urlscan.io logo urlscan.io
SecurityTrails logo

yourfreshstories.com Open in urlscan Pro
172.64.160.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://copdestined.top/C8wppsxip?wceh1698847227126
Effective URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9...
Submission: On November 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 172.64.160.30, located in and belongs to . The main domain is yourfreshstories.com.
TLS certificate: Issued by GTS CA 1P5 on October 21st 2023. Valid for: 3 months.
This is the only time yourfreshstories.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 108.178.23.114 32475 (SINGLEHOP...)
1 104.18.32.223 13335 (CLOUDFLAR...)
1 3 23.222.5.206 20940 (AKAMAI-ASN1)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
4 139.45.195.8 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
16 172.64.160.30 ()
2 2606:4700:10:... ()
35 12
2    2606:4700:3032::ac43:dc6f (United States)

ASN13335 (CLOUDFLARENET, US)
copdestined.top
1    2606:4700:3031::6815:4257 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.admo.buzz
3    108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
prize.youarelucky.click
1    104.18.32.223 (None, )

ASN13335 (CLOUDFLARENET, US)
for-j.com
3    23.222.5.206 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-206.deploy.static.akamaitechnologies.com
ak.hetahien.com
1    2600:1408:c400:1788::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    2600:1408:c400:587::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
16    172.64.160.30 (None, )

ASN- ()
yourfreshstories.com
2    2606:4700:10::6816:1974 (None, )

ASN- ()
littlecdn.com
Apex Domain
Subdomains		 Transfer
16 yourfreshstories.com
yourfreshstories.com
63 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
2 KB
3 hetahien.com
ak.hetahien.com
15 KB
3 youarelucky.click
prize.youarelucky.click
5 KB
2 littlecdn.com
littlecdn.com
3 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1444
c.go-mpulse.net — Cisco Umbrella Rank: 654
50 KB
2 copdestined.top
copdestined.top
2 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 34587
468 B
1 for-j.com
for-j.com — Cisco Umbrella Rank: 54029
14 KB
1 admo.buzz
ad.admo.buzz
598 B
0 baidu.com Failed
hm.baidu.com Failed
35 11
Domain Requested by
16 yourfreshstories.com yourfreshstories.com
4 my.rtmark.net ak.hetahien.com
yourfreshstories.com
3 ak.hetahien.com 1 redirects for-j.com
ak.hetahien.com
3 prize.youarelucky.click ad.admo.buzz
prize.youarelucky.click
2 littlecdn.com yourfreshstories.com
2 copdestined.top copdestined.top
1 c.go-mpulse.net s.go-mpulse.net
1 datatechone.com ak.hetahien.com
1 s.go-mpulse.net ak.hetahien.com
1 for-j.com prize.youarelucky.click
1 ad.admo.buzz copdestined.top
0 hm.baidu.com Failed copdestined.top
35 12

This site contains no links.

Subject Issuer Validity Valid
copdestined.top
E1		 2023-09-29 -
2023-12-28		 3 months crt.sh
admo.buzz
E1		 2023-10-18 -
2024-01-16		 3 months crt.sh
prize.youarelucky.click
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
for-j.com
GTS CA 1P5		 2023-09-23 -
2023-12-22		 3 months crt.sh
ak.hetaruwg.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
yourfreshstories.com
GTS CA 1P5		 2023-10-21 -
2024-01-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Frame ID: F0348E10FD0CE09E6E964EBC1EE0C9FA
Requests: 33 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Frame ID: 9015B0FEBD7F866CBAF07BBE61C96189
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://copdestined.top/C8wppsxip?wceh1698847227126 Page URL
  2. https://copdestined.top/404/nfp.html Page URL
  3. https://ad.admo.buzz/mt/?pn=nfp Page URL
  4. https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
  5. https://prize.youarelucky.click/?utm_term=7297035705186779218&tid=57696e3332 Page URL
  6. https://prize.youarelucky.click/proc.php?004a3f4f26f56627e035f036ab1b5426c98a9b31 Page URL
  7. https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7297035705186779218&sourceid=25426-5a4e140z... Page URL
  8. https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z Page URL
  9. https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
    https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL
  10. https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL

Page Statistics

35
Requests

97 %
HTTPS

45 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

154 kB
Transfer

442 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://copdestined.top/C8wppsxip?wceh1698847227126 Page URL
  2. https://copdestined.top/404/nfp.html Page URL
  3. https://ad.admo.buzz/mt/?pn=nfp Page URL
  4. https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
  5. https://prize.youarelucky.click/?utm_term=7297035705186779218&tid=57696e3332 Page URL
  6. https://prize.youarelucky.click/proc.php?004a3f4f26f56627e035f036ab1b5426c98a9b31 Page URL
  7. https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7297035705186779218&sourceid=25426-5a4e140z&tt=2&geo=us Page URL
  8. https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z Page URL
  9. https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
    https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780 Page URL
  10. https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
  • https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
C8wppsxip
copdestined.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://copdestined.top/C8wppsxip?wceh1698847227126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dc6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8200b550ae235724-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MofIp%2BKNOkORmjxtziGyMIwmZqfWAFLxUiNjxvKyB7tJK7TTE7fYIgY0IIJ5%2F1bf6c7TB5aiHucjmZssPQqbXC4OzDs4%2B81gv3nu5C4QzBT3wU3nBjVnb0fuTIEZhCmoLIFekwLIgGPli5FkWOo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nfp.html
copdestined.top/404/ 		836 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://copdestined.top/404/nfp.html
Requested by
Host: copdestined.top
URL: https://copdestined.top/C8wppsxip?wceh1698847227126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dc6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8200b552d9cf5724-MIA
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 01:05:19 GMT
last-modified
Sat, 21 Oct 2023 05:35:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKK0MSR4Ppw%2FF4ylR504fFCPN7zHopCsEjMNj4TQbDCMX5QYlXdl7Se9SLqKv0ON3UEFi5EuAMCQdRlot9UbdzZHpK1D5663Pi6yPcGyYnnYtliyTyHY%2FkSmZR9GsCQCRYvv75%2BT2RcLtmDW1tE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		0
0
/
ad.admo.buzz/mt/ 		179 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.admo.buzz/mt/?pn=nfp
Requested by
Host: copdestined.top
URL: https://copdestined.top/404/nfp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4257 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://copdestined.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8200b5551dc45f1f-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i79bSjTSGHlJ17djkSgZEfWCl9A1qgHWWwN%2Bb075Np4eIvlawe%2FCeB3bWuXMzp0iiVP98zc5drEmkXEbLfLdGy%2FvUTs8xBjvWxAOLvQ2zSBmP8imteOn5%2FQOK3wThFLhBtxaKE4W2vfaV8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
prize.youarelucky.click/ 		1 KB
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Requested by
Host: ad.admo.buzz
URL: https://ad.admo.buzz/mt/?pn=nfp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://ad.admo.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
/
prize.youarelucky.click/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/?utm_term=7297035705186779218&tid=57696e3332
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash
c4f70d473fb92fb9d05bb179eb6d5964f19759533b90115426eec399d6e93ae0

Request headers

Referer
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 01:05:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
proc.php
prize.youarelucky.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/proc.php?004a3f4f26f56627e035f036ab1b5426c98a9b31
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/?utm_term=7297035705186779218&tid=57696e3332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://prize.youarelucky.click/?utm_term=7297035705186779218&tid=57696e3332
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7297035705186779218&sourceid=25426-5a4e140z&tt=2&geo=us
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
tds3_2.html
for-j.com/ 		45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7297035705186779218&sourceid=25426-5a4e140z&tt=2&geo=us
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/proc.php?004a3f4f26f56627e035f036ab1b5426c98a9b31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://prize.youarelucky.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
138188
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8200b55c29846db3-MIA
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 01:05:21 GMT
expires
Mon, 04 Dec 2023 01:05:21 GMT
last-modified
Fri, 27 Oct 2023 10:22:36 GMT
server
cloudflare
vary
Accept-Encoding
afu.php
ak.hetahien.com/ 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
Requested by
Host: for-j.com
URL: https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7297035705186779218&sourceid=25426-5a4e140z&tt=2&geo=us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.206 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4405cc3f8fc81fcb47e28f4c53a3a4bc32c9330cf15d0768ac9609278d83880d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
12647
content-type
text/html; charset=utf8
date
Fri, 03 Nov 2023 01:05:22 GMT
expires
Fri, 03 Nov 2023 01:05:22 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=436 origin; dur=4 ak_p; desc="1698973521450_399598798_478968921_43983_1591_52_132_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-akamai-transformed
9 11990 0 pmb=mRUM,1
x-content-type-options
nosniff
x-trace-id
b0762c3886ec72e811c5ffa741bd2460
LDA9V-XELL8-WJK28-ZAL9U-A63WA
s.go-mpulse.net/boomerang/ Frame 9015 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:1788::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:22 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sun, 24 Sep 2023 04:38:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
sftouch
ak.hetahien.com/ 		2 B
678 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.hetahien.com/sftouch?userId=ab1a9c236c5449cca6d456ada5028d00&z=5460780&p_rid=40c685e8-3634-4fe4-a087-31fa763c9604&p_src=sf
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.206 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Fri, 03 Nov 2023 01:05:22 GMT
x-content-type-options
nosniff
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=1, ak_p; desc="1698973522377_399598798_478970576_9762_972_53_0_109";dur=1
content-length
2
x-trace-id
7593706dfc80d45ca3c28452ec6f2282
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.hetahien.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Fri, 03 Nov 2023 01:05:22 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=ab1a9c236c5449cca6d456ada5028d00&z=5460780&p_rid=40c685e8-3634-4fe4-a087-31fa763c9604&p_src=sf
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7297035705186779218&var=25426-5a4e140z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://ak.hetahien.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 03 Nov 2023 01:05:22 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.hetahien.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
config.json
c.go-mpulse.net/api/ Frame 9015 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=LDA9V-XELL8-WJK28-ZAL9U-A63WA&d=ak.hetahien.com&t=5663245&v=1.720.0&if=&sl=0&si=0d44a4b4-3f5f-4bf4-a848-c5787eb3c265-s3iwcx&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=760894
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:587::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 01:05:22 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
/
yourfreshstories.com/
Redirect Chain
  • https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false
  • https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20...
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
aa72e0eac2f56f049cc1778c799facd5ce91211d26fea363d79449365a5fad4d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ak.hetahien.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8200b569ccc9334c-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BQ2Uacbb%2Bt8SUrU%2BsLZyvnuZRxz9sIRRdR%2BTIrMWY8QLrxFD6EicC8xXEWamPlyAzADDyWYN5FEFvfre6enKXZ8iKssS1Z3m9IOEfJYsFYFwb13s13Wq%2BPMEB3ghWAKJo0Q4rp8hw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ak.hetahien.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 03 Nov 2023 01:05:23 GMT
expires
Fri, 03 Nov 2023 01:05:23 GMT
link
<https://yourfreshstories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
pragma
no-cache
referrer-policy
no-referrer
server-timing
cdn-cache; desc=MISS edge; dur=239 origin; dur=24 ak_p; desc="1698973522949_399598798_478971816_26284_1175_53_0_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
8b7ced091dee913f29e71e681047d6e2
style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:50:57 GMT
server
cloudflare
age
282
etag
W/"654249b1-1bb3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
8200b56b7917b3c2-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=ab1a9c236c5449cca6d456ada5028d00
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
34aa9a7555bcaf562467c48c69e2b0c5a4ce438c3f12a399d4975538fd1fcf83
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yourfreshstories.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
yourfreshstories.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 01:05:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 08:40:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65436083-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZkDsZsJEDyTPRDsij7XmOJ7YVZVq%2FaMU6t0z2%2BdB5cPJX6gHesZ9tXqknG9js%2Fu6uIZRORgmMYCkoFh%2FoPD%2FVhxadPslRTacZsBKXSlZVVCGwjgVI5IK1zhFCT6aH7aLc%2FXU4g4Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
8200b56b1fa1334c-MIA
alt-svc
h3=":443"; ma=86400
/
yourfreshstories.com/19/5202628/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/19/5202628/?abt_opts=1&var=5460780&var3=744111490206020156&ymid=&rhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
785200269e236a0ca53e5c383f078d6462198be9a55663e2e6c3df044404286c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
e3a3a28a04149d5be9ff8436c52d4194
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BdNbfxYz9KqJVjci1lm6O6rvZuuYFpqXbIkIviLTehZU4Ao0%2FtDFUaeXoKdI8CACHuRlsEePPRBx0hacxCfBNJh0Y5vDj3EFT63CmveR5q512bOlBHuNyjOf46wREnmU%2F0woTWGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8200b56b1fa5334c-MIA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
yourfreshstories.com/ 		2 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&mprtr=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2Fl3CyAkJf7t2T2TPDbYrg6Ssp6pVMyeSenZN49Y5xNnzDI%2FxElbXD0tkMptNz3yevOfwhFd3LdRLOPpH45nkofmdu2qh56Ea8CM2AIIr6CgKLMU8wfhHZl8oZgluWuqlsSmdGHDw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8200b56bdbc30325-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
yourfreshstories.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/rhd?rb=ovSUBOmlfFXgNnCrAWQiT_PCDGehqst0WMbQj4dctwfizlyHb9y6-d-WBYRh1SiWvaQBTwBnwIjZMb61r0AlDpIWv-ruxaMnXaeVq955hGOMBL2lWCGxkqSqWw5yy3wrk5bODRlE4u13ZwvgYbp1wkAf4EZWToF229wageOM2b0i7iZVMtWz206HVo6_5mK3JqD6y-EpUlO5N-yKml6oNmuqJARKkkCs7YYL1dvuUR2yZjH5VNPZNLu83zJJGmIvo0lI1asFaLOSF1CG1A28arPlZ5n6Dco423Dx2JeyvZB5zmlD7hzCf3aot-4drZXlS9zczGARJG_0UMeM868L2JgDyQJEYsTaoh-_DqgZj2vYvLRZl4gkjg5QGa56Yiib-aHpRWb1aHlrXrbSU6wTvAmkk6w032lR0p4VO6KbXdqQLaRlHOhhqaL3pvgIIokjek4xlU9thA0s84udanyuff3I8EiLDsmd2ejdGLWU082XIl5i3LiFEdau66GacWOqhpnhW9VejtwccPPj2I2w4c9RzmO939MnOxjoRr7NtKsoZ0vdhYfShDLQuVBkgWVQwbLtrO67T3SHUvE2bMigsGWjz09cUxifSpKjdlfs-iM2tj6guqYDDcjdnWgjp1CjXDWJaupvPB7PLSO_D3nP3Sy7xc0%3D&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Dab1a9c236c5449cca6d456ada5028d00%26pshr%3D0%26rd%3D0%26s%3D744111490206020156%26ssk%3D7283f20e934b31f4927bf589a180ec9f%26svar%3D1698973523%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5460780&var3=744111490206020156&ymid=&rhd=1&m=link
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d86c0b20091f97d75126a01df39ac13651ae25d45d8770aee334e2731f2fb487
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
c7268778a6cfce1c55e547ddaed0f301
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUdwkDDWSbLaJENuyT2TpBb8H%2By9ndb%2B4f9zBY5uaofAjb8pzIUat7WJSH%2BpLBUaT5a82exNzZ%2Fh%2FnNW0U4lmFbVO%2B9V3Zq%2BsjbsSaeUvyDdFdZATseFMsf%2Bfj0gJg9EZnbhr5ef8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8200b56c2c860325-MIA
expires
Tue, 11 Jan 1994 10:00:00 GMT
5202932
yourfreshstories.com/sw-check-permissions/ 		0
957 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/sw-check-permissions/5202932?var=5460780&ymid=744111490206020156&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhYW%2Bx3e9FO49M%2BdIUK5ydLoOdAyb36PoDGwz83IJIdgwEh8PHTlqLVuL6XrfTL21qoIwVPCH9grVbGMqbGT1vJFtPDMi0inUmt7MwTg38cjsEy2NuLu%2FqPFu5AHbrrIc1nxVKjHiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8200b56e69050325-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
yourfreshstories.com/ 		0
497 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=744111490206020156&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
4ab2ce24b0221e05d3a522b6f3029443
date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Vo0WHdxPXAHXm3IszmTTa%2FfjjGzvo9dAnk42%2BHbr7RMiSjgXv7DEdQQQTFjWSYa3mDHNcPEP12xGronde89u98gY1PRrvgyFn2Fl7Tl0diVGxocu8ZfCfmxbyG3L6zdcHAKC9n%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://yourfreshstories.com
access-control-allow-credentials
true
cf-ray
8200b56c2c970325-MIA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=744111490206020156&var=5460780
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yourfreshstories.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yourfreshstories.com/ 		796 B
987 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=744111490206020156&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
193e9c73490812cfed40029f72fbb552
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpj4fRNLeXCQUWp9yHCzZyfx4rFh6vxsp8gc6rEICEIFXyl41mXhz1fIccN3j4oNBoMew3Omd3GILsOmaB%2FmJq9PtzIluKitIRRPW3zFfNI%2FD7xIjHUfWyaIGMsDS%2BEGopZ0p9bHtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8200b56e79140325-MIA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
Primary Request /
yourfreshstories.com/ 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e99fc593072296b7009e681f2ee68087f8c0922f1bdd4a68acae81282f90ba02

Request headers

Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8200b56f6aab0325-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 01:05:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjNWoJUnMYV2H%2FDC4n01gwd%2BT8UFyJLBYtmakG4LY5FNyuq5Mi5ZWX4jmBf8k0VG9OM0%2Fn2sJL%2BBd9hpQnZJJ2wXRzm2nkkzD6lsm%2FI9DhemTHYbyX3jd4uH%2B8iiAF9Yg73t7RGL2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:50:57 GMT
server
cloudflare
age
283
etag
W/"654249b1-1bb3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
8200b5710d8eb3c2-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
micro.tag.min.js
yourfreshstories.com/pfe/current/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 01:05:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 08:40:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65436083-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXPLiwvmExEzJvFf%2FdN8Sq%2B9Pqx35eezLLYGpDpvd1dIdRTzZwOiVEZ0dHCbZN91H47RBq%2BOSD%2BJg1KtXs%2BMBONEl5695eRwjjIoROWAD%2Foc3r0whdDJ46byNCLbYgmn8bGuLYVU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
8200b5711d8a0325-MIA
alt-svc
h3=":443"; ma=86400
/
yourfreshstories.com/19/5202628/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/19/5202628/?abt_opts=1&var=5460780&var3=744111490206020156&ymid=&rhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
145d4822f4e03237e0c4bd43e521decb5821c0349fe7fe421c34a44db3c08c1d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
9d1e489437f954d9c087144e31742b6b
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqL9zNvVZJKK5ovB%2B7cOx5dnhZnq8dbaQGrbZqDSTrwmBrPAsy2urWJxUALBY8And%2F%2B2ay%2Byxm4Uw8%2BDMP90dhp%2FP8Ce3BBw1%2Bb%2FF70IguC0%2F5icogdQgXoq5EGvS4F6Z560maRAcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8200b5711d8f0325-MIA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
yourfreshstories.com/ 		2 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2&mprtr=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=runQodgOsriPhXO6jUhrGhcWqfRrKynho8MzIfOjWg3kFtjHM2wGAhcP4pjKK46zPKGknPv3c9RVe2FiXFcQeigfkUb22QFptCwtMDrmLXfhSB9H6LVkO6ER4OiWQGchfRK%2FU7UlNA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8200b5715e150325-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
yourfreshstories.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/rhd?rb=Ea978j6VK83jw7TmHGYQRXNjUYVLp5lKagJSJDqmC0a1PgMflcRE95GQpgf_MW353M6FAR5gBO_gkxe_HdKnKqjTuUljLqEDnoEjz1yemS4S7vaND4abDOOblRVogAyIY-Mp5eGpZgC8LVN-2EugNUUY811URbz6n07onBc4DwqcYb1BrsF8hmUlvrf9i89FNoBqGq3hWsRAMKhMV0btW3LYTci5q0w4RvV-edZe_OAZ7oPRQxSo5z6hY82Dpc8dF6F9yhLbHHaO3rIVHnl9n8bQ5Gf4p-YJ5lnWhbe4WVQv4iS8rKq_AZyzlsMLYzVgNZfnPPOumQ-00lzh1NN2sRM0k7QfrV16xwHc8jjWHKeNoWot_MZA5IAXudQYWHtEsA8CEAnbhtlgscC_HSvpM_wLoy9JNT8LhpbAcRuh5V95xunVa506HInSTtVBP0Pps4jS1dfLR-7BQfAQEc3PzcCY3tUNqPo74rIqPt4P_gJC4Kw8MwIvFWFM3b9dm41kCnEB9CdHONSCDcU_3ZWe74R96xrAK72yfyB8QY8w5ALAql3YPO-gwDRnhk90Tm3b4VY2xo3mbo_sMyuKT3tl8s0DIrwYdPXIKggLpoHXXE_w80o4e2AfUqG3k5EpQEYcaqO-Xr-io_rYHSHZFU9lcVGZcnNZQ_Om&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Dab1a9c236c5449cca6d456ada5028d00%26pshr%3D0%26rd%3D0%26s%3D744111490206020156%26ssk%3D7283f20e934b31f4927bf589a180ec9f%26svar%3D1698973523%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780%26rdc%3D2&drf=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3Dab1a9c236c5449cca6d456ada5028d00%26pshr%3D0%26rd%3D0%26s%3D744111490206020156%26ssk%3D7283f20e934b31f4927bf589a180ec9f%26svar%3D1698973523%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5460780&var3=744111490206020156&ymid=&rhd=1&m=link
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4604c2e88518007e7570503390af80dc851728ff534e9f4d8ab870a61dc2d226
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
b02e91088e449dd59dd5d3a336669dbf
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7GGjphW5an%2FCVH13FynWRxdjy15I6djdUtAkn2l3HITL7ABJYl2gosgqdUDHK0M5MO9HIZK%2BV77sgiRGFjqBG22gMxYSydJOqjjiShEWoAHT93GYa1xMRzcC8l6SiH3yjyPXQrdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8200b5721f930325-MIA
expires
Tue, 11 Jan 1994 10:00:00 GMT
5202932
yourfreshstories.com/sw-check-permissions/ 		0
959 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/sw-check-permissions/5202932?var=5460780&ymid=744111490206020156&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ccb%2Bw11F1YiuAYAtI6x6VwH3E%2B2bDC2hcT2PTledrUNYQWBBW1HPqxmB5WXpfsBsOIVi%2Fz2A3c4r81AQvY6VIVW03XM1C6NmiZlOyWp296NvoBYgYuYXY3Tzk%2BgKxMpN5SUIlQGHlw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8200b572f9110325-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
yourfreshstories.com/ 		0
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=744111490206020156&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
c7cbb0ccb37eb1f711bf3bc30ec2178e
date
Fri, 03 Nov 2023 01:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s10bqSRXl7kA8Er%2Fp2ZAnGsuUaHHLXl3A0OUMJtdsZOWY2xuDRYUnRgPEeTR1Dw%2BNY0zXU3MS43OIWVKTaLBv2QaMYYxIRs%2BuO%2BUieJZVg1EFG%2BjanKIKXVCztapYaKCJ%2B%2FHTykixw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://yourfreshstories.com
access-control-allow-credentials
true
cf-ray
8200b572f90c0325-MIA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=744111490206020156&var=5460780
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
34aa9a7555bcaf562467c48c69e2b0c5a4ce438c3f12a399d4975538fd1fcf83
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yourfreshstories.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yourfreshstories.com/ 		796 B
989 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=744111490206020156&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=744111490206020156&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e46ddc438f401046bf3a00be6237bd1ed76d5f055a3da3f41c975bfc34c919
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=ab1a9c236c5449cca6d456ada5028d00&pshr=0&rd=0&s=744111490206020156&ssk=7283f20e934b31f4927bf589a180ec9f&svar=1698973523&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
8d53d34fdf42ca91bac2714209f0c066
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSd29iT%2B9ZkhILj30NCpQWAvPTFHTdg1%2Ftq6ACgPJO8SmzGC7DnZQ5964YxMpDaO0voXCSVT0E6NnZrIvbrkAZUbXHaTWnK%2FVLWiOvQjHvOelnooCtwkMW8yCRHREYuBVbJBQAZkXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8200b573093e0325-MIA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Domain/Path Name / Value
ak.hetahien.com/ Name: OAID
Value: ab1a9c236c5449cca6d456ada5028d00
ak.hetahien.com/ Name: oaidts
Value: 1698973521
my.rtmark.net/ Name: ID
Value: ab1a9c236c5449cca6d456ada5028d00
.ak.hetahien.com/ Name: RT
Value: "z=1&dm=ak.hetahien.com&si=0d44a4b4-3f5f-4bf4-a848-c5787eb3c265&ss=lohwyv29&sl=2&tt=2eo&rl=1&ld=18f"
ak.hetahien.com/ Name: syncedCookie
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admo.buzz
ak.hetahien.com
c.go-mpulse.net
copdestined.top
datatechone.com
for-j.com
hm.baidu.com
littlecdn.com
my.rtmark.net
prize.youarelucky.click
s.go-mpulse.net
yourfreshstories.com
hm.baidu.com
104.18.32.223
108.178.23.114
139.45.195.253
139.45.195.8
172.64.160.30
23.222.5.206
2600:1408:c400:1788::11a6
2600:1408:c400:587::11a6
2606:4700:10::6816:1974
2606:4700:3031::6815:4257
2606:4700:3032::ac43:dc6f
0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78
145d4822f4e03237e0c4bd43e521decb5821c0349fe7fe421c34a44db3c08c1d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
34aa9a7555bcaf562467c48c69e2b0c5a4ce438c3f12a399d4975538fd1fcf83
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
4405cc3f8fc81fcb47e28f4c53a3a4bc32c9330cf15d0768ac9609278d83880d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4604c2e88518007e7570503390af80dc851728ff534e9f4d8ab870a61dc2d226
785200269e236a0ca53e5c383f078d6462198be9a55663e2e6c3df044404286c
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
aa72e0eac2f56f049cc1778c799facd5ce91211d26fea363d79449365a5fad4d
c4f70d473fb92fb9d05bb179eb6d5964f19759533b90115426eec399d6e93ae0
d86c0b20091f97d75126a01df39ac13651ae25d45d8770aee334e2731f2fb487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99fc593072296b7009e681f2ee68087f8c0922f1bdd4a68acae81282f90ba02
e9e46ddc438f401046bf3a00be6237bd1ed76d5f055a3da3f41c975bfc34c919