urlscan.io logo urlscan.io
SecurityTrails logo

movefreeagain.com Open in urlscan Pro
2606:4700:3032::ac43:8639  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.healthyguidence.com/?ids=ODEyNDQ2NjMw__MTE1NTQ=__MTM1NTg4MjI5__MTEyMg==__1745__6236&t=c&url=aHR0cHMlM0ElMkYlMkZsaW5r...
Effective URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Submission: On July 17 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3032::ac43:8639, located in and belongs to . The main domain is movefreeagain.com.
TLS certificate: Issued by GTS CA 2P2 on May 18th 2023. Valid for: 3 months.
This is the only time movefreeagain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    85.159.117.4 (Sterling, United States)

ASN49006 (SISTEME, MD)
click.healthyguidence.com
2    2606:4700:3037::6815:5e38 (United States)

ASN13335 (CLOUDFLARENET, US)
links.healthlibraryth.com
10    2606:4700:3032::ac43:8639 (None, )

ASN- ()
movefreeagain.com
1    2001:4de0:ac18::1:a:2a (None, )

ASN- ()
code.jquery.com
1    2a04:4e42:600::485 (None, )

ASN- ()
cdn.jsdelivr.net
3    2a00:1450:4001:801::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2606:4700:3108::ac42:2b73 (None, )

ASN- ()
display.buygoods.com
2    2a00:1450:4001:827::200e (None, )

ASN- ()
www.google-analytics.com
2    2606:4700:3108::ac42:288d (None, )

ASN- ()
tracking.buygoods.com
2    192.229.220.49 (None, )

ASN- ()
fast.vidalytics.com
Domain Requested by
10 movefreeagain.com links.healthlibraryth.com
movefreeagain.com
3 www.googletagmanager.com movefreeagain.com
www.googletagmanager.com
2 fast.vidalytics.com movefreeagain.com
fast.vidalytics.com
2 tracking.buygoods.com movefreeagain.com
2 www.google-analytics.com movefreeagain.com
www.google-analytics.com
2 links.healthlibraryth.com links.healthlibraryth.com
1 display.buygoods.com movefreeagain.com
1 cdn.jsdelivr.net movefreeagain.com
1 code.jquery.com movefreeagain.com
1 click.healthyguidence.com
0 googleads.g.doubleclick.net Failed www.googletagmanager.com
0 www.buygoods.com Failed movefreeagain.com
29 12

This site contains no links.

Subject Issuer Validity Valid
click.healthyguidence.com
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
healthlibraryth.com
GTS CA 1P5		 2023-07-11 -
2023-10-09		 3 months crt.sh
movefreeagain.com
GTS CA 2P2		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-08 -
2023-12-08		 a year crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-30 -
2023-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Frame ID: 2BAA5A5C84AF01AFFCC7C736BC5CB6C4
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.healthyguidence.com/?ids=ODEyNDQ2NjMw__MTE1NTQ=__MTM1NTg4MjI5__MTEyMg==__1745__6236&t=c&url=aHR0... Page URL
  2. https://links.healthlibraryth.com/1fu1 Page URL
  3. https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

86 %
HTTPS

80 %
IPv6

10
Domains

12
Subdomains

11
IPs

1
Countries

467 kB
Transfer

3417 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.healthyguidence.com/?ids=ODEyNDQ2NjMw__MTE1NTQ=__MTM1NTg4MjI5__MTEyMg==__1745__6236&t=c&url=aHR0cHMlM0ElMkYlMkZsaW5rcy5oZWFsdGhsaWJyYXJ5dGguY29tJTJGMWZ1MQ== Page URL
  2. https://links.healthlibraryth.com/1fu1 Page URL
  3. https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
click.healthyguidence.com/ 		86 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.healthyguidence.com/?ids=ODEyNDQ2NjMw__MTE1NTQ=__MTM1NTg4MjI5__MTEyMg==__1745__6236&t=c&url=aHR0cHMlM0ElMkYlMkZsaW5rcy5oZWFsdGhsaWJyYXJ5dGguY29tJTJGMWZ1MQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.159.117.4 Sterling, United States, ASN49006 (SISTEME, MD),
Reverse DNS
Software
nginx /
Resource Hash
e0fbf11fce8f5ddc01e1592939b242248b32bf776c4d7722c50fb3764a0a75c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jul 2023 00:48:03 GMT
Server
nginx
Transfer-Encoding
chunked
1fu1
links.healthlibraryth.com/ 		659 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://links.healthlibraryth.com/1fu1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://click.healthyguidence.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7e7e7a273d11bb50-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 17 Jul 2023 00:48:08 GMT
expires
Mon, 07 Jul 1777 07:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKyp%2FxjKm11ZmOlYQan1%2FJkrG4z6dLCckOZ%2BBnUaKguDLaa3gjYXkNo6chLqsC5Out25gjDbZ4D7HVK6uZQklKOn%2B8EWBKvuTk6U0JWQteyLoFWDcavrRRw9Z%2BLHlLf4WNMguaiscRnRdZBaCpQqKNrP5eAb4K%2Bc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-powered-by
Pretty Link Executive 3.4.2 http://prettylink.com
x-robots-tag
noindex, nofollow
javascript-redirect.js
links.healthlibraryth.com/wp-content/plugins/pretty-link/pro/js/ 		99 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://links.healthlibraryth.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.4.2
Requested by
Host: links.healthlibraryth.com
URL: https://links.healthlibraryth.com/1fu1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://links.healthlibraryth.com/1fu1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 May 2023 11:21:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1969
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjVUrpvRo%2BLFCLoHdIBB6Z%2FOinRDX2cPHvOX2fcU5DV7Zc3uz3U6LRiuO1b8GPcm9Os40orRmCNdgsAN3sRaebXFW%2BVxbseEIE7G25MD5Rmf6506MLS0FKyDZy5ZBSMtHhXwvzemlVZJ9XbiZSjZ%2BfXGBqEOGNay"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e7e7a449faebb50-FRA
alt-svc
h3=":443"; ma=86400
Primary Request bgvsl
movefreeagain.com/ 		90 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Requested by
Host: links.healthlibraryth.com
URL: https://links.healthlibraryth.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a43b17f2d4f69b4163615d01ce68bc91ec22a6463ee2d12413b3a0aa68e28d66
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com movefreeagain.com movefreeagain-com.cbsplit.com ;

Request headers

Referer
https://links.healthlibraryth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7e7e7a45f8f4372e-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self' cbsplit.com movefreeagain.com movefreeagain-com.cbsplit.com ;
content-type
text/html; charset=utf-8
date
Mon, 17 Jul 2023 00:48:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWddgG6HpdkpvAcUt6NCuSABzU3m5dA6wX9u9zbHL0kuO1Cfti%2FGPSl4WmiZ3oi5aTgHpzvRFVWYTlIncHtFFi6m4thWqPSgx8Q7AM4OgPxpMt0XkXdScsN3H7YhajBA%2BvGuZaHW%2FN8CcoT%2BVbD7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1689554889.dop231.am5.t,1689554889.cds115.am5.hn,1689554889.cds004.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 00:48:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
10107500
x-jsd-version
4.6.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26373
x-served-by
cache-fra-eddf8230052-FRA
x-jsd-version-type
version
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.accordion.js
movefreeagain.com/Sale-Page/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/Sale-Page/js/jquery.accordion.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
52ebd11f52cf3b16a96416ea669e19dd011f69dd5811b169828ab79d642dce8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40864
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 18 Nov 2022 18:07:25 GMT
server
cloudflare
etag
W/"6377c9dd-2007"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evRkK0f%2Ff%2BQwOeUDcB3W1q3iCcJdMIt5OCNT0VYumgxmQ9EO1dV%2BCOxsxI88vXvIlUcxkJeUS2B5NAmQVKYAYJPaeY6Fc2RKyLvJ7XltRrVBWEuYnlGbQ9kd4ZCVZ7Be8q%2F8TQCWQzKI%2F3cEnqtqvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
7e7e7a499b95372e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vl_toggleMobile.js
movefreeagain.com/js/ 		636 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/js/vl_toggleMobile.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f868eecaab3ed26383100ebe97dc4d75ae6b505fe08bb96c58c4b7dcec2ee6ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438178
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Mon, 20 Feb 2023 17:58:08 GMT
server
cloudflare
etag
W/"63f3b4b0-27c"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr8lTiasgscBiez4asL2lSmo%2BPiN611g5sjvxAQf70BBVQRbsEr3o%2FVrykHmTcw6QNZ03Is2br1W7Jy%2B%2FQR6XoRLkEpJh8kjVKz1kaRd%2FxNq%2BCtQ3wKkjvgpduOZ2v4HI%2BYCsTLsPDMkxp3sG4cxog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
7e7e7a499b96372e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11029917231
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8899a428ce56f39be60e4ff657854fa8967520e93400df9efe96ce60fa8be09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70208
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 00:48:09 GMT
visits
movefreeagain.com/api/ 		0
0
js
www.googletagmanager.com/gtag/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10827529561
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3556c05f860edf3bb352b352e2162537a230e1e37a9c28f0c7bf33d9a8038160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71570
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 00:48:09 GMT
exiticon.png
movefreeagain.com/images/plvsl/ 		260 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movefreeagain.com/images/plvsl/exiticon.png
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
456df1503c8a2fb893cd4b9f9b364b72142af32eb70646edb63d3602b4825e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40516
alt-svc
h3=":443"; ma=86400
content-length
260
pragma
public
last-modified
Thu, 13 Apr 2023 16:26:02 GMT
server
cloudflare
etag
"64382d1a-104"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6b7fJKoAojuxNQbisbc8b7N78le5d2k%2BBX2TaXFfHAUH1FI2Oj4cuSOo5UuN2U12u6Y1DEUkPf4jLNUE4sNgCYztCZkvRvw%2FAtcM06sEbwoc6aPcnYJB8%2BMT8sMnxxMepuzoeMxaiJMJkrSS4sD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7e7e7a4a1c075ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
nanoease.png
movefreeagain.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://movefreeagain.com/images/nanoease.png
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8a99395b61cb8af2e8c62f0e2b75336de653919321ff71baff4e9e084d0d75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40516
alt-svc
h3=":443"; ma=86400
content-length
1837
pragma
public
last-modified
Thu, 13 Apr 2023 18:57:39 GMT
server
cloudflare
etag
"643850a3-72d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxZyk%2FppMcA0RumJIwQMtnRSsTW%2BQuyheo%2BjZJJc5qRSoo89BCX15ivMfJYVNusNKoEy9Fv1lZtF8S%2B9Rzertrr2Cdw7R8syFiLMwLkCIHGoHhcNTndnrr9cSjglmmxy5hnJEacdye0LMm4JkJY1gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7e7e7a4a1c095ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
movefreeagain.com/js/lib/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/js/lib/bootstrap.min.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40518
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 18 Nov 2022 16:55:18 GMT
server
cloudflare
etag
W/"6377b8f6-eb0e"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BAfCJgmm3Avr0TGKv%2BQACARFNpbAzPOtss0zVBfA6yPZ2CZFKIWTiec%2FTMo%2BtnWCuSKs7ThHHaerna9fkUsFVSi7B8%2BGnX4yJ43RH22URUdwHjEQjCCGvNRvz2Ql7fswJ0LqyE9Vd3TXqWCNYnSeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
7e7e7a49ebed5ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vslyt_func.js
movefreeagain.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/js/vslyt_func.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
96c453dd563e8249462edbdc7c1effddb803ebd5067868c8d85b3b49d50180ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40517
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Thu, 20 Apr 2023 17:28:16 GMT
server
cloudflare
etag
W/"64417630-3bb4"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHI2cznCl03AdYUx5thEabxPVvemCgrXGLReLC%2FGl%2BsTI5mv7gm27BJN%2BBOJK8VoXESr3QWTpw2lV0WjSCen5J1oYb63d1jC8ixQxl%2Fuvx66ThIfb21VDlytxaPT0vCktNUj1pueHZGE3nbC3kVi%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
7e7e7a4a0bfd5ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
disclaimer
display.buygoods.com/v1/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=8081
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b73 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
x-server
WEB_3_7500
cf-ray
7e7e7a4a6cfb4d76-FRA
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 23:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 17 Jul 2023 01:04:37 GMT
/
tracking.buygoods.com/track/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=8081&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Flinks.healthlibraryth.com%2F&sessid2=&product=nano1,nano3,nano6&funnel_step=22&funnel_codename=6&caller_url=https%3A%2F%2Fmovefreeagain.com%2Fbgvsl%3Faff_id%3D250%26subid%3D4ojop0716nanoease
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:288d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c79a410d7a696f7778fa4cb616e1386fe62315a0fe28fef43cb1a4e8af1ea5be
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-server
WEB_6_7780
cf-ray
7e7e7a4a4bb82be6-FRA
expires
Tue, Jan 12 1999 01:01:01 GMT
/
tracking.buygoods.com/track/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=8081&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Flinks.healthlibraryth.com%2F&sessid2=&product=nano1b,nano3b,nano6b&funnel_step=2&funnel_codename=2&caller_url=https%3A%2F%2Fmovefreeagain.com%2Fbgvsl%3Faff_id%3D250%26subid%3D4ojop0716nanoease
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:288d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f28750efd0556fb23a1e3b0d63998338f1aa32ab186c6b1413fc207402c35f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-server
WEB_3_7780
cf-ray
7e7e7a4a4bb92be6-FRA
expires
Tue, Jan 12 1999 01:01:01 GMT
Graphik-Medium.woff2
movefreeagain.com/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/fonts/Graphik-Medium.woff2
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2dddd42fc88f5a216a5c8fa76c50c02c59a358c18ab3eeaf5bf8f26cd0e02cd5

Request headers

Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Origin
https://movefreeagain.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40516
alt-svc
h3=":443"; ma=86400
content-length
40164
pragma
public
last-modified
Fri, 18 Nov 2022 17:01:49 GMT
server
cloudflare
etag
"6377ba7d-9ce4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqkqbOxMWFkWX%2BtTfwgAgS%2B49XiMqtatt3cfnlcPM53USKIey2R7oBM8DbN7t%2B2oDo98CUEuXKwJ%2BZTVI0AAEttC1cbwmK73YEKlvimdI3JQzVN3zB6i5AHVmRKqtLPY%2Ff3T6fJPIYwXTKV2iRR9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7e7e7a4a2c115ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Graphik-Bold.woff2
movefreeagain.com/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/fonts/Graphik-Bold.woff2
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
590024afac18d7fc3fce6bbea6d8f677afd7b7471a961421979f1e64fa752422

Request headers

Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Origin
https://movefreeagain.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40516
alt-svc
h3=":443"; ma=86400
content-length
40112
pragma
public
last-modified
Fri, 18 Nov 2022 17:01:49 GMT
server
cloudflare
etag
"6377ba7d-9cb0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcQN9EQ5u%2B6WEa%2FgWpxb%2Ba3VmKtmA5e229%2FBgWiQx0bFKktksHSGGf3UTX%2B2xt9QiPRKQQzPTUyhc%2BWlM%2BjWuVKlfFBTEpwoDg%2FI1AX2Qmcgo%2BsJISu3n1ewbN2wow%2FkqOAUT09lqJwKnbv0OgJDfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7e7e7a4a2c125ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Graphik-Regular.woff2
movefreeagain.com/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://movefreeagain.com/fonts/Graphik-Regular.woff2
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8639 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
41bcf6d77e7f54e9623a96feb0b0dceeb412c9b6386aff8281820dbfcf56d94a

Request headers

Referer
https://movefreeagain.com/bgvsl?aff_id=250&subid=4ojop0716nanoease
Origin
https://movefreeagain.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40516
alt-svc
h3=":443"; ma=86400
content-length
37500
pragma
public
last-modified
Fri, 18 Nov 2022 17:01:49 GMT
server
cloudflare
etag
"6377ba7d-927c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3Qs1qpQi%2FFPsX9F7KnR5cBq7nQx2eR%2F3R6MRmNsme%2FSH%2F94SiDwRsGtdsjZ1ep9TgdGTzin%2FlXnCCL6ahDQ%2FIpDE%2BrpfJPi4sn4vDFeLl8mzCV8JGk4ixUQehzOwQVNnhgcRgZcgqxGk0Q30G6XMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7e7e7a4a2c135ca4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.min.js
fast.vidalytics.com/embeds/jdhYaPoK/k_XK3iGVKiSEpwTB/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/embeds/jdhYaPoK/k_XK3iGVKiSEpwTB/loader.min.js
Requested by
Host: movefreeagain.com
URL: https://movefreeagain.com/js/vslyt_func.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
fe368990bcb55933283b6e0b8a52f21807539ddef53bcef10a92c2d8d5ace411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
gzip
x-cdn
3
x-guploader-uploadid
ADPycdvZH6AgWsfJhU1eggNtzYv5ex-lOXmWj5wohCkXRQ_Gaff4xQTQ8xVTEimwaZ6_ZDO8gs82_l1nLFPj8z8rT14Jgw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 18 Apr 2023 20:16:53 GMT
server
UploadServer
x-cdn-info
loader
etag
"a20dddd0e5cd1a681cf05f54a00e458c"
vary
Accept-Encoding
x-goog-generation
1681849013336697
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=TSfrKw==, md5=og3d0OXNGmgc8F9UoA5FjA==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
no-store, private, max-age=0, s-max-age=0
x-goog-stored-content-length
10566
accept-ranges
bytes
expires
Mon, 17 Jul 2023 00:48:09 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=107776856&t=pageview&_s=1&dl=https%3A%2F%2Fmovefreeagain.com%2Fbgvsl%3Faff_id%3D250%26subid%3D4ojop0716nanoease&dr=https%3A%2F%2Flinks.healthlibraryth.com%2F&ul=en-us&de=UTF-8&dt=Secret%20Relief%20Remedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=479424928&gjid=541308789&cid=1859132679.1689554889&tid=AW-11029917231&_gid=1153101981.1689554889&_r=1&_slc=1&z=2006367564
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://movefreeagain.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 00:48:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://movefreeagain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
buygoods_black.png
www.buygoods.com/images/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11029917231/ 		0
0
js
www.googletagmanager.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10827529561&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11029917231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04be2d522995b3447297d319a8839c3528995b0c1ff3b799fa365ec64a215640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71693
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 00:48:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10827529561/ 		0
0
player-dash-mse.min.js
fast.vidalytics.com/embeds/jdhYaPoK/k_XK3iGVKiSEpwTB/ 		2 MB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/embeds/jdhYaPoK/k_XK3iGVKiSEpwTB/player-dash-mse.min.js?hash=sigvgii
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/jdhYaPoK/k_XK3iGVKiSEpwTB/loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4C9A) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://movefreeagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 00:48:09 GMT
content-encoding
gzip
x-cdn
3
age
2466379
x-guploader-uploadid
ADPycdt5L5VLREr1EUmsGQFuL85_zWFCjrR__H5aFHacQLZb7ml8QSj0MUmQgf_LqtO_T13NUR6GvindffgaVP6of6G4iq3-vrAi
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617326
last-modified
Tue, 18 Apr 2023 20:16:53 GMT
server
ECAcc (frc/4C9A)
etag
"41be8b5814d9fed76a3941b6dd0cf44f"
vary
Accept-Encoding
x-goog-generation
1681849013764525
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=oj2IHw==, md5=Qb6LWBTZ/tdqOUG23Qz0Tw==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=300, s-maxage=2592000
x-goog-stored-content-length
617326
accept-ranges
bytes
expires
Wed, 16 Aug 2023 00:48:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
movefreeagain.com
URL
https://movefreeagain.com/api/visits?page_id=36&page_version=&request_id=A29E6E87%3A82FA_D197C0D8%3A01BB_64B48FC8_30EC8C%3A14A04E&querystring=aff_id%3D250%26subid%3D4ojop0716nanoease&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Flinks.healthlibraryth.com%2F
Domain
www.buygoods.com
URL
https://www.buygoods.com/images/buygoods_black.png
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11029917231/?random=1689554889555&cv=11&fst=1689554889555&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmovefreeagain.com%2Fbgvsl%3Faff_id%3D250%26subid%3D4ojop0716nanoease&ref=https%3A%2F%2Flinks.healthlibraryth.com%2F&hn=www.googleadservices.com&frm=0&tiba=Secret%20Relief%20Remedy&auid=1646450020.1689554890&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827529561/?random=1689554889580&cv=11&fst=1689554889580&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmovefreeagain.com%2Fbgvsl%3Faff_id%3D250%26subid%3D4ojop0716nanoease&ref=https%3A%2F%2Flinks.healthlibraryth.com%2F&hn=www.googleadservices.com&frm=0&tiba=Secret%20Relief%20Remedy&auid=1646450020.1689554890&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
links.healthlibraryth.com/ Name: prli_click_10
Value: 1fu1
links.healthlibraryth.com/ Name: prli_visitor
Value: 64b48fc47252f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
click.healthyguidence.com
code.jquery.com
display.buygoods.com
fast.vidalytics.com
googleads.g.doubleclick.net
links.healthlibraryth.com
movefreeagain.com
tracking.buygoods.com
www.buygoods.com
www.google-analytics.com
www.googletagmanager.com
googleads.g.doubleclick.net
movefreeagain.com
www.buygoods.com
192.229.220.49
2001:4de0:ac18::1:a:2a
2606:4700:3032::ac43:8639
2606:4700:3037::6815:5e38
2606:4700:3108::ac42:288d
2606:4700:3108::ac42:2b73
2a00:1450:4001:801::2008
2a00:1450:4001:827::200e
2a04:4e42:600::485
85.159.117.4
04be2d522995b3447297d319a8839c3528995b0c1ff3b799fa365ec64a215640
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2dddd42fc88f5a216a5c8fa76c50c02c59a358c18ab3eeaf5bf8f26cd0e02cd5
3556c05f860edf3bb352b352e2162537a230e1e37a9c28f0c7bf33d9a8038160
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
41bcf6d77e7f54e9623a96feb0b0dceeb412c9b6386aff8281820dbfcf56d94a
456df1503c8a2fb893cd4b9f9b364b72142af32eb70646edb63d3602b4825e8b
4b8a99395b61cb8af2e8c62f0e2b75336de653919321ff71baff4e9e084d0d75
52ebd11f52cf3b16a96416ea669e19dd011f69dd5811b169828ab79d642dce8f
590024afac18d7fc3fce6bbea6d8f677afd7b7471a961421979f1e64fa752422
8899a428ce56f39be60e4ff657854fa8967520e93400df9efe96ce60fa8be09c
96c453dd563e8249462edbdc7c1effddb803ebd5067868c8d85b3b49d50180ca
a43b17f2d4f69b4163615d01ce68bc91ec22a6463ee2d12413b3a0aa68e28d66
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
c79a410d7a696f7778fa4cb616e1386fe62315a0fe28fef43cb1a4e8af1ea5be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fbf11fce8f5ddc01e1592939b242248b32bf776c4d7722c50fb3764a0a75c6
f1f28750efd0556fb23a1e3b0d63998338f1aa32ab186c6b1413fc207402c35f
f868eecaab3ed26383100ebe97dc4d75ae6b505fe08bb96c58c4b7dcec2ee6ee
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fe368990bcb55933283b6e0b8a52f21807539ddef53bcef10a92c2d8d5ace411
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e