healthlifestyle.science Open in urlscan Pro
2606:4700:3033::ac43:a1df  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response healthlifestyle.science/	5 KB 3 KB	234ms 234ms	Document text/html	2606:4700:3033::ac43:a1df CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:a1df , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 380231e091ba2a3cb56cd3ce9c607bbbd6358390ccaaa94d6512403b996219a2 Request headers :method GET :authority healthlifestyle.science :scheme https :path /?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 14 Oct 2020 19:27:34 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=df319c01e18c82688fbd35a19d905b1b61602703654; expires=Fri, 13-Nov-20 19:27:34 GMT; path=/; domain=.healthlifestyle.science; HttpOnly; SameSite=Lax link <https://healthlifestyle.science/wp-json/>; rel="https://api.w.org/" <https://wp.me/a1jGU>; rel=shortlink vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 05ca2e14bb0000634d00248000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602703654"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e23b2cdf9c5634d-FRA content-encoding br
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/	115 KB 19 KB	34ms 17ms	Stylesheet text/css	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:27:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:34:07 GMT status 200 etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 19240
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/	21 KB 5 KB	39ms 23ms	Stylesheet text/css	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:27:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:35:19 GMT status 200 etag "1544639719" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 5041
GET H2	200	jquery-1.11.2.min.js Show response code.jquery.com/	94 KB 33 KB	23ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.11.2.min.js Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:27:34 GMT content-encoding gzip last-modified Wed, 17 Dec 2014 16:05:21 GMT server nginx status 200 etag W/"5491a9c1-176bb" vary Accept-Encoding x-hw 1602703654.dop007.fr8.t,1602703654.cds227.fr8.hc,1602703654.cds202.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33262
GET H2	200	fuckadblock.js Show response healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/	7 KB 2 KB	14ms 13ms	Script application/javascript	2606:4700:3033::ac43:a1df CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:a1df , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cfa6f931871fcbb7bb9226382dfbd920dd74d1427305a271136b0d3df623c38 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 14 Oct 2020 19:27:34 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 91 status 200 cf-request-id 05ca2e15ab0000634d0e2f0000000001 last-modified Fri, 17 Apr 2020 20:40:16 GMT server cloudflare etag W/"1b0a-5a3828e8a3062-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602703654"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=7200 cf-ray 5e23b2cf7a51634d-FRA
GET H2	200	widget2.aspx Show response api.content-ad.net/Scripts/	16 KB 4 KB	541ms 181ms	Script text/javascript	52.39.93.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.content-ad.net/Scripts/widget2.aspx?id=2c4c44ca-f5af-4c10-a783-21307a4461a9&d=aGVhbHRobGlmZXN0eWxlLnNjaWVuY2U%3D&wid=689739&cb=1602703654373 Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.39.93.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-39-93-93.us-west-2.compute.amazonaws.com Software / Resource Hash 28b0ec9fcdd39639b48893ce5001234f7fe501467ea05413ed1c06e219db9080 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 14 Oct 2020 19:27:34 GMT content-encoding gzip content-type text/javascript;charset=ISO-8859-1 vary accept-encoding content-language en-US
GET H2	200	GetWidget.aspx Show response api.content-ad.net/	19 KB 5 KB	185ms 185ms	Script text/javascript	52.39.93.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.content-ad.net/GetWidget.aspx?id=2c4c44ca-f5af-4c10-a783-21307a4461a9&d=aGVhbHRobGlmZXN0eWxlLnNjaWVuY2U=&wid=689739&cb=1602703654373&lazyLoad=false&server=api.content-ad.net&title=Year-end%2520Health%2520Savings%2520Account%2520Tax%2520Strategies&url=https%3A%2F%2Fhealthlifestyle.science%2F%3Fgo%3DaHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3&ik=2020101412_cbc06bda0be5128a4f5280da1e5f466a&ikb=cbc06bda0be5128a4f5280da1e5f466a&ls=ip-172-18-3-59.ec2.internal Requested by Host: api.content-ad.net URL: https://api.content-ad.net/Scripts/widget2.aspx?id=2c4c44ca-f5af-4c10-a783-21307a4461a9&d=aGVhbHRobGlmZXN0eWxlLnNjaWVuY2U%3D&wid=689739&cb=1602703654373 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.39.93.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-39-93-93.us-west-2.compute.amazonaws.com Software / Resource Hash a5bf42b64f1a442957308ec374a64b6c334150fdf5673ef2596572d21161bee2 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 14 Oct 2020 19:27:35 GMT content-encoding gzip status 200 vary accept-encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: api.content-ad.net URL: https://api.content-ad.net/GetWidget.aspx?id=2c4c44ca-f5af-4c10-a783-21307a4461a9&d=aGVhbHRobGlmZXN0eWxlLnNjaWVuY2U=&wid=689739&cb=1602703654373&lazyLoad=false&server=api.content-ad.net&title=Year-end%2520Health%2520Savings%2520Account%2520Tax%2520Strategies&url=https%3A%2F%2Fhealthlifestyle.science%2F%3Fgo%3DaHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3&ik=2020101412_cbc06bda0be5128a4f5280da1e5f466a&ikb=cbc06bda0be5128a4f5280da1e5f466a&ls=ip-172-18-3-59.ec2.internal Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Sep 2020 01:50:37 GMT server Golfe2 age 717 date Wed, 14 Oct 2020 19:15:38 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18650 expires Wed, 14 Oct 2020 21:15:38 GMT
GET H/1.1	200 OK	lib.min.js Show response d32oduq093hvot.cloudfront.net/templates/library/	27 KB 7 KB	116ms 38ms	Script application/javascript	65.9.94.172 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1602703655127 Requested by Host: api.content-ad.net URL: https://api.content-ad.net/GetWidget.aspx?id=2c4c44ca-f5af-4c10-a783-21307a4461a9&d=aGVhbHRobGlmZXN0eWxlLnNjaWVuY2U=&wid=689739&cb=1602703654373&lazyLoad=false&server=api.content-ad.net&title=Year-end%2520Health%2520Savings%2520Account%2520Tax%2520Strategies&url=https%3A%2F%2Fhealthlifestyle.science%2F%3Fgo%3DaHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3&ik=2020101412_cbc06bda0be5128a4f5280da1e5f466a&ikb=cbc06bda0be5128a4f5280da1e5f466a&ls=ip-172-18-3-59.ec2.internal Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.172 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f1cf56268a763e90b06b69655ae7bf4d5939da22c8c267c90379498477443dc4 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id x1OZhN4QbHveG_FdN47zFV6jyc_iI4tz Content-Encoding gzip Vary Accept-Encoding Last-Modified Wed, 23 Sep 2020 21:11:38 GMT Server AmazonS3 Age 32930 ETag "a0f63efc2ab026ddcd8b5c94a5dd96d8" Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront) Connection keep-alive Date Wed, 14 Oct 2020 10:18:46 GMT X-Amz-Cf-Pop PRG50-C1 X-Amz-Cf-Id 6paUPCGXIWrAAOFx7R0ZmE-hj-5TlWj0faukUR6O-PyYefjHsQWbDg==
GET H/1.1	200 OK	aa0f413ea0f320e5852d23d11620d64e.jpg d3dytsf4vrjn5x.cloudfront.net/134154/300x250/	16 KB 17 KB	132ms 52ms	Image image/jpeg	65.9.94.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3dytsf4vrjn5x.cloudfront.net/134154/300x250/aa0f413ea0f320e5852d23d11620d64e.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.86 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 866bd2901490f46b519ce568542d311612d040a48ce36a2de380b737318a72b9 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 14 Oct 2020 16:35:21 GMT Via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) Last-Modified Tue, 13 Oct 2020 15:51:15 GMT Server AmazonS3 Age 10339 ETag "a2141b6fe3ff027593a2850da2eb25bb" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 16764 X-Amz-Cf-Id I19ulVputmYcb9DhnG1aHZ9Qhdr8JcDEqOGLn5Lu4RT14bgno5OVVw==
GET H/1.1	200 OK	3aa1a9eeeaa74c9b61b0dcfffd354b5f.jpg d3dytsf4vrjn5x.cloudfront.net/134154/300x250/	13 KB 13 KB	120ms 41ms	Image image/jpeg	65.9.94.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3dytsf4vrjn5x.cloudfront.net/134154/300x250/3aa1a9eeeaa74c9b61b0dcfffd354b5f.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.86 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 954d648cbef33855c8b8de89c0047fb104dec60fef5a93810d17945e1ba6a25e Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 14 Oct 2020 13:15:51 GMT Via 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront) Last-Modified Tue, 13 Oct 2020 12:51:11 GMT Server AmazonS3 Age 22304 ETag "9cc7d4bae4c4ca67568b57c7641631fc" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 13203 X-Amz-Cf-Id xNdnsfXs98I-Appfk1eg94KKrzvL75bynKUB9XkglcP1JAC4L5A-aw==
GET H/1.1	200 OK	b2e2b57dbf6d606171b59dda23ff43a2.jpg d3dytsf4vrjn5x.cloudfront.net/134154/300x250/	21 KB 21 KB	132ms 53ms	Image image/jpeg	65.9.94.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3dytsf4vrjn5x.cloudfront.net/134154/300x250/b2e2b57dbf6d606171b59dda23ff43a2.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.86 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dcf626d60a2a76465d03b340d4491834b0e30d872ea086cd5b0c4d551afbfda Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 14 Oct 2020 09:05:36 GMT Via 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront) Last-Modified Tue, 13 Oct 2020 08:51:09 GMT Server AmazonS3 Age 37354 ETag "ffb88e78132d48b439524091da1c7c50" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 21359 X-Amz-Cf-Id YalGhd_uX3odm-5ygsAtQCl03OWsUl9XTky-QX7PXWwGvxvIkSBoMQ==
GET H/1.1	200 OK	63b0f0fec196e515ff0c5adb7245557c.jpg d3dytsf4vrjn5x.cloudfront.net/134154/300x250/	12 KB 13 KB	119ms 39ms	Image image/jpeg	65.9.94.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3dytsf4vrjn5x.cloudfront.net/134154/300x250/63b0f0fec196e515ff0c5adb7245557c.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.86 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d35accafaaff6e3981094ea7de1fe921736906cd6d651a0a54f2a544432d2711 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 14 Oct 2020 11:53:51 GMT Via 1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront) Last-Modified Tue, 13 Oct 2020 11:51:08 GMT Server AmazonS3 Age 27225 ETag "d56ff964e57d89e518d70e00d83def96" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 12338 X-Amz-Cf-Id F_ddf9qWhiVSNqVB0yRdlZv40fNBqO46z2z9O4xw4e46opjXH9mSuA==
GET H2	200	px.gif api.content-ad.net/	42 B 240 B	181ms 179ms	Image image/gif	52.39.93.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api.content-ad.net/px.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.39.93.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-39-93-93.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 14 Oct 2020 19:27:35 GMT content-encoding gzip vary accept-encoding content-type image/gif
GET H/1.1	200 OK	c_ad_logo.png d32oduq093hvot.cloudfront.net/icons/	3 KB 4 KB	116ms 38ms	Image image/png	65.9.94.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d32oduq093hvot.cloudfront.net/icons/c_ad_logo.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.172 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null Via 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront) Last-Modified Fri, 08 Jul 2016 21:51:57 GMT Server AmazonS3 Age 69724 ETag "f12843a46b53859feb8df76010acd492" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Date Wed, 14 Oct 2020 03:41:19 GMT X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 3387 X-Amz-Cf-Id 9O3OgXcjFH8ujOHcga2eWEx58GW4ozpZhXS5eSyXgCjTKHHOtb56Ng==
GET H2	250	vw.gif api.content-ad.net/px/	31 B 31 B	179ms 177ms	Image text/plain	52.39.93.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api.content-ad.net/px/vw.gif?s=ip-172-18-1-20.ec2.internal&ip=82.102.18.114&wid=689739&cb=1602703655017&c=FR&d=&ik=2020101412_cbc06bda0be5128a4f5280da1e5f466a&haid=106209&hdid=302480&user=4cf5d54f80ef452002dfc2605f69d947f16f5dd575389808891371915dd7ef64 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.39.93.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-39-93-93.us-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 250 date Wed, 14 Oct 2020 19:27:35 GMT server awselb/2.0 content-length 31 content-type text/plain; charset=utf-8
GET H/1.1	200 OK	sponsoredlinks_play_sm.png d32oduq093hvot.cloudfront.net/icons/	635 B 1 KB	39ms 38ms	Image image/png	65.9.94.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d32oduq093hvot.cloudfront.net/icons/sponsoredlinks_play_sm.png Requested by Host: healthlifestyle.science URL: https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.94.172 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b Request headers Referer https://healthlifestyle.science/?go=aHR0cHM6Ly9wYXN0ZWxpbmsubmV0LzIzbGl3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id null Via 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront) Last-Modified Tue, 24 Sep 2019 22:04:13 GMT Server AmazonS3 Age 35177 ETag "9cea76753f0fd3cdd83eeb77c84a0e94" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Date Wed, 14 Oct 2020 17:46:40 GMT X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Content-Length 635 X-Amz-Cf-Id cvoKA4gAocLe6hic3mXQospt1d5yWWAEpw_ZWAetWN8edDSpETCbiA==

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| FuckAdBlock object| fuckAdBlock number| count function| adBlockDetected function| adBlockNotDetected object| widget689739 string| key undefined| touchEnabled undefined| isMobile undefined| userAgent undefined| iPhoneIndex undefined| iPadIndex undefined| isIPhone undefined| isAndroid undefined| isOtherMobile undefined| d undefined| isInternetExplorer undefined| oldOnMouseMove function| contentAd689739 function| initJQuery689739 function| familyFriendlyHandler string| GoogleAnalyticsObject function| ga_ca object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| sponsoredLinks function| libInit object| libParams object| Modal_689739

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.healthlifestyle.science/	1970-01-20 06:42:55	Name: _ga Value: GA1.2.391053779.1602703655
			.healthlifestyle.science/	1970-01-19 13:13:10	Name: _gid Value: GA1.2.1154088529.1602703655
			.healthlifestyle.science/	1970-01-19 13:54:55	Name: __cfduid Value: df319c01e18c82688fbd35a19d905b1b61602703654

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][setOption] The option "debug" he was assigned to "true"
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][on] A type of event "detected" was added
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][on] A type of event "notDetected" was added
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][onload->eventCallback] A check loading is launched
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_creatBait] Bait has been created
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][check] An audit was requested with a loop
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][check] A check is in progress ...
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api	info	URL: https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1602703655127(Line 1) Message: WID 689739: Add Widget 689739 to library
console-api	info	URL: https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1602703655127(Line 1) Message: [object Object]
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_stopLoop] A loop has been stopped
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][_destroyBait] Bait has been removed
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][emitEvent] An event with a negative detection was called
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][emitEvent] Call function 1/1
console-api	log	URL: https://healthlifestyle.science/wp-content/plugins/wp-safelink-4/assets/fuckadblock.js(Line 57) Message: [FuckAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.content-ad.net
code.jquery.com
d32oduq093hvot.cloudfront.net
d3dytsf4vrjn5x.cloudfront.net
healthlifestyle.science
maxcdn.bootstrapcdn.com
www.google-analytics.com
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2a
2606:4700:3033::ac43:a1df
2a00:1450:4001:809::200e
52.39.93.93
65.9.94.172
65.9.94.86
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
28b0ec9fcdd39639b48893ce5001234f7fe501467ea05413ed1c06e219db9080
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
380231e091ba2a3cb56cd3ce9c607bbbd6358390ccaaa94d6512403b996219a2
3cfa6f931871fcbb7bb9226382dfbd920dd74d1427305a271136b0d3df623c38
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b
866bd2901490f46b519ce568542d311612d040a48ce36a2de380b737318a72b9
8dcf626d60a2a76465d03b340d4491834b0e30d872ea086cd5b0c4d551afbfda
954d648cbef33855c8b8de89c0047fb104dec60fef5a93810d17945e1ba6a25e
a5bf42b64f1a442957308ec374a64b6c334150fdf5673ef2596572d21161bee2
ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5
d35accafaaff6e3981094ea7de1fe921736906cd6d651a0a54f2a544432d2711
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f1cf56268a763e90b06b69655ae7bf4d5939da22c8c267c90379498477443dc4