distrib.adblocking-available.xyz Open in urlscan Pro
2606:4700:3030::ac43:8115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://andlookedvery.info/Q0FhbWl8IhJQOgR4LSM%2FDWRTKzEtKiQMBzsjAgoRKCQNHRABLDhLCCE1XF1PMSQFUFhlMgxQWHVnClAALTUOSFtzLA4eHW...
Effective URL:
https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&camp...
Submission: On March 22 via manual (March 22nd 2024, 5:12:23 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3030::ac43:8115, located in United States and belongs to CLOUDFLARENET, US. The main domain is distrib.adblocking-available.xyz.
TLS certificate: Issued by E1 on March 4th 2024. Valid for: 3 months.

This is the only time distrib.adblocking-available.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.173.205.22 18.173.205.22	16509 (AMAZON-02) (AMAZON-02)
1 3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
16	172.67.191.11 172.67.191.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
17	2606:4700:303... 2606:4700:3030::ac43:8115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
61	9

1 18.173.205.22 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-22.fra56.r.cloudfront.net

andlookedvery.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

beklefkiom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.191.11 (United States)

ASN13335 (CLOUDFLARENET, US)

wholefreshnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

track.instant-adblock.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:8115 (United States)

ASN13335 (CLOUDFLARENET, US)

distrib.adblocking-available.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	adblocking-available.xyz distrib.adblocking-available.xyz	332 KB
16	wholefreshnews.com wholefreshnews.com	70 KB
13	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 18471
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7780	2 KB
3	beklefkiom.com 1 redirects beklefkiom.com — Cisco Umbrella Rank: 522920	16 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1728	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	88 KB
1	instant-adblock.xyz 1 redirects track.instant-adblock.xyz — Cisco Umbrella Rank: 136181	455 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 19762	467 B
1	andlookedvery.info 1 redirects andlookedvery.info	536 B
61	10

	Domain	Requested by
17	distrib.adblocking-available.xyz	wholefreshnews.com distrib.adblocking-available.xyz
16	wholefreshnews.com	wholefreshnews.com
13	jouteetu.net	wholefreshnews.com
4	my.rtmark.net	beklefkiom.com wholefreshnews.com
3	beklefkiom.com	1 redirects beklefkiom.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	distrib.adblocking-available.xyz
1	track.instant-adblock.xyz	1 redirects distrib.adblocking-available.xyz
1	datatechone.com	beklefkiom.com
1	andlookedvery.info	1 redirects
61	10

This site contains no links.

Subject Issuer	Validity	Valid
beklefkiom.com R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
wholefreshnews.com E1	`2024-03-06` - `2024-06-04`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
adblocking-available.xyz E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
Frame ID: 37C102716D6A2F7293D252F8F3571C02
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Essential AdBlocker

Page URL History Show full URLs

https://andlookedvery.info/Q0FhbWl8IhJQOgR4LSM%2FDWRTKzEtKiQMBzsjAgoRKCQNHRABLDhLCCE1XF1PMSQFUFhlMgxQWH... HTTP 302
https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976 Page URL
https://beklefkiom.com/?z=2517826&syncedCookie=true&rhd=false HTTP 302
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z... Page URL
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z... Page URL
https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=795089132614594591&cost=0.003937&z... HTTP 307
https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

90 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

507 kB
Transfer

1357 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://andlookedvery.info/Q0FhbWl8IhJQOgR4LSM%2FDWRTKzEtKiQMBzsjAgoRKCQNHRABLDhLCCE1XF1PMSQFUFhlMgxQWHVnClAALTUOSFtzLA4eHWZzUR0FIi8EGU81fFBDWndvUltHd2cSGRp%2BcUcdGy18UUsMLiNcXU83KAVQWHNyVFteemcTFRB%2BcFZfURx4WFRPKi8CUFllNFxAW2UnElBYZTMEC1QrNRUdGmZyIEhbBWRTK1hwclYVRzcuRF8vNy4THwwtNURfL3VxUl1dc3BEXy8HNA8IRHFxU1xEcnFZXRluAw0YOyI4TCVbdXVMLCgAZFMrTywyE1BYcHJWFUc3LkcJGjctXAUdNzESSFoCZFMrTHEHUF5adDlPGQZmcycFBi4kRF8vZSsSGVRzZwQDG35xRwEKNiBcAAY5KA0BCGZzJ1hHc2RTXUEuIAIEBzcuEgVMcANEX1kqLxUIBWZzUQAIIGRTXQYwZFNdEWZzUVxZHHBUMl5qZFNdCDMxDQgeJiMKBB1mcydbWXZvUENYdmRTXUEoKRUABWZzIkhbcy0IBgxmc1EKDCAqDkRMcXEXCBswKA4DTHEHUFpHd2RTXRoiJwAfAGZzJ1tZdm9QQ1h2ZxUXDX5sVkscLy4CUE8qJ1xdTyA1XFhPIDUCUFFlHhdeMSF8UFpYcnBTWlxxcVBaW2U0FR9YfnFHGB0xc1wjCA1nFBkbcHwvDCdlNBUfXX40DwkMJSgPCA1lNBUfXH40DwkMJSgPCA1lNBUfX340DwkMJSgPCA1lNBUfXn40DwkMJSgPCA1lNwABACd8UA%3D%3D HTTP 302
https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976 Page URL
https://beklefkiom.com/?z=2517826&syncedCookie=true&rhd=false HTTP 302
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Page URL
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2 Page URL
https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=795089132614594591&cost=0.003937&zoneid=4662728&campaignid=7744866&bannerid=19839484&subzoneid=105873&oaid=89de299ed2cf9adaf566d29f3af9251f HTTP 307
https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://andlookedvery.info/Q0FhbWl8IhJQOgR4LSM%2FDWRTKzEtKiQMBzsjAgoRKCQNHRABLDhLCCE1XF1PMSQFUFhlMgxQWHVnClAALTUOSFtzLA4eHWZzUR0FIi8EGU81fFBDWndvUltHd2cSGRp%2BcUcdGy18UUsMLiNcXU83KAVQWHNyVFteemcTFRB%2BcFZfURx4WFRPKi8CUFllNFxAW2UnElBYZTMEC1QrNRUdGmZyIEhbBWRTK1hwclYVRzcuRF8vNy4THwwtNURfL3VxUl1dc3BEXy8HNA8IRHFxU1xEcnFZXRluAw0YOyI4TCVbdXVMLCgAZFMrTywyE1BYcHJWFUc3LkcJGjctXAUdNzESSFoCZFMrTHEHUF5adDlPGQZmcycFBi4kRF8vZSsSGVRzZwQDG35xRwEKNiBcAAY5KA0BCGZzJ1hHc2RTXUEuIAIEBzcuEgVMcANEX1kqLxUIBWZzUQAIIGRTXQYwZFNdEWZzUVxZHHBUMl5qZFNdCDMxDQgeJiMKBB1mcydbWXZvUENYdmRTXUEoKRUABWZzIkhbcy0IBgxmc1EKDCAqDkRMcXEXCBswKA4DTHEHUFpHd2RTXRoiJwAfAGZzJ1tZdm9QQ1h2ZxUXDX5sVkscLy4CUE8qJ1xdTyA1XFhPIDUCUFFlHhdeMSF8UFpYcnBTWlxxcVBaW2U0FR9YfnFHGB0xc1wjCA1nFBkbcHwvDCdlNBUfXX40DwkMJSgPCA1lNBUfXH40DwkMJSgPCA1lNBUfX340DwkMJSgPCA1lNBUfXn40DwkMJSgPCA1lNwABACd8UA%3D%3D HTTP 302
https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976

Request Chain 4

https://beklefkiom.com/?z=2517826&syncedCookie=true&rhd=false HTTP 302
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

afu.php Show response
beklefkiom.com/
Redirect Chain

https://andlookedvery.info/Q0FhbWl8IhJQOgR4LSM%2FDWRTKzEtKiQMBzsjAgoRKCQNHRABLDhLCCE1XF1PMSQFUFhlMgxQWHVnClAALTUOSFtzLA4eHWZzUR0FIi8EGU81fFBDWndvUltHd2cSGRp%2BcUcdGy18UUsMLiNcXU83KAVQWHNyVFteemcTFR...
https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976

33 KB
14 KB

66ms
26ms

Document
text/html

139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c763ad01b27c56636bca8237777cacb126aa5b1b0a0547bda23b1ff777a37076

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 22 Mar 2024 17:12:19 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: ed1d35273b0641a6e6f4ddc746e57b98

Redirect headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-length: 0
content-type: text/plain
date: Fri, 22 Mar 2024 17:12:19 GMT
location: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: HoR_MKSvnElgQwbdFeLaHCeecGsmW7jZp-LV26ipawxoMfx8AUj92w==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

POST
H2 200 sftouch
beklefkiom.com/ 2 B
604 B 16ms
16ms Ping
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beklefkiom.com/sftouch?userId=008027bad06144eaed131cceb4a92edb&z=2517826&p_rid=0446dd57-9939-4ea3-bbb3-fa372bbecb03&p_src=sf&branchId=400701&rb=aBlNdqhW6JvEntwVdjA8BYES3Y8g7FJaMhCWAxoL8asjU80kK3tbTVSv_25MOXO0sWMKhZ7jX-cftpNAyB9zbTRU1mQmawUzSRgXbQ7OaJ2CKMjKIzS4uZT1CYGXLXZVPmoDKVOYL25JOCbbggVMW9cRIRubZvivyDutoOw8OKMEfYp7Yd07bJzLMx7jOIgtWRnIGbpN8F78Pgtw9N0OTjU0viXsUH-THVHcAHfTZ1zqYQcdPVKSzOMexCZK4uk-Nfknmfq_v28k_JrSjIlCfFGU_4xBVATHiKvzekEJAnvcdWP_qQsOwpNW_cwmEJMPYUrhJSHVd6-8Xf_v6HHOCU3b_Z8yGACX

Requested by

Host: beklefkiom.com
URL: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 23b08caf0c4c592a21144bd443edd484
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://beklefkiom.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 48ms
12ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008027bad06144eaed131cceb4a92edb&z=2517826&p_rid=0446dd57-9939-4ea3-bbb3-fa372bbecb03&p_src=sf

Requested by

Host: beklefkiom.com
URL: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beklefkiom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
467 B 64ms
13ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0446dd57-9939-4ea3-bbb3-fa372bbecb03
Requested by: Host: beklefkiom.com
URL: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://beklefkiom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 22 Mar 2024 17:12:19 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://beklefkiom.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
wholefreshnews.com/
Redirect Chain

https://beklefkiom.com/?z=2517826&syncedCookie=true&rhd=false
https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

41 KB
14 KB

99ms
58ms

Document
text/html

172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e76717d2de73ef4a266b218a367dbfdea310671511d2baa6436f3ca241cb73fb

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://beklefkiom.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8687ce510916970f-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:12:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLxrib2TFzFOSD%2BCsn5zxg%2BqvFiLYXcfo4Ktem4mCYY3wL4sV51rlA53LJjx6nTB3eA%2F0Y%2BHSUyVKyXMN5ghmHxSmEVVhEZnFTgnpUwhM%2Fg0pMlW2PDMx33Adnua%2FSYneoltBWE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://beklefkiom.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Fri, 22 Mar 2024 17:12:19 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://wholefreshnews.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: d02443a3a86f8e1b41d0249ad51aac3d

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 12ms
12ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=89de299ed2cf9adaf566d29f3af9251f

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

57b53c24a1332fdb488d43b7a025a50cc84809585ea15f8659a6ca2216f6f71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholefreshnews.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
wholefreshnews.com/pfe/current/ 35 KB
13 KB 29ms
28ms Script
application/javascript 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 09:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fab17e-8def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoNZd0%2FQBFHNt76zkcFofe20dZDJwuTOhzgEMsIVP7JtX2l02cFOloOMDZfpuiYT5Awn%2FoS4Ry4eOXxQYg29pUHDEZIdULwYXgX7R6MWVMznqYtCcguMsxoyVnPeEHWX%2B65jfb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8687ce5179b3970f-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
wholefreshnews.com/19/4662728/ 3 KB
2 KB 32ms
32ms XHR
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/19/4662728/?abt_opts=1&var=2517826&var3=795089130089615665&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08bd0001733db53eec69f480e3eeb08b1ccc1c5f744f4ac028ac3c50f145a001

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 1334b5b56aa1bd339b797ea6f44e716c
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuvHBsboK0jL9a%2BeyDAj2Op61xtBY1VsspbMBahXdVkPYL6pGerEfB07eltHeHEFdax0EtNM8gcqcX3Zzf5p9aetndcmZFWeIjL0CFE7Iq%2FfJNazPfC61zz%2BbO6WX1rjCp1mgus%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8687ce5189bb970f-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
wholefreshnews.com/ 2 B
415 B 32ms
32ms XHR
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&mprtr=1
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6GmfXIeUiZfW9%2BfzdIfpuGay1n6tFOJE1R0S5J5%2Bp9J5IevSnqagDOLsswroDcjFVXtkrbN1EdJG0wlhWhY%2FFmQmzaotqYCYYjtw1MjYhJ%2BYXObFpKujcDdQ%2B9c1EQQtkNtQD0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8687ce5189bf970f-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 163ms
54ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
wholefreshnews.com/sw-check-permissions/ 0
1011 B 35ms
35ms Other
application/javascript 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/sw-check-permissions/4662709?var=2517826&ymid=795089130089615665&uhd=1&zoneId=4662709
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2zfNrZ83BXEBr3yTYyZxyNv%2BWnVwnciDFqsDUNfA8FUiS5hQxaQ%2FDoAVP1Uv%2FSJxIXeilonI4wX2CdzB3Tej1p57%2BlhmjtwrlVCdOduzmtYnSSD5m%2FRRB%2F6SNAHlIEMktjtl88%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8687ce51b8df0e37-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

POST
H3 200 zone
wholefreshnews.com/ 0
637 B 28ms
27ms Ping
text/plain 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholefreshnews.com&var=2517826&ymid=795089130089615665&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=e003d006-e201-40c4-962e-15ea0e52d644&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 43ef6b40ee8de6fafdb196f1ec58fa84
date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMwaCTniIPVZZW6Lh8Y8bEJymWsx9dvF1OB52xoFjULqgan998A9QwbYe8M5ruLcN0G4HNYvB%2Fo29H4bGSwe2bUgz29KJAQW06YfQNvoxBZ5Ei4e%2BkTvt6dZXORpcDM7wkFZ9xw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholefreshnews.com
access-control-allow-credentials: true
cf-ray: 8687ce51b8ea0e37-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

GET
H2 200 gid.js
my.rtmark.net/ 65 B
544 B 14ms
14ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=795089130089615665&var=2517826

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholefreshnews.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST custom
jouteetu.net/ 0
0

POST
H2 200 custom
jouteetu.net/ 0
0 153ms
54ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST custom
jouteetu.net/ 0
0

POST
H2 200 custom
jouteetu.net/ 0
0 29ms
29ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone
wholefreshnews.com/ 797 B
1 KB 26ms
25ms Fetch
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholefreshnews.com&var=2517826&ymid=795089130089615665&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=e003d006-e201-40c4-962e-15ea0e52d644&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 8c9ce26acc2201ff9087a28215a59534
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxWmjgKZsDdSgaSsEg81nMSMkuLZBEi%2Bsxy7TNCrcFhnunT8IVEGWtphBaeO%2BYwdsRu7lqEoqb6FjuwCSgcM1xPivuDiFbkNAbxqQHYNGNyT6nKJeS%2F8zrqcrt1TkvNWMHccTdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8687ce5269b60e37-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 / Show response
wholefreshnews.com/ 41 KB
14 KB 55ms
55ms Document
text/html 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c440d492c44e671d66a8223d6a4418d74bfd779dd4f1fe0c97bd071fbc976530

Request headers

Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8687ce5269b70e37-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 17:12:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQZEV80rkizPYseKUW3ybmg6%2BqiTqVJ2%2BR9mU4Q6uRo5vJYU55Gy7csz40qOe3Hhqlh%2B2t6NpiVHp6hMMtJk3shzXNpqS%2FHBEzezQD6jK1f31%2FNXLGbQ0j5M00GLhl0mrJ9pNMM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 custom
jouteetu.net/ 0
0 26ms
25ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 micro.tag.min.js Show response
wholefreshnews.com/pfe/current/ 35 KB
13 KB 32ms
32ms Script
application/javascript 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 09:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fab17e-8def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8%2BlwHykgZUlibfJukF8ED3ZuC1Yw6z%2BXxyvBsBAiQd2JL7e8X%2Bp%2Bmh521%2FfjDn1hrak4X%2B3Z8AMcQm8ihhQ6WRqZgBYR9eWtX%2BK8xmejpxYjMFbh%2BQ8RpHz6042%2BU2EnTrlbJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8687ce52ca6a0e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
wholefreshnews.com/19/4662728/ 3 KB
3 KB 77ms
77ms XHR
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/19/4662728/?abt_opts=1&var=2517826&var3=795089130089615665&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33fbdda44c1e516c87720082937772e0e5df2bf844ee44ec9fad6ab2ee18dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 3e4f04f6ee93e87c71ddf5d616e7ee68
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxf3FnjAvvc8IaUVB4zWZohsBRDbc9H3i5M5rQiA7qBmtTh3xpLrBiPMgUeQcakQlr5yWr57VOmqgjQc2AremmkriPolK6a9m2h7Gu%2FmWhLXPDIvN2cBx9uMey9y0IGs0ebNNi4%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8687ce52ca6f0e37-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
wholefreshnews.com/ 2 B
533 B 28ms
28ms XHR
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2&mprtr=1
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ozeq6cx4MYUVr4Cq7pcswJiiFwS7OUPc76WGcbEFVvzHDGaI2JxIdMtdT3HXzKphw0nHJN40B68xX%2BYCFdCGM%2BLbFQpdzklHzXyX%2FIF6aub%2B2oJ40189SRSNsFEYG7Or52Qf%2BXs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8687ce52da870e37-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
wholefreshnews.com/sw-check-permissions/ 0
1010 B 33ms
33ms Other
application/javascript 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholefreshnews.com/sw-check-permissions/4662709?var=2517826&ymid=795089130089615665&uhd=1&zoneId=4662709
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2QyYNLxSoNvXEMAHzJyx%2Fr3XfkASfG4BIZKkk%2Fu1c%2BgL7iAST0C8kdfo1uGQEtOqz72Bn6SD00KtgbvKVP0CP%2FzSzLfbfhCjwZxicEkHwpvmWgVmxGKrvc%2BKmfqqWoT9LvwGxw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8687ce530ab80e37-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 17ms
16ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
wholefreshnews.com/ 0
601 B 29ms
29ms Ping
text/plain 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholefreshnews.com&var=2517826&ymid=795089130089615665&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=e7d8f90a-86fc-4386-89f5-3b5080e7c6f5&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 9bd86ce554dd265d5f97df60edd815b7
date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tffQTTtDLZMytCiPuw5RWT3Xz2gzJzGkXoficRkgMbDbwcvC%2BlWeBxi0ldWChmnskjY4MwyQ6WbIuoiI9zVXz%2Btoiin4xQEJlxrF8NUUjeU2BBCehsKcfZ2NByK0gAM3vwxQcQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholefreshnews.com
access-control-allow-credentials: true
cf-ray: 8687ce530abc0e37-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 16ms
16ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 24ms
24ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=795089130089615665&var=2517826

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

57b53c24a1332fdb488d43b7a025a50cc84809585ea15f8659a6ca2216f6f71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholefreshnews.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 12ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 93ms
93ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
wholefreshnews.com/ 797 B
1 KB 34ms
34ms Fetch
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholefreshnews.com&var=2517826&ymid=795089130089615665&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=e7d8f90a-86fc-4386-89f5-3b5080e7c6f5&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc91c33152c00aacbe11b4e9484a1a9b6bf143cadf53187351a52c656d4bb93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 5e3cd38342a3ff85fb4e6b080e91db8f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LnvuDQBfMm5wCGL9%2BGI4%2FFj5%2FhmM8PVJ8eE8L6PqcRXde8r2TJ2jaLdDf6oiihGLzUuW%2BhJ1K64qdQJaPrXWkE66s8Ayv%2FakYGFe6QVye5L6AeNf8qAzQgKsejPyu6Zs6eCsDaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8687ce530aca0e37-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 80ms
80ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 13ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: wholefreshnews.com
URL: https://wholefreshnews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=795089130089615665&var=2517826&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wholefreshnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 rhd Show response
wholefreshnews.com/ 3 KB
3 KB 36ms
36ms Fetch
application/json 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/rhd?rb=y5SmPZCLS8MxewllpCdd5Idbm81KxGvvApNl83on-lYdYVphU1hk3fK9pTc9F8_UReKWizzcRqUJMwzkDpSY4RdIr41FuGtStkLmXZV5-K0QiMIdgTQjrwEyzR0xSybHECULIe1nUx6aZfeLXrywdzjg5g2E0IC8UEORFMLQXMWCaHr-ZtpiYZrharpz4Ds1KsSYJZk9n105igTwTmie5HRdr08d3YNBPbV-GCKgiuI1bRs2Jz17W9KYFcWt7xFGTynxgxAXWU85Fb1QbX4hp5UOclGw7vei7ZhjiUCJI3DRFdUjl1tW1eNXrKjdm52zoaim2e2B7uwHFw_dcNcKrnChU0YCVaIMH4hK2J1vGPwVUSRBAQjv5v7pL4dKJmaRIsjy_w9q4YJv_4Qahf45nkdXuV5qA37WhvdXqe1z1fddCfW8dD1pZ-p8EdYc0Uy3ebT5ICy7pqco_bHeOSQJjE5kxwNWDRg-Oja8t8Kn02pO4It0_R7gd7OdrbpC0l8tG9D7saZNDsh0s8BZS1ShTQdgHegC1x57EqjflfjDS9ejs4Op5x9l44Ptc7sAvpx09JiqheFwAA8%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholefreshnews.com%2F%3Fs%3D795089130089615665%26ssk%3D0b8fb2864b7cf83408cc04f0774106fb%26svar%3D1711127539%26z%3D2517826%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60%26rdc%3D2&drf=https%3A%2F%2Fwholefreshnews.com%2F%3Fs%3D795089130089615665%26ssk%3D0b8fb2864b7cf83408cc04f0774106fb%26svar%3D1711127539%26z%3D2517826%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=2517826&var3=795089130089615665&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3511f7563e9c68de939d278324b5bc8bd9cbcbbfa8e3db14544b2b13ec8e9fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 291cf1e7dbd2bbbb6deb1c03364e32a5
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQLEt5FMZSXhTrQA932fBDm5Cb4pJpLUXCFRWNCyrya06GEZX9%2BpmrGTdhn7xOJXsdeTUaByETAnuFLS47ERuSpH79mhMPCCG4Ijl67ydZ8QzjAyVjHQsggY40q5lB3Nbv3r0JM%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8687ce534b360e37-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

Primary Request / Show response
distrib.adblocking-available.xyz/
Redirect Chain

https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=795089132614594591&cost=0.003937&zoneid=4662728&campaignid=7744866&bannerid=19839484&subzoneid=105873&oaid=89de299ed2cf9a...
https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s73...

5 KB
4 KB

69ms
27ms

Document
text/html

2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

679e4bd978907fd527756c2bee6b209d0d9f3999430348588ea81aeef1c10aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8687ce56bdb8bbbb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Mar 2024 17:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MV26PzmiJXczdgdEJRB13maGfCWbklEopr%2BupVoaZ%2Bh%2FE1dFLQCKiCJobRtgqFSnz8U5mn3EipGb%2FBNVw01GNWa%2B7dKPJy1yKMnx2awLWqCulJhAoE0tje54HkDRITN%2FHQ9AucIK0NFUTheS8cchK39aAEnqx3eI%2FclHZME22g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Fri, 22 Mar 2024 17:12:20 GMT
location: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
server: Caddy
x-request-id: 3241a1bf-e8d0-45df-9916-33bc95c30f69

POST
H3 200 cat.php
wholefreshnews.com/ 0
756 B 26ms
26ms Ping
text/plain 172.67.191.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholefreshnews.com/cat.php?userId=89de299ed2cf9adaf566d29f3af9251f&zoneid=4662728&rb=y5SmPZCLS8MxewllpCdd5Idbm81KxGvvApNl83on-lYdYVphU1hk3fK9pTc9F8_UReKWizzcRqUJMwzkDpSY4RdIr41FuGtStkLmXZV5-K0QiMIdgTQjrwEyzR0xSybHECULIe1nUx6aZfeLXrywdzjg5g2E0IC8UEORFMLQXMWCaHr-ZtpiYZrharpz4Ds1KsSYJZk9n105igTwTmie5HRdr08d3YNBPbV-GCKgiuI1bRs2Jz17W9KYFcWt7xFGTynxgxAXWU85Fb1QbX4hp5UOclGw7vei7ZhjiUCJI3DRFdUjl1tW1eNXrKjdm52zoaim2e2B7uwHFw_dcNcKrnChU0YCVaIMH4hK2J1vGPwVUSRBAQjv5v7pL4dKJmaRIsjy_w9q4YJv_4Qahf45nkdXuV5qA37WhvdXqe1z1fddCfW8dD1pZ-p8EdYc0Uy3ebT5ICy7pqco_bHeOSQJjE5kxwNWDRg-Oja8t8Kn02pO4It0_R7gd7OdrbpC0l8tG9D7saZNDsh0s8BZS1ShTQdgHegC1x57EqjflfjDS9ejs4Op5x9l44Ptc7sAvpx09JiqheFwAA8=&var=2517826&var3=795089130089615665&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 0afa8a9364ed25ea1461058b12fa4059
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uktnwhNYFi6uPl7SFNNJ3AkiJgCixb01bXYFe5LSqw%2FO%2F0dqVcjsBZ3PGKJDTQRayzwLY5TYSIoyTl2smShGJizDwSIo8v558aPMd4ikC4cEyCqOo%2Fk0l2P3X0Yk22e%2F%2BU2cAGo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholefreshnews.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8687ce564ffd0e37-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
88 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW

Requested by

Host: distrib.adblocking-available.xyz
URL: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

553a084018b78560fb30c9de81db8640a57f72a7f33715941118d048aac7c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 17:12:20 GMT

GET
H2 200 9d92a176c9608aa4.css
distrib.adblocking-available.xyz/_next/static/css/ 102 B
480 B 20ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/css/9d92a176c9608aa4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377715
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 17 Mar 2024 22:48:51 GMT
server: cloudflare
etag: W/"66-18e4e9a7e3b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVhALx5ISYPu5hhazljUX955QVEt9ZK3xTbmmS2PksCtzsw3jOQi4iRxd4BhPhIrkLA5HwEFfWdXF%2Bk19PF8t%2FA4fkNeQqFi0rxpitrmFZcedwXUjlJGjTprupKcQSN3t1Rg3BhXkGzHlNUFMLEglwmzL0owC%2F%2BKTB4bzE9wdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce56fdecbbbb-FRA

GET
H2 200 df2d61f3a1484867.css
distrib.adblocking-available.xyz/_next/static/css/ 53 KB
28 KB 37ms
36ms Stylesheet
text/css 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/css/df2d61f3a1484867.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26e0b290eeaa16de5fe9e753209448a0517295087f074213a7b9b446eb8ae22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66136
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"d526-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDky8gt%2BiQ0Ep%2FsyMmZCEPIw81l9kTbP5yVRczVUf9OgNNudvpykLPrxqkl76P8m3O%2FSH0VplmuPZEv5q6ZcTb3d2KxTWp2SGuR8mAbttv1XnJVnh1GkD9WopV2KwDx1qTVfY77n%2BbbQGM8EtG0OnimKgjHvMq3RR6cFWjbtGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce56fdeebbbb-FRA

GET
H2 200 1f026a36892be721.css
distrib.adblocking-available.xyz/_next/static/css/ 3 KB
1 KB 21ms
21ms Stylesheet
text/css 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/css/1f026a36892be721.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc09bedf275bd4bed137d95fa9572ee38cd837667fada433a23b7a795ede56ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66136
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"c86-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egOECGU8kerMXUF03a%2Fz5YIt6q%2F3Ya0WA8rRZns1%2Fcak77UwvbYk65EB4%2BK0VLyKiwP12coFmnSGVy4cX%2FS149b3J4%2BnyzB8YZyXfsYlSK2%2BP2o7tUvMq0f7VXJCZKf3b1rKOZdsOi1jmIrbnmhDdbjYvGN2MOwfnLNHovZRIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce56fdefbbbb-FRA

GET
H2 200 928-ca8af82232fa8a34.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 108 KB
36 KB 48ms
44ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/928-ca8af82232fa8a34.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf8d3e02cc6846a4699197ab835985726562959df8ac0a3a597700a286ab7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66136
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"1af01-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leNHMh0qHUNMxYA81GIsNU5Xw3xBhyFR3f6u56bwgZqY%2Fn7gZsswjjUJyBlvhLA%2BPjkTfe9N3dBDcxGKJw4xplnxuBW78BIGS0AGX42CBoT4Kor1Pj2asV3Q4osvk8OhaFKzscqnjMMVeHE4ByYBH7qzS7OX98YTDGjWM1d7Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e18bbbb-FRA

GET
H2 200 166.56db062c8bd73af1.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 18 KB
7 KB 29ms
26ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/166.56db062c8bd73af1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5fe398e54070d73ca1d7a6a4ac3e621fca00e033c9a262b00b8524e64bb571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66132
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"4716-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgAia7p4IcF%2Fsj5jaoQ%2Br%2Fc5CEAeCKT3EWofUbP7zy46Uie9hPKgM9hFPVswBpnAMpD4rgFkLsXduuarrlXaoYSJHdyHnojDHOH19MCUQ8Al%2FGy1q9lm3sik6BKxu7B6I6S%2BoraF7CBL5nMAbqXHf8BID2HpkzVUzCqjBT5E9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e1cbbbb-FRA

GET
H2 200 983.c92c349dc608fd07.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 151 KB
37 KB 40ms
37ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/983.c92c349dc608fd07.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc37b7a5de5d53b9f5ae9073e11ec7752a883782f22d149a7f3540e73558c327

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66131
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"25c77-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Fh3X6pylH9YDaqJFX8grV%2BHWEgZ6yn8CLBhgPP3Ly2VFFOadPYZDia0FvmYdzxZcvYz61GX06nSZ5ivoRvNk1HpfrwkYlHN84Qmyzi4HFLlTSDnvkTEsHvVryepCOzwF1xqryiUGUztMlMe%2FXNYej%2FqqhIxMIKXdt%2FMF4Pk1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e1fbbbb-FRA

GET
H2 200 webpack-af9b4f31a516f01a.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 10 KB
5 KB 46ms
43ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/webpack-af9b4f31a516f01a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539664a49d31c447171cf575c4876d1977a83e04d9ffc6431a8f5184c17e52bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50832
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"26cd-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQrAAga9%2FfYQiZZZZ%2B5hJHqfGhvjJd8WGE1xyf6axtHAG%2F0tZs3CG1QMSW7PC4Ijc4hDvSmQSyOMJgip%2FTliwDPBfjt0A1uNJgKnNaNkjG0MDG2q%2FzZz9EGab0tuRxiUCqRmhvbd53Xpvqwe%2BsFIczLz%2F22QlN%2F1zyNMrGkTJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e21bbbb-FRA

GET
H2 200 framework-f62b92c55ee7f491.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 279 KB
98 KB 47ms
44ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/framework-f62b92c55ee7f491.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221140705d21c7a0242d660d851557c5dda6a09fae0a57ce5f63fd2dabcc0cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"45ad5-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2bxK8lRQu6GmWwKB1YQVqdRVji8RUbpxtq4D5AUG1WTzCNprJzCEOTFX7EkJvjgHkr5LMj0VEqCnKOT7dvmY%2BZ9%2BlSUfh%2Ba6xVthESLsJ%2BWD%2FpozPH3ABJRWkoCTsUdslWhhkys%2B%2FFDX%2FrhA0REPY6IxvjCeGKdF63To3Basg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e23bbbb-FRA

GET
H2 200 main-962eb6c260ad2cb8.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/ 153 KB
54 KB 48ms
45ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/main-962eb6c260ad2cb8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067177b7242132eb860632fd9dae1ffd93a29f65617e85fe200d3a9d35fea828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"262c5-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t92qAQjdxkWEV0lVdUHbeRBeziB23Cr5NZWy%2FNxbPaCm5H1rKjwubeqQS72%2BvBXwF8Wt7mKz3qKfKZSpKZvQHuTROFwWIlhNsW40n9XKgyet4PEeEgRSUott%2Bw70MellWFbaxeUDR493vOLVDXtRYQiVSfWc4CO6osTpqvadTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e25bbbb-FRA

GET
H2 200 _app-a4bcd005effe1516.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/pages/ 80 KB
40 KB 46ms
44ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/pages/_app-a4bcd005effe1516.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a9c4facf6c52fe6b5d4f28254ae188b0b404d4691ef71e456c0b3a6f8437d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"13f18-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bW6KMvEvelFC%2F1xxEWu5Bxqhy%2FIEWQxN2Hx4fOY4MuXjYKjAulBB9Px3%2BEfmvGsqA22JzTmm%2BRhrrMR%2FoSXnjf4EB5cnBYyWA1Or%2FMqe%2F57c4uOuK%2B13KgrJYIXSzZqVdPIm5oEg1RzqlxGXXvb65gXSILTTCmq0g6HfrQl8Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e29bbbb-FRA

GET
H2 200 index-0c2ec17af75d4144.js Show response
distrib.adblocking-available.xyz/_next/static/chunks/pages/ 21 KB
8 KB 38ms
35ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/chunks/pages/index-0c2ec17af75d4144.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54ef3d700fb4dd6457fff72cf8a174d0a8d9e0be6ccf004bcfa4cd249cd04d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"5339-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YY8KP%2FgqiB2zJkJQjoEaWxrcnCyM6LDDqCAkvWg5MHx9PUq%2BcBepRQDFa3GoijU5OYEirpnuDBG2QDD6dC4QQKinGWADndpvGeQL1CAyBQxGPe3qmpHTkEdsmIZtmLUwtr23SJlvTiEuX%2FyhO6b0H2j3B8tjBvrY1KyGouTfKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e2cbbbb-FRA

GET
H2 200 _buildManifest.js Show response
distrib.adblocking-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/ 1 KB
839 B 46ms
44ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89cd564607262c6cb99a76477cea2a393a96afd86c3529abac4c1e212a16f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"407-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5Hk4EEUg7Xs5KsBBrThBvampI4jym%2Bg38FgbIDWBD9%2BHciqkR99Rm%2BcIPFiWk7dCsJRc%2FUMVpMzZXJnsRu6UyYHGNyR1ybwDwfYuNJ1yBMp2CThz0%2F3XNyNfNEbbTe9d%2F%2F3gTwxwM%2B47mY%2FLbGfJwHaIKM%2B%2B2stQGw%2BgH%2FMvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e2ebbbb-FRA

GET
H2 200 _ssgManifest.js Show response
distrib.adblocking-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/ 77 B
373 B 38ms
36ms Script
application/javascript 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distrib.adblocking-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66130
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"4d-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxAjG2olNS6wudbqddAbVW1cucNcCDajtZTOSAyiHNYtMfLs4MC0x%2FXk2wh9prQLNnyRtVd49kawCLaU16sS%2FiOqVkY9hCEeo24FZ%2Fr5GVQdLTy3MyitTNOrm5A2QYsVVHKR6trODFXHLdQELuVsxXtUc3b0WDhsg2cEGAXe2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8687ce570e30bbbb-FRA

GET
H3 200 icon.svg
distrib.adblocking-available.xyz/images/promo-images/salmon/ 3 KB
2 KB 24ms
23ms Image
image/svg+xml 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://distrib.adblocking-available.xyz/images/promo-images/salmon/icon.svg

Requested by

Host: distrib.adblocking-available.xyz
URL: https://distrib.adblocking-available.xyz/_next/static/css/1f026a36892be721.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/_next/static/css/1f026a36892be721.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:48:45 GMT
server: cloudflare
etag: W/"c75-18e6333d654"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8njf6zTeCH8aiRCuM8iHb%2FIxAVTk8JOKexe2O%2BdnN0zv%2FBF4C90H1W4ID3JW8Vl2h9R%2FkCqBTbtQIXAawEniogFnkKz4UYzmCQxSV0yrDMCa4dNKnrFazfy6jD%2BwQRkpddtMcWHeg9Pxg3Ccputa7J6TM7CNv2YJ8DzvS833aA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8687ce575e4230e8-FRA

GET
H3 200 available-in-chrome.svg
distrib.adblocking-available.xyz/images/browser-icons/ 21 KB
8 KB 26ms
25ms Image
image/svg+xml 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://distrib.adblocking-available.xyz/images/browser-icons/available-in-chrome.svg

Requested by

Host: distrib.adblocking-available.xyz
URL: https://distrib.adblocking-available.xyz/_next/static/css/df2d61f3a1484867.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/_next/static/css/df2d61f3a1484867.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:48:45 GMT
server: cloudflare
etag: W/"5287-18e6333d630"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3bz0Xxs%2BBYhI0XwfmswOqmY8um31IK2e7RRPv9EJKg2lyHFF%2FDA7DTGBNgp1c4ksHbxnTSKzATaPCnXeZnltpN4Q8AveDtrIavoObLwyxd0pL8kQAcjlR%2FHQxI8I0cYCxNLbDN4boCkQuAGwvjabxFLD91NtOccjSszt282Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8687ce575e4530e8-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 35ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je43k0v9138996702za200&_p=1711127540311&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1088448067.1711127540&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711127540&sct=1&seg=0&dl=https%3A%2F%2Fdistrib.adblocking-available.xyz%2F%3Fextension%3Dessential_adblocker%26promo%3Dsalmon%26clk_domain%3Dtrack.instant-adblock.xyz%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D32%26src%3D4662728%26cid%3Dcnurnt32r96s738v0jr0%26lpkey%3D17111823d1aa2c4fa604735083cafbab3761b27840%26isV2%3Dtrue&dt=Essential%20AdBlocker&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=217
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 17:12:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://distrib.adblocking-available.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET click
track.instant-adblock.xyz/ 0
0

GET
H3 200 big-icon.svg
distrib.adblocking-available.xyz/images/promo-images/salmon/ 3 KB
2 KB 28ms
27ms Image
image/svg+xml 2606:4700:3030::ac43:8115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://distrib.adblocking-available.xyz/images/promo-images/salmon/big-icon.svg

Requested by

Host: distrib.adblocking-available.xyz
URL: https://distrib.adblocking-available.xyz/_next/static/css/1f026a36892be721.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63888d81f8a68cd75b14ace069944be39bf1c1d71d79d751410e7d77fa096fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://distrib.adblocking-available.xyz/_next/static/css/1f026a36892be721.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 17:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:48:45 GMT
server: cloudflare
etag: W/"c5a-18e6333d654"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1N40QXAarKjGGbppc%2BJE%2FqYq6B9IRndge0Gwm0oFYsj6sKKs1ImzDsyLbxlbMdDBV7gSOsq32F9eHA8D4EDeHas%2BaNyTghax2KbFWjvY72Gjudu767cETB3oFTHDhWZmKR1wS4UprKlvzssJX8AkFMurHVV6MilyPviviPZPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8687ce57beea30e8-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: track.instant-adblock.xyz
URL: https://track.instant-adblock.xyz/click?upd_clickid=cnurnt32r96s738v0jr0&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
andlookedvery.info/	1969-12-31 23:59:59	Name: csu Value: aec89ac9-4047-44dd-afe1-40bcdb572f88
beklefkiom.com/	1970-01-21 04:04:23	Name: OAID Value: 008027bad06144eaed131cceb4a92edb
beklefkiom.com/	1970-01-21 04:04:23	Name: oaidts Value: 1711127539
my.rtmark.net/	1970-01-21 04:04:23	Name: ID Value: 008027bad06144eaed131cceb4a92edb
beklefkiom.com/	1970-01-20 19:28:52	Name: syncedCookie Value: true
wholefreshnews.com/	1970-01-21 04:04:23	Name: oaidts Value: 1711127539
wholefreshnews.com/	1970-01-21 04:54:47	Name: syncedCookie Value: true
wholefreshnews.com/	1970-01-21 04:04:23	Name: OAID Value: 89de299ed2cf9adaf566d29f3af9251f
wholefreshnews.com/	1970-01-20 19:18:51	Name: reverse Value: 3r0Nitqvwg58G8EqgcgV7I5OGb5nFn6Dpatr7LvON1c
wholefreshnews.com/	1970-01-20 19:18:47	Name: prefetchAd_4662728 Value: true
track.instant-adblock.xyz/	1970-01-21 04:04:23	Name: uclick Value: ye7fkFoPa9I1heOmbWCYtz/vcVaPWmucIyaWXKpMt4UcoJtcrXRU3M0YbQKlcX+u87xwwOo=
track.instant-adblock.xyz/	1970-01-21 04:04:23	Name: bcid Value: cnurnt32r96s738v0jr0
track.instant-adblock.xyz/	1970-01-21 04:04:23	Name: cid Value: cnurnt32r96s738v0jr0
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: extension Value: essential_adblocker
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: promo Value: salmon
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: clk_domain Value: track.instant-adblock.xyz
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: flow Value: binom
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: campaignId Value: 10557
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: trafficsource Value: 32
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: src Value: 4662728
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: cid Value: cnurnt32r96s738v0jr0
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: lpkey Value: 17111823d1aa2c4fa604735083cafbab3761b27840
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: isV2 Value: true
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: _ga_D9B6K7HFTW Value: GS1.1.1711127540.1.0.1711127540.0.0.0
.adblocking-available.xyz/	1970-01-21 04:54:47	Name: _ga Value: GA1.1.1088448067.1711127540

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://beklefkiom.com/afu.php?zoneid=2517826&var=1035679&ymid=4562842812579226976 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wholefreshnews.com/?s=795089130089615665&ssk=0b8fb2864b7cf83408cc04f0774106fb&svar=1711127539&z=2517826&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://distrib.adblocking-available.xyz/?extension=essential_adblocker&promo=salmon&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=4662728&cid=cnurnt32r96s738v0jr0&lpkey=17111823d1aa2c4fa604735083cafbab3761b27840&isV2=true Message: Access to XMLHttpRequest at 'https://track.instant-adblock.xyz/click?upd_clickid=cnurnt32r96s738v0jr0&add_event6=1' from origin 'https://distrib.adblocking-available.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://track.instant-adblock.xyz/click?upd_clickid=cnurnt32r96s738v0jr0&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andlookedvery.info
beklefkiom.com
datatechone.com
distrib.adblocking-available.xyz
jouteetu.net
my.rtmark.net
region1.google-analytics.com
track.instant-adblock.xyz
wholefreshnews.com
www.googletagmanager.com
jouteetu.net
track.instant-adblock.xyz
139.45.195.253
139.45.195.8
139.45.197.237
139.45.197.251
172.67.191.11
18.173.205.22
2001:4860:4802:34::36
2606:4700:3030::ac43:8115
2a00:1450:4001:812::2008
52.58.28.63
067177b7242132eb860632fd9dae1ffd93a29f65617e85fe200d3a9d35fea828
08bd0001733db53eec69f480e3eeb08b1ccc1c5f744f4ac028ac3c50f145a001
221140705d21c7a0242d660d851557c5dda6a09fae0a57ce5f63fd2dabcc0cfe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3511f7563e9c68de939d278324b5bc8bd9cbcbbfa8e3db14544b2b13ec8e9fa7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a9c4facf6c52fe6b5d4f28254ae188b0b404d4691ef71e456c0b3a6f8437d0
539664a49d31c447171cf575c4876d1977a83e04d9ffc6431a8f5184c17e52bd
553a084018b78560fb30c9de81db8640a57f72a7f33715941118d048aac7c250
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
57b53c24a1332fdb488d43b7a025a50cc84809585ea15f8659a6ca2216f6f71e
679e4bd978907fd527756c2bee6b209d0d9f3999430348588ea81aeef1c10aba
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
89cd564607262c6cb99a76477cea2a393a96afd86c3529abac4c1e212a16f2dd
955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
9b5fe398e54070d73ca1d7a6a4ac3e621fca00e033c9a262b00b8524e64bb571
a26e0b290eeaa16de5fe9e753209448a0517295087f074213a7b9b446eb8ae22
c440d492c44e671d66a8223d6a4418d74bfd779dd4f1fe0c97bd071fbc976530
c63888d81f8a68cd75b14ace069944be39bf1c1d71d79d751410e7d77fa096fb
c763ad01b27c56636bca8237777cacb126aa5b1b0a0547bda23b1ff777a37076
cc09bedf275bd4bed137d95fa9572ee38cd837667fada433a23b7a795ede56ff
dc37b7a5de5d53b9f5ae9073e11ec7752a883782f22d149a7f3540e73558c327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54ef3d700fb4dd6457fff72cf8a174d0a8d9e0be6ccf004bcfa4cd249cd04d9
e76717d2de73ef4a266b218a367dbfdea310671511d2baa6436f3ca241cb73fb
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f33fbdda44c1e516c87720082937772e0e5df2bf844ee44ec9fad6ab2ee18dfe
fc91c33152c00aacbe11b4e9484a1a9b6bf143cadf53187351a52c656d4bb93c
fdf8d3e02cc6846a4699197ab835985726562959df8ac0a3a597700a286ab7c0

distrib.adblocking-available.xyz Open in urlscan Pro 2606:4700:3030::ac43:8115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

90 %HTTPS

30 %IPv6

10 Domains

10 Subdomains

9 IPs

3 Countries

507 kBTransfer

1357 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

distrib.adblocking-available.xyz Open in urlscan Pro
2606:4700:3030::ac43:8115 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

90 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

507 kB
Transfer

1357 kB
Size

25
Cookies

61 HTTP transactions
2 data transactions