzNzQ0Nzc1NjM0ZTgxOWUxNDBmYTliYmVhLmpwZWc*.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf26dcd0d0194d2f7fc6bd4990a43e06d36da5207e61c61de4bb6b9f13528fb1

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Dec 2019 09:24:28 GMT
server: cloudflare
age: 7156169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c040f681dbdeb-AMS
access-control-allow-origin: *
content-length: 33016

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMzEwMTQxL2I2ZTg3ZjEwYmZlZDhmMjU1MDVkY2E3YWI3NDk1NGRkLmpwZWc*.webp
s-img.mgid.com/g/4777831/492x328/41x0x629x419/ 12 KB
12 KB 16ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4777831/492x328/41x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMzEwMTQxL2I2ZTg3ZjEwYmZlZDhmMjU1MDVkY2E3YWI3NDk1NGRkLmpwZWc*.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf906d01263278060b741458f12168408bc75364cc405683443181210e92af71

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:50 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Dec 2019 09:24:23 GMT
server: cloudflare
age: 3561367
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c040f8828bdeb-AMS
access-control-allow-origin: *
content-length: 12678

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=

0
248 B

8ms
8ms

Image
text/plain

104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 05:18:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1584335930805&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=
Pragma: no-cache
Date: Mon, 16 Mar 2020 05:18:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1011
jadserve.postrelease.com/suid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k2fOyGCe04im
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k2fOyGCe04im
https://jadserve.postrelease.com/suid/1011?vk=e7a611e4-5659-417f-88b9-453af2f9b901

43 B
426 B

306ms
102ms

Image
image/gif

34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=e7a611e4-5659-417f-88b9-453af2f9b901
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

status: 302
date: Mon, 16 Mar 2020 05:18:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //jadserve.postrelease.com/suid/1011?vk=e7a611e4-5659-417f-88b9-453af2f9b901
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=7720dbe8-a1e8-4e31-b3ae-92cda0874ebd&ttl=1586927931

43 B
320 B

137ms
137ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=7720dbe8-a1e8-4e31-b3ae-92cda0874ebd&ttl=1586927931
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c04111904bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
x-aspnet-version: 4.0.30319
location: https://cm.mgid.com/m?cdsp=371158&c=7720dbe8-a1e8-4e31-b3ae-92cda0874ebd&ttl=1586927931
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=3508a16a-35d8-497b-9858-9081ac1878ae

43 B
156 B

245ms
245ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=3508a16a-35d8-497b-9858-9081ac1878ae
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c0410689ebdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

status: 307
date: Mon, 16 Mar 2020 05:18:50 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=3508a16a-35d8-497b-9858-9081ac1878ae

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
280 B 173ms
136ms Image
image/gif 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=k2fOyGCe04im
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 574c04106a05c79d-AMS
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://prod.perf-serving.com/sync?ssp=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=371154&c=4041d74a-6031-4641-988f-75c8e4c7f7a8

43 B
167 B

136ms
136ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371154&c=4041d74a-6031-4641-988f-75c8e4c7f7a8
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c041078a4bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

Location: //cm.mgid.com/m?cdsp=371154&c=4041d74a-6031-4641-988f-75c8e4c7f7a8
Date: Mon, 16 Mar 2020 05:18:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJmT3lHQ2UwNGlt&muidn=k2fOyGCe04im
https://cm.mgid.com/google?muidn=k2fOyGCe04im&google_ula={guid},5&google_gid=CAESENP9af__z3JGsQRWfUeSOaY&google_cver=1

0
69 B

133ms
133ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k2fOyGCe04im&google_ula={guid},5&google_gid=CAESENP9af__z3JGsQRWfUeSOaY&google_cver=1
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
status: 200
cf-ray: 574c0410689bbdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:50 GMT
server: HTTP server (unknown)
location: https://cm.mgid.com/google?muidn=k2fOyGCe04im&google_ula={guid},5&google_gid=CAESENP9af__z3JGsQRWfUeSOaY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 148ms
47ms Image
image/gif 23.105.245.4
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k2fOyGCe04im
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://sandbox.bidswitch.net/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=58&expires=14&user_id=e7a611e4-5659-417f-88b9-453af2f9b901&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=e7a611e4-5659-417f-88b9-453af2f9b901

43 B
156 B

128ms
128ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=e7a611e4-5659-417f-88b9-453af2f9b901
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c0410a8ccbdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

status: 302
date: Mon, 16 Mar 2020 05:18:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=e7a611e4-5659-417f-88b9-453af2f9b901
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=04a20c2e-6212-492f-9628-59a0e78d8250

43 B
188 B

137ms
137ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=04a20c2e-6212-492f-9628-59a0e78d8250
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c04145ae9bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

date: Mon, 16 Mar 2020 05:18:51 GMT
via: 1.1 google
location: //cm.mgid.com/m?cdsp=287839&c=04a20c2e-6212-492f-9628-59a0e78d8250
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/ Frame 48FC
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
281 B

136ms
136ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 574c041259cabdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Mon, 16 Mar 2020 05:18:51 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: doc-08-c4-docs.googleusercontent.com
URL: https://doc-08-c4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rnf58dospko3mkk32orf47ctfjacbidr/1584335925000/02574408475763707990/*/13ZuFocHRcOjW3f5eL4I2Yn3ylrjxnlJ0?e=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3d574e315196403e03338bbf7a9b0b20e8983ffe61363f2c3ec7e5343626c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38539
x-xss-protection: 0
server: cafe
etag: 3847701946802347125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Mar 2020 05:18:51 GMT

GET
H/1.1 200
OK 11-Things-You-Shouldn%E2%80%99t-Do-During-Your-Period.jpg
palladiumpin.com/wp-content/uploads/2019/09/ 81 KB
82 KB 69ms
62ms Image
image/jpeg 95.216.106.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://palladiumpin.com/wp-content/uploads/2019/09/11-Things-You-Shouldn%E2%80%99t-Do-During-Your-Period.jpg
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: HTTP/1.1
Server: 95.216.106.100 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.106.216.95.clients.your-server.de
Software: Apache/2 /
Resource Hash: 4ef21be6beb9b7ab75d0d846a423ba20a41f9d8d724bcb4cf8de99d286adbbc0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Mar 2020 05:18:51 GMT
Last-Modified: Fri, 06 Sep 2019 19:03:06 GMT
Server: Apache/2
ETag: "145f1-591e7169b1750"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=100
Content-Length: 83441

GET
H2 200 38a992fd92f22274a40201af976496f8.jpg
1.bp.blogspot.com/-rxB4iFIRTug/XgdBT9d5hII/AAAAAAAAG6Q/ziw7iesz8Y46beRxNTsltG4mtD5ZDHz-wCNcBGAsYHQ/w350-h210-p-k-no-nu/ 27 KB
27 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rxB4iFIRTug/XgdBT9d5hII/AAAAAAAAG6Q/ziw7iesz8Y46beRxNTsltG4mtD5ZDHz-wCNcBGAsYHQ/w350-h210-p-k-no-nu/38a992fd92f22274a40201af976496f8.jpg

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e1fb1b8650c9087e53f8644ba6c378f421f3a0a0c39449ec5219f304a98f565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:31 GMT
x-content-type-options: nosniff
age: 20
status: 200
content-disposition: inline;filename="38a992fd92f22274a40201af976496f8.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27325
x-xss-protection: 0
server: fife
etag: "v1ba5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 05:18:31 GMT

GET
H2 200 Ladies-Here-Are-9-Things-That-Men-DON%25E2%2580%2599T-Find-Attractive-in-Women.jpg
1.bp.blogspot.com/-q-vmlL7Urtg/Xm7CVEOOMiI/AAAAAAAABDM/QZpCYEEUJP8VPJRAE5Xw2SY3yyNBIJvcACLcBGAsYHQ/w350-h210-p-k-no-nu/ 33 KB
33 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-q-vmlL7Urtg/Xm7CVEOOMiI/AAAAAAAABDM/QZpCYEEUJP8VPJRAE5Xw2SY3yyNBIJvcACLcBGAsYHQ/w350-h210-p-k-no-nu/Ladies-Here-Are-9-Things-That-Men-DON%25E2%2580%2599T-Find-Attractive-in-Women.jpg

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e9d43d1cd4e0a3cd50c8565039834bbf475a5f9924d47f4123f2c3f34b4f2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:31 GMT
x-content-type-options: nosniff
age: 20
status: 200
content-disposition: inline;filename="Ladies-Here-Are-9-Things-That-Men-DON_T-Find-Attractive-in-Women.jpg";filename*=UTF-8''Ladies-Here-Are-9-Things-That-Men-DON%E2%80%99T-Find-Attractive-in-Women.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33329
x-xss-protection: 0
server: fife
etag: "v434"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 05:18:31 GMT

GET
H2 200 2b5fddd0ffd79a2f74d0d624d6125106.jpg
1.bp.blogspot.com/-ZkKMfTr38o8/XmgkHRWTrlI/AAAAAAAABAQ/Y1623oQh35UaxmKbTAMO11wS8NJTuQkoQCLcBGAsYHQ/w350-h210-p-k-no-nu/ 22 KB
22 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZkKMfTr38o8/XmgkHRWTrlI/AAAAAAAABAQ/Y1623oQh35UaxmKbTAMO11wS8NJTuQkoQCLcBGAsYHQ/w350-h210-p-k-no-nu/2b5fddd0ffd79a2f74d0d624d6125106.jpg

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4bbacbf2901a91a5ac707bc8428d5a50c63a23736d13c60d0f803bbbe6339ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:31 GMT
x-content-type-options: nosniff
age: 20
status: 200
content-disposition: inline;filename="2b5fddd0ffd79a2f74d0d624d6125106.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22794
x-xss-protection: 0
server: fife
etag: "v405"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 05:18:31 GMT

GET
H2 200 DO-NOT-IGNORE-THESE-NAIL-CONDITIONS-LINKED-TO-SERIOUS-DISEASES.jpg
1.bp.blogspot.com/-R2J34fLAiDI/Xmgi-Od_3VI/AAAAAAAABAI/odvW2wMgD28qV6CUP2ZwWw9WUXn-b5JpgCLcBGAsYHQ/w350-h210-p-k-no-nu/ 28 KB
28 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-R2J34fLAiDI/Xmgi-Od_3VI/AAAAAAAABAI/odvW2wMgD28qV6CUP2ZwWw9WUXn-b5JpgCLcBGAsYHQ/w350-h210-p-k-no-nu/DO-NOT-IGNORE-THESE-NAIL-CONDITIONS-LINKED-TO-SERIOUS-DISEASES.jpg

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12f08de684c4fa9c099182ff1a93d6edaea811cb9d2c0fbd8b081b65b8637775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:31 GMT
x-content-type-options: nosniff
age: 20
status: 200
content-disposition: inline;filename="DO-NOT-IGNORE-THESE-NAIL-CONDITIONS-LINKED-TO-SERIOUS-DISEASES.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28530
x-xss-protection: 0
server: fife
etag: "v403"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 05:18:31 GMT

GET
H2 200 The-Ultimate-Exercises-For-Improving-Posture.jpg
1.bp.blogspot.com/-TfacsoM8S8c/Xmgh1lj5s_I/AAAAAAAABAA/s9xS111vNPER5nsc_gRrhiG3eP05TixTwCLcBGAsYHQ/w350-h210-p-k-no-nu/ 16 KB
16 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TfacsoM8S8c/Xmgh1lj5s_I/AAAAAAAABAA/s9xS111vNPER5nsc_gRrhiG3eP05TixTwCLcBGAsYHQ/w350-h210-p-k-no-nu/The-Ultimate-Exercises-For-Improving-Posture.jpg

Requested by

Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aa8b9a7c5bcc910c7ea94cefb5f8f02d3dd90301adc185b79d57a30ac1d07b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:31 GMT
x-content-type-options: nosniff
age: 20
status: 200
content-disposition: inline;filename="The-Ultimate-Exercises-For-Improving-Posture.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16358
x-xss-protection: 0
server: fife
etag: "v401"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 05:18:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.healthyfree.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.healthyfree.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 2 Show response
servicer.mgid.com/819574/ 3 KB
2 KB 62ms
62ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/819574/2?w=980&h=231&cols=4&pv=5&cbuster=1584335931229554226490&uniqId=0165d&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.healthyfree.xyz%2F&pageView=0&pvid=170e1c7c75dad9258ec&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944f4adf6beaf0b0df06b04373c6a7fa15d8773fadf900a8bc4554d8107dc894

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 574c041239b2bdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 8ms
7ms Image
text/plain 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1584335931298&ns_c=UTF-8&cv=3.5&c8=Healthy%20Free&c7=https%3A%2F%2Fwww.healthyfree.xyz%2F&c9=
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 05:18:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzA3NTg0LzRjYzExNWVhZjIwOTIwNDIwOTI3N2U4OGRiYjZlMjkzLmpwZw**.webp
s-img.mgid.com/g/4539855/492x328/0x0x492x328/ 41 KB
41 KB 18ms
17ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4539855/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzA3NTg0LzRjYzExNWVhZjIwOTIwNDIwOTI3N2U4OGRiYjZlMjkzLmpwZw**.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d575bc81989510cbeb1b57a8dd428b2113094cca4cb1eb93499b2904073e0af5

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Jan 2020 06:12:27 GMT
server: cloudflare
age: 5871064
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c0412b9fbbdeb-AMS
access-control-allow-origin: *
content-length: 42002

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzEwMTQxL2E1MGIwNjZmOGM3NjI5NzRlYjRhNjk4YmJmNTJhOGZmLmpwZWc*.webp
s-img.mgid.com/g/4079344/492x328/0x52x571x380/ 9 KB
9 KB 20ms
20ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4079344/492x328/0x52x571x380/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzEwMTQxL2E1MGIwNjZmOGM3NjI5NzRlYjRhNjk4YmJmNTJhOGZmLmpwZWc*.webp
Requested by: Host: www.healthyfree.xyz
URL: https://www.healthyfree.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8259bfccf7e622ed6abed58c869e22a2754096b6eed581b8fc237edf19b3dd

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 12:30:48 GMT
server: cloudflare
age: 14854209
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 574c0412b9fdbdeb-AMS
access-control-allow-origin: *
content-length: 9208

GET
H2 200 c
c.mgid.com/ 43 B
180 B 70ms
62ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=235|157|8|9ylDQhQoDoFpH7C4Cm0jMzfci98uooU_xoFGNEOEArfRxx3J7zEnpoVmn9dhoz0M&fw=1&extjs=510&v=235|157|8|P73Hgj1EJkmtD1moU1TDkWQQ2kGCSJ4ZQCIKdMRgC7dYiu8_kDlKtnIIkQs3rmVb&v=235|157|8|9ylDQhQoDoFpH7C4Cm0jM-3zb_T3a8mDsByPscgyRBmqXD6QgKYAM8EhhnOSPpvk&v=235|157|8|9ylDQhQoDoFpH7C4Cm0jM1jQCgbSsKwP87eCEVGVvFvc1T-CR7-r-dB1NThDoCmx&imgdim=1&cid=819574&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=9f110797-6745-11ea-a0bf-d094662f8ab5&tt=Direct&cbuster=1584335931841483570315&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 574c04161bfbbdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 c
c.mgid.com/ 43 B
180 B 62ms
55ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=297|198|8|sH32w4_w-MxpCidfRx6NETfci98uooU_xoFGNEOEAreAK1gjNUyhkm6xi_khhvft&fw=1&extjs=510&v=297|198|8|sH32w4_w-MxpCidfRx6NEe3zb_T3a8mDsByPscgyRBlZNVaaaviVzvQctrz1k1fL&imgdim=1&cid=825761&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=9f0fc33d-6745-11ea-85ba-d094662c24f7&tt=Direct&cbuster=1584335931842563802316&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.healthyfree.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 05:18:51 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 574c04161bfabdeb-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/h/e/healthyfree.xyz.825761.js(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/h/e/healthyfree.xyz.819574.js(Line 9) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
c.mgid.com
cdn.mgid.com
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cm.steepto.com
csync.loopme.me
doc-08-c4-docs.googleusercontent.com
doc-0k-c4-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
healthyfree.xyz
jadserve.postrelease.com
jsc.mgid.com
match.adsrvr.org
pagead2.googlesyndication.com
palladiumpin.com
prod.perf-serving.com
resources.blogblog.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sandbox.bidswitch.net
sb.scorecardresearch.com
servicer.mgid.com
udata.mixmarket.biz
www.blogger.com
www.healthyfree.xyz
x.bidswitch.net
104.111.214.103
104.19.132.78
104.19.139.80
18.185.207.113
216.239.32.21
216.58.205.226
23.105.245.4
23.105.254.36
2a00:1450:4001:800::2002
2a00:1450:4001:806::2013
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2009
2a00:1450:4001:815::2003
2a00:1450:4001:81f::2001
34.234.137.236
35.212.212.222
46.4.31.20
52.29.126.123
52.50.175.184
52.59.108.16
95.216.106.100
02cf79c97db75eb2dbbf2f87d9ab2247f8d3f51497a39ddc6776ce128caa816a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
12f08de684c4fa9c099182ff1a93d6edaea811cb9d2c0fbd8b081b65b8637775
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
1afb32d537e6f7dd0cfd8fa592aa06afe826e9208247a52b503bd2cb06206f41
1f8259bfccf7e622ed6abed58c869e22a2754096b6eed581b8fc237edf19b3dd
289323e998586e08acecfa33b134cfefde757a5436758ca329193fd612bfcac8
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
4ef21be6beb9b7ab75d0d846a423ba20a41f9d8d724bcb4cf8de99d286adbbc0
4f9f64364378930386481cef33521cd3321e4d181b47f3550f47c7d8ebb51a0d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565a182d06fe331b55193b05f1aeb0de2f683aea827d2e95f80b31862106a001
573bcc4c08e15d8cc439f6ceedd01d4612d7559c660bd7f221d7da40e4b7ce53
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7254dae38a01964b659131b7332f95b8a7b7df5fb121a2abd98b3b3051a47fc7
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
8e1fb1b8650c9087e53f8644ba6c378f421f3a0a0c39449ec5219f304a98f565
8e9d43d1cd4e0a3cd50c8565039834bbf475a5f9924d47f4123f2c3f34b4f2c4
8fd8bd35fcf5bc4ef908c8c8ff5703433c37f03aa50e1f9e2986af4580f7023d
944f4adf6beaf0b0df06b04373c6a7fa15d8773fadf900a8bc4554d8107dc894
94d51cc1cc7bf437b7488c42cc1611058d54a567917e30b35d5f3294849ea952
969a59fbea5ab027be5bc20e975f86d1745d8eb571314c8d3334417a7601bd1f
9fa85dd35285df5c97c839f91e1ef88d9d1c5c6a483ad0b8ae6a657f288c2516
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3d574e315196403e03338bbf7a9b0b20e8983ffe61363f2c3ec7e5343626c3f
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8b9a7c5bcc910c7ea94cefb5f8f02d3dd90301adc185b79d57a30ac1d07b86
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
cf26dcd0d0194d2f7fc6bd4990a43e06d36da5207e61c61de4bb6b9f13528fb1
cf906d01263278060b741458f12168408bc75364cc405683443181210e92af71
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
d575bc81989510cbeb1b57a8dd428b2113094cca4cb1eb93499b2904073e0af5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
f4bbacbf2901a91a5ac707bc8428d5a50c63a23736d13c60d0f803bbbe6339ea
f64771621f48c8eff58c25586eba070cc88f42ea1f37cc34d096dd2748d83369
fe7be23d6fbdf38bbce327f350c70751155e47efa4e6163aef62bdd324354c05

www.healthyfree.xyz Open in urlscan Pro 2a00:1450:4001:806::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

38 %IPv6

23 Domains

32 Subdomains

15 IPs

6 Countries

671 kBTransfer

1102 kBSize

0 Cookies

19 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.healthyfree.xyz Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

38 %
IPv6

23
Domains

32
Subdomains

15
IPs

6
Countries

671 kB
Transfer

1102 kB
Size

0
Cookies

53 HTTP transactions
2 data transactions