Submitted URL: http://novanebula.cfd/bfgbw
Effective URL: https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_3625_4662728&cid=6...
Submission: On March 08 via manual from CL — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 216.104.36.158, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is mdm.eumarkdepot.com.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.
This is the only time mdm.eumarkdepot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a02:4780:b:7... 47583 (AS-HOSTINGER)
1 139.45.197.245 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
16 172.64.196.12 13335 (CLOUDFLAR...)
18 139.45.197.251 9002 (RETN-AS)
1 1 34.90.81.51 396982 (GOOGLE-CL...)
1 1 35.204.59.16 396982 (GOOGLE-CL...)
1 216.104.36.158 32475 (SINGLEHOP...)
43 7
Apex Domain
Subdomains
Transfer
18 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771
16 worldfreshjournal.com
worldfreshjournal.com
69 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818
2 KB
2 novanebula.cfd
novanebula.cfd
2 KB
1 eumarkdepot.com
mdm.eumarkdepot.com
4 KB
1 weletmim.com
yes.weletmim.com
365 B
1 trackinita.com
go.trackinita.com — Cisco Umbrella Rank: 990591
230 B
1 phomoach.net
phomoach.net — Cisco Umbrella Rank: 537059
2 KB
0 pi6p.com Failed
v115323.pi6p.com Failed
43 9
Domain Requested by
18 jouteetu.net worldfreshjournal.com
16 worldfreshjournal.com phomoach.net
worldfreshjournal.com
4 my.rtmark.net phomoach.net
worldfreshjournal.com
2 novanebula.cfd 1 redirects
1 mdm.eumarkdepot.com worldfreshjournal.com
1 yes.weletmim.com 1 redirects
1 go.trackinita.com 1 redirects
1 phomoach.net novanebula.cfd
0 v115323.pi6p.com Failed mdm.eumarkdepot.com
43 9

This site contains no links.

Subject Issuer Validity Valid
novanebula.cfd
R3
2024-01-15 -
2024-04-14
3 months crt.sh
phomoach.net
R3
2023-12-26 -
2024-03-25
3 months crt.sh
rtmark.net
R3
2024-03-02 -
2024-05-31
3 months crt.sh
worldfreshjournal.com
GTS CA 1P5
2024-01-16 -
2024-04-15
3 months crt.sh
jouteetu.net
R3
2024-02-24 -
2024-05-24
3 months crt.sh
mdm.eumarkdepot.com
R3
2024-01-24 -
2024-04-23
3 months crt.sh

This page contains 1 frames:

Frame: https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7344065305020203091&pub=15494&pid=15494-28e4fe33&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
Frame ID: 53F1D815E9331A58E0CC2B608F7C9EA2
Requests: 45 HTTP requests in this frame

Screenshot

Page Title

Click "Allow" To Continue

Page URL History Show full URLs

  1. http://novanebula.cfd/bfgbw HTTP 301
    https://novanebula.cfd/bfgbw Page URL
  2. https://phomoach.net/4/6231501 Page URL
  3. https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z... Page URL
  4. https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z... Page URL
  5. https://go.trackinita.com/click?pid=3625&offer_id=84187&sub1=790038819780178783&sub5=4662728&oaid=80be... HTTP 302
    https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=3625_4662728&sub3=84187&sub4=%5BCPI%5D+Mu... HTTP 302
    https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=137... Page URL

Page Statistics

43
Requests

95 %
HTTPS

13 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

78 kB
Transfer

177 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://novanebula.cfd/bfgbw HTTP 301
    https://novanebula.cfd/bfgbw Page URL
  2. https://phomoach.net/4/6231501 Page URL
  3. https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  4. https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  5. https://go.trackinita.com/click?pid=3625&offer_id=84187&sub1=790038819780178783&sub5=4662728&oaid=80be06e1d0cdc409fb414b2c876f6ce2 HTTP 302
    https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=3625_4662728&sub3=84187&sub4=%5BCPI%5D+Multigeo+Bee+Hive+%28Chrome%29 HTTP 302
    https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_3625_4662728&cid=65eb5c7c1551be00014e9474 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://novanebula.cfd/bfgbw HTTP 301
  • https://novanebula.cfd/bfgbw

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
bfgbw
novanebula.cfd/
Redirect Chain
  • http://novanebula.cfd/bfgbw
  • https://novanebula.cfd/bfgbw
3 KB
1 KB
Document
General
Full URL
https://novanebula.cfd/bfgbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:739:0:2be4:9d0b:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
9ab94707448c43f774aab57522601bfbea517203274654f1ccf08837cd5c7f4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
877
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 08 Mar 2024 18:44:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 08 Mar 2024 18:44:07 GMT
location
https://novanebula.cfd/bfgbw
platform
hostinger
server
LiteSpeed
6231501
phomoach.net/4/
2 KB
2 KB
Document
General
Full URL
https://phomoach.net/4/6231501
Requested by
Host: novanebula.cfd
URL: https://novanebula.cfd/bfgbw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://novanebula.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Fri, 08 Mar 2024 18:44:11 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://worldfreshjournal.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
37cddb039b4e8a0f9450b1be922f2202
img.gif
my.rtmark.net/
43 B
503 B
Ping
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080194fd12a460eec5c6caca33e3ad4
Requested by
Host: phomoach.net
URL: https://phomoach.net/4/6231501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://phomoach.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
worldfreshjournal.com/
42 KB
14 KB
Document
General
Full URL
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: phomoach.net
URL: https://phomoach.net/4/6231501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
5fea901ade0f8a5169816f6201c2fe019da97d41250a0dd61760b7fe7341eb23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8614f9a26a641e4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Mar 2024 18:44:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVJ9JxrtOE4NQwnlW6un5IIsnZcWM8lpR7ngl5Utf9NkK%2FSK%2F2QPQa5%2FRwfKSy8CnHeXevcrWrOsjNGaESWFdWTCn38Vu4XlYCjq9wlhAlBDD8FCXcq1Q6l0wdX7S8QEe9ZSc1d1bqU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?userId=80be06e1d0cdc409fb414b2c876f6ce2
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b34438d006acf16013f046f332b3856fd206e0a5180664f98c45d00bc1055cb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://worldfreshjournal.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
worldfreshjournal.com/pfe/current/
35 KB
13 KB
Script
General
Full URL
https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Mar 2024 09:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ead850-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4TrDwqcCfZxSN3Jpd24EF6i5BWQhfDZyMvKZ%2BvJ0PNZMxk5SnqcldhddMl35xJF6lfAdZ1i1%2BfBAVmYDhtxc7rU6ELpmi5Fq0hUIcYWRduoIu9HBrB82Zlz6UL%2BipUMkI6IpmISwE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8614f9a2fb3c1e4a-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
worldfreshjournal.com/
2 B
393 B
XHR
General
Full URL
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbmF8ofeoUg5K2Vt4RngvvI%2B6h6Cp6cb72rkOIQUPzZOuh4M%2FUH5nam0JzY%2F1sVpoE81c3iY04dRZGJMqLe5u7Z8cmg0IqfCf%2FaJQp3I8Mq0WqqLZx4H%2FsJVenBmkTjeRjvq8DfmDco%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8614f9a2fb421e4a-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
worldfreshjournal.com/19/4662728/
3 KB
2 KB
XHR
General
Full URL
https://worldfreshjournal.com/19/4662728/?abt_opts=1&var=6231501&var3=790038818064700029&ymid=&rhd=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d10b8b844a774c8c6c8965b743dbd70845b821857e9280f469f18b118ed834d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
9251c39ffc159a497615fb4fb50c13fe
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0pHSuTUwMPYMCAeFkwWLp2H0iPS5WmK9NDW8EMW%2Fj7kayZxMHKojkFV2Fdqopum8XNOEY7t%2FYA4v6rgyNf78sfPU4awxyNkh9931gVwtdxGl6UGhU8p3ZZCzpwTu%2BGawPJ8TBI3Lss%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8614f9a2fb471e4a-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

4662709
worldfreshjournal.com/sw-check-permissions/
0
1 KB
Other
General
Full URL
https://worldfreshjournal.com/sw-check-permissions/4662709?var=6231501&ymid=790038818064700029&uhd=1&zoneId=4662709
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BpNRLuwdNBi%2FaTfn1w%2BKGhm%2FUDPW69c%2BIruNO%2F4mtcTEUP8AQkQpvGNvJwGy5EuFX9YrSeWSRr9pJpqANEZBJ1wjHPmYXohjeo4T4Xl8N%2B7Td1BdxsUGDKvLAjuIbloUzmajeJORCQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8614f9a33fb9365b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
worldfreshjournal.com/
0
496 B
Ping
General
Full URL
https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6231501&ymid=790038818064700029&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=04616faf-3eea-4f92-bc2b-6d4ddaa1ab74&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
7bbc1449a12d0c6c6a585a8744763aaa
date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4LuVY41r8e%2F8OgJEBV7O5hOvzT9xcbDXnghigjHjxbPe4SohWeFTR6DU%2FNU5qvp1lYustiAfbIlShUCu0qL4C9AtuaJoq06jQHXGZ551JIEY5IM7ZtuzqbsOuyH0sU9lNQoMIw0ImE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://worldfreshjournal.com
access-control-allow-credentials
true
cf-ray
8614f9a33fc2365b-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=790038818064700029&var=6231501
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b34438d006acf16013f046f332b3856fd206e0a5180664f98c45d00bc1055cb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://worldfreshjournal.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

rhd
worldfreshjournal.com/
0
0

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
worldfreshjournal.com/
798 B
992 B
Fetch
General
Full URL
https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6231501&ymid=790038818064700029&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=04616faf-3eea-4f92-bc2b-6d4ddaa1ab74&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
df864649d675597039f5fde521f60b7d
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnyQgDy8F9a3CoKTsKfgIMoMTNUWHWLTrvJXD3DXFIwMku99tEvMy%2BTSg8mVPv%2Fa088HCw8FrgJsNgzWCUbLxvr5ygYYBEPS06%2BTYjU1A%2BOFgIWSJs%2BhRInF3awss2XLOLnf7cO1xoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8614f9a34fd3365b-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

/
worldfreshjournal.com/
42 KB
14 KB
Document
General
Full URL
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
b34f84e54fa4f4c291d950519e941e79a0883a569a811e8126f72ba12d3538c9

Request headers

Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8614f9a35fde365b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Mar 2024 18:44:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p6nMfypqWbHz6ax9gyWQJCzs3IlL8RBKrmPnUZ2lCxT1DqH%2FWnY5n8DtOBfLi06KP%2Ffny7mlPCQHKI6JlGCNhQ4UacGobkKls4mVlsmPeXBkVbQKq082D8DcHgENHL3XBkeHyz5ST0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.27
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

micro.tag.min.js
worldfreshjournal.com/pfe/current/
35 KB
13 KB
Script
General
Full URL
https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Mar 2024 09:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ead850-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRU1yRKJ7IJ4oX80sscNYtps0FNUt0d1Qyeo0KLXmfDBFpj72vneZSh9VX5ZlkMyJ2GEUyq82JkpmtGGlDUt51DPVNFxyNCJ2ScO9d3flJaplVAXGqtkiNuaFJ2XvDpcETfCH5gJEDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8614f9a3e903365b-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
worldfreshjournal.com/19/4662728/
3 KB
2 KB
XHR
General
Full URL
https://worldfreshjournal.com/19/4662728/?abt_opts=1&var=6231501&var3=790038818064700029&ymid=&rhd=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfad3e9e4047b5cb862df1d42d3615f6c866b1e5b0dd30a8bb9c6c6d5fdc3cf9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
b7ff87fce49442a977828ab98f1a4e25
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLcNyYB3hnUNpfG7QpsBlys3W5vYtK8q6UfkYSjXmpOtxx5Y%2FOEeF1P37Tj4mIszE15TlYLr5XUoD49oiTyQr7p0X%2FFhWfgI7qrgSUPBjJPZpwrm239e1kdD5dwTUYBJpne8Swhn0YI%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8614f9a3f906365b-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
worldfreshjournal.com/
2 B
534 B
XHR
General
Full URL
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fj20iS%2F8q38o86SdlRs6KH1bx0045bcowN%2BRLfZna0Am9WWYfg0JcRs766OKAdM6WGP2bpGPX7922A%2F3peAUuuQy3QkaM8n3ZVq4MuTbtRNkjte8YEQZTIEXIaJa4Kc3vYbBN%2FEJEyg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8614f9a3f90c365b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
worldfreshjournal.com/
3 KB
3 KB
Fetch
General
Full URL
https://worldfreshjournal.com/rhd?rb=0BDBBmg04Bd3v6gb6AC_djH5r8oVIvI2o1p5u4KpT86lP-zT_itZIZSWSLQLdGWLrttikmQsten9FBtsXsFYqDJafvpzHXNmQDtolx2QuJthgz2K31-_so4F1HRewOqVZoRaYMWWEcJ7DmN7ly5zrQWAsA-pQ2mFX7zxtcCTTs4Y3_O0999hWf7DhTkI3OgLLdkzVy-sH4uIz8YfR9piv4EJb6nG0NEhTJ-5DP7L8VSaq9oQqMWocmHru_JCkzlDq9rNJBvhPRWDMArHUAZcIcJ_jYh29uJQ2Q5iVfqDrATkoWHKfhFfajYSGcSAcUmmtT7VjbgFeTe_b9IkYDGXpAPSRmPhwJXr-SCFZwZCgI4y_qK8Sf9vOIFN1N-PPKTOuw_FLpl8rLsRg-EHE6zYJaa5XdxSr-dwcf6pLiZTG9DIIaMxUnsYZKUXHvCDnfcfRTUNRTPNzMPGDfFmc83qoXG0rGFpCLvyLbk89eiVIsVJ-eXyJJlvFafkmh5hUmt-1FpPyO6sWDX6oiSzfM3GxHYv5yeYLwvzSopUzbJa7WUfVKR9&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D790038818064700029%26ssk%3Db63aa338f98d398d5422b8fcb39004f5%26svar%3D1709923451%26z%3D6231501%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D790038818064700029%26ssk%3Db63aa338f98d398d5422b8fcb39004f5%26svar%3D1709923451%26z%3D6231501%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6231501&var3=790038818064700029&ymid=&rhd=1&m=link
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08dc1a6045b824153e2718a08a2f43421aac6bb5a5fa2aed7dbf0d099245143
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
5806b78251c0c517225d9658e8787197
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExZQLC%2Fwfg9atix%2F6BviGBM4VAus8Z8bbwGO9%2BQkB0F9IsUjhQQ3DgQPUUvAUnLdBDcRVxyEnoNUeYETO1KQB4XtkrmgDTuxUGyZ9vl5Dvf1Jb9hZ650PlVnbFveP8GR4RXHyQ9aO68%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8614f9a4395d365b-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

4662709
worldfreshjournal.com/sw-check-permissions/
0
1008 B
Other
General
Full URL
https://worldfreshjournal.com/sw-check-permissions/4662709?var=6231501&ymid=790038818064700029&uhd=1&zoneId=4662709
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jo5YxpcxA1%2BKGM8WNIbiCJnf1XMNbivZPXF6L%2BqvHUnkH6330ej2C4mqjlfz813OVzzBAQhNiPlMq8teLKFWmJukuY5BbIARTJd27KXuZOEiJBKwCxopzBs7LHdFLDHR3craRfQzZo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8614f9a44974365b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
worldfreshjournal.com/
0
496 B
Ping
General
Full URL
https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6231501&ymid=790038818064700029&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=ce1e439c-78d4-46bc-82fb-a893b799d8f1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
7f1aba179e8d50a73521f7f5a3e32629
date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3Lz2ABz53q7MXh%2FbwB3GL1sGFMUYzIC5sNYOtZE71Jyjorsp44dOoY8PxwZV2klq8qT6vm79m4eFh9LphrhkWN6IcxsaPPBouz3D1hPCIL75NEwSPDqjD9Dd28yPlDOTYDWLgXFi2w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://worldfreshjournal.com
access-control-allow-credentials
true
cf-ray
8614f9a44976365b-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=790038818064700029&var=6231501
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b34438d006acf16013f046f332b3856fd206e0a5180664f98c45d00bc1055cb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://worldfreshjournal.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
worldfreshjournal.com/
798 B
991 B
Fetch
General
Full URL
https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6231501&ymid=790038818064700029&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=ce1e439c-78d4-46bc-82fb-a893b799d8f1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7de89272b34be0e66a43886199a4f150839b97761c255887e29937deb4560ea
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 18:44:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
23cb6dec2c91a062c84b531d00f637bd
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pARcYF1qItz6RoRTVdOXsB6Wof8WGVZrLOWl7Pj7RSeHlD8hglrv%2FCj%2BRLHEi2l3y%2B7mB8%2F7pNPj4HLDhRDYS0iOIstA1FOY%2FAolAMBACMQZgqpRUDZefOvvgWxl4rlVOiFDfgZwOjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8614f9a45979365b-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=790038818064700029&var=6231501&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://worldfreshjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Primary Request /
mdm.eumarkdepot.com/
Redirect Chain
  • https://go.trackinita.com/click?pid=3625&offer_id=84187&sub1=790038819780178783&sub5=4662728&oaid=80be06e1d0cdc409fb414b2c876f6ce2
  • https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=3625_4662728&sub3=84187&sub4=%5BCPI%5D+Multigeo+Bee+Hive+%28Chrome%29
  • https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_3625_4662728&cid=65eb5c7c1551be00014e9474
9 KB
4 KB
Document
General
Full URL
https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_3625_4662728&cid=65eb5c7c1551be00014e9474
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.104.36.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
6816647bb92d19a1feee8e6a3a3f4de0176cd91a073ce4cfafa6e9c22503c057
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 08 Mar 2024 18:44:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 08 Mar 2024 18:44:12 GMT
location
https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_3625_4662728&cid=65eb5c7c1551be00014e9474
server
nginx
x-adjust-use-original-forwarded-for
1
cat.php
worldfreshjournal.com/
0
767 B
Ping
General
Full URL
https://worldfreshjournal.com/cat.php?userId=80be06e1d0cdc409fb414b2c876f6ce2&zoneid=4662728&rb=0BDBBmg04Bd3v6gb6AC_djH5r8oVIvI2o1p5u4KpT86lP-zT_itZIZSWSLQLdGWLrttikmQsten9FBtsXsFYqDJafvpzHXNmQDtolx2QuJthgz2K31-_so4F1HRewOqVZoRaYMWWEcJ7DmN7ly5zrQWAsA-pQ2mFX7zxtcCTTs4Y3_O0999hWf7DhTkI3OgLLdkzVy-sH4uIz8YfR9piv4EJb6nG0NEhTJ-5DP7L8VSaq9oQqMWocmHru_JCkzlDq9rNJBvhPRWDMArHUAZcIcJ_jYh29uJQ2Q5iVfqDrATkoWHKfhFfajYSGcSAcUmmtT7VjbgFeTe_b9IkYDGXpAPSRmPhwJXr-SCFZwZCgI4y_qK8Sf9vOIFN1N-PPKTOuw_FLpl8rLsRg-EHE6zYJaa5XdxSr-dwcf6pLiZTG9DIIaMxUnsYZKUXHvCDnfcfRTUNRTPNzMPGDfFmc83qoXG0rGFpCLvyLbk89eiVIsVJ-eXyJJlvFafkmh5hUmt-1FpPyO6sWDX6oiSzfM3GxHYv5yeYLwvzSopUzbJa7WUfVKR9&var=6231501&var3=790038818064700029&ymid=&rhd=1
Requested by
Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 Mar 2024 18:44:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
d55f869726f5bd9bf82c0aa06636b51e
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nj0NJX7zQGHORYOTT7dyMY51NjkCAwXVbelqKZCSlm1D8GKi08MvvoV%2BDoEfS7HY0AptDE%2F6cN8Lj2hWDh8T%2FxKxzyy3N18s8Xog9fCfCb5ajDbxhqVQsKkycZBt9fZl%2BLPU0yojfKc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://worldfreshjournal.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8614f9a78d01365b-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
go.php
v115323.pi6p.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
worldfreshjournal.com
URL
https://worldfreshjournal.com/rhd?rb=t2tz_EoSM6UuGPvCbOf9H6ZtIUvp8GocdeQcOFdS4PsJZEDEzwuV7FW0rSOglx7UCK29xUn3cLuq9-NHZckTUE7sbYsoJG84b8EFEFdLrZLrQBDogS4Nsa8kdrzXqy3Eu3wf6WzZ94J6QjZERyN1S2SLrn-s_XwB6QoxyPY13O5PrxjtWDB3VXZCazcbdIErUmVqhP3j_Ef_Fkn8SMLi-iL5pX2dYWTreeLLtd3a2YngrOPgLCgqrooRqZK5fZwQSolXrjfRS9kbmAZZolus2-heqQ_iyyUzhRKPQeJFpLKp1WcNCBZh8UrtD69jhzk3vSbmYEiRJ2tVV49EOgZWKir-zjXyZukws3uVv-Rn2y5Z7Ep3S6fwBEAlDWb6JoDsRYBa5JUbW_iGbxTNuhi6y1V5dZqJlEoIZlKVChLMGs04hMMmz3WtB1mIX8g3tiiMWtlXwwHF8cozXc6dyOI8GTlaNwip-hPqJI57cWO190GlmeaRaVGLtdgDPqB1CCGelDY8jEbxTW-dYPyC_Hj_j0JNrWow_iqNDGVkZ_qha2Y%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D790038818064700029%26ssk%3Db63aa338f98d398d5422b8fcb39004f5%26svar%3D1709923451%26z%3D6231501%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6231501&var3=790038818064700029&ymid=&rhd=1&m=link
Domain
v115323.pi6p.com
URL
https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7344065305020203091&pub=15494&pid=15494-28e4fe33&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| pm_appKey function| pm_denyAction string| pm_tag function| pm_allowAction

12 Cookies

Domain/Path Name / Value
novanebula.cfd/ Name: PHPSESSID
Value: 47c48ddeb87bd47d7720b2c1558700ff
novanebula.cfd/ Name: short_323716
Value: 1
phomoach.net/ Name: OAID
Value: 0080194fd12a460eec5c6caca33e3ad4
phomoach.net/ Name: oaidts
Value: 1709923451
my.rtmark.net/ Name: ID
Value: 0080194fd12a460eec5c6caca33e3ad4
worldfreshjournal.com/ Name: oaidts
Value: 1709923451
worldfreshjournal.com/ Name: syncedCookie
Value: true
worldfreshjournal.com/ Name: OAID
Value: 80be06e1d0cdc409fb414b2c876f6ce2
worldfreshjournal.com/ Name: prefetchAd_4662728
Value: true
worldfreshjournal.com/ Name: reverse
Value: Vrpl8nWdXAKsyuMHevS03Yl0wfNU73WiIYWWzxlGIzQ
yes.weletmim.com/ Name: afclick
Value: 65eb5c7c1551be00014e9474
yes.weletmim.com/ Name: afoffers
Value: {"78348":1709923452}

7 Console Messages

Source Level URL
Text
other warning URL: https://phomoach.net/partitial/5117856/?var=6231501&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://worldfreshjournal.com/?s=790038818064700029&ssk=b63aa338f98d398d5422b8fcb39004f5&svar=1709923451&z=6231501&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests