urlscan.io logo urlscan.io
SecurityTrails logo

yourfreshstories.com Open in urlscan Pro
172.64.160.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://excursionfriction.top/C8wppspgu?qocv1698852887476
Effective URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5...
Submission: On November 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 35 HTTP transactions. The main IP is 172.64.160.30, located in United States and belongs to CLOUDFLARENET, US. The main domain is yourfreshstories.com.
TLS certificate: Issued by GTS CA 1P5 on October 21st 2023. Valid for: 3 months.
This is the only time yourfreshstories.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 103.235.46.191 55967 (BAIDU Bei...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 108.178.23.114 32475 (SINGLEHOP...)
1 172.64.155.33 13335 (CLOUDFLAR...)
1 3 23.221.227.169 20940 (AKAMAI-ASN1)
1 2600:1408:540... 20940 (AKAMAI-ASN1)
3 139.45.195.8 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
13 172.64.160.30 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
35 13
2    2606:4700:3036::6815:163f (United States)

ASN13335 (CLOUDFLARENET, US)
excursionfriction.top
1    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    2606:4700:3036::ac43:9e01 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.admo.buzz
3    108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
prize.youarelucky.click
1    172.64.155.33 (United States)

ASN13335 (CLOUDFLARENET, US)
for-j.com
3    23.221.227.169 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-221-227-169.deploy.static.akamaitechnologies.com
ak.hetahien.com
1    2600:1408:5400:4a8::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
1    2600:1408:c400:d8d::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
13    172.64.160.30 (United States)

ASN13335 (CLOUDFLARENET, US)
yourfreshstories.com
2    2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
Apex Domain
Subdomains		 Transfer
13 yourfreshstories.com
yourfreshstories.com
61 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
2 KB
3 hetahien.com
ak.hetahien.com
15 KB
3 youarelucky.click
prize.youarelucky.click
5 KB
2 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 17347
3 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1444
c.go-mpulse.net — Cisco Umbrella Rank: 654
50 KB
2 excursionfriction.top
excursionfriction.top
2 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 34587
468 B
1 for-j.com
for-j.com — Cisco Umbrella Rank: 54029
14 KB
1 admo.buzz
ad.admo.buzz
600 B
1 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9830
35 11
Domain Requested by
13 yourfreshstories.com yourfreshstories.com
3 my.rtmark.net ak.hetahien.com
yourfreshstories.com
3 ak.hetahien.com 1 redirects for-j.com
ak.hetahien.com
3 prize.youarelucky.click ad.admo.buzz
prize.youarelucky.click
2 littlecdn.com yourfreshstories.com
2 excursionfriction.top excursionfriction.top
1 c.go-mpulse.net s.go-mpulse.net
1 datatechone.com ak.hetahien.com
1 s.go-mpulse.net ak.hetahien.com
1 for-j.com prize.youarelucky.click
1 ad.admo.buzz excursionfriction.top
1 hm.baidu.com excursionfriction.top
35 12

This site contains no links.

Subject Issuer Validity Valid
excursionfriction.top
E1		 2023-09-29 -
2023-12-28		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
admo.buzz
E1		 2023-10-18 -
2024-01-16		 3 months crt.sh
prize.youarelucky.click
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
for-j.com
GTS CA 1P5		 2023-09-23 -
2023-12-22		 3 months crt.sh
ak.hetaruwg.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
yourfreshstories.com
GTS CA 1P5		 2023-10-21 -
2024-01-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Frame ID: 97EA90DAFBC023DF31057783D19BE802
Requests: 33 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Frame ID: FAA1765492BA9B7731B7DAB680694919
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Press Allow

Page URL History Show full URLs

  1. https://excursionfriction.top/C8wppspgu?qocv1698852887476 Page URL
  2. https://excursionfriction.top/404/nfp.html Page URL
  3. https://ad.admo.buzz/mt/?pn=nfp Page URL
  4. https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
  5. https://prize.youarelucky.click/?utm_term=7296551941545394293&tid=57696e3332 Page URL
  6. https://prize.youarelucky.click/proc.php?2aaefb3f1bd411de24b7f103d24287d6c5bd9001 Page URL
  7. https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296551941545394293&sourceid=25426-5a4e140z... Page URL
  8. https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z Page URL
  9. https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
    https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL
  10. https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

35
Requests

89 %
HTTPS

42 %
IPv6

11
Domains

12
Subdomains

13
IPs

4
Countries

151 kB
Transfer

447 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://excursionfriction.top/C8wppspgu?qocv1698852887476 Page URL
  2. https://excursionfriction.top/404/nfp.html Page URL
  3. https://ad.admo.buzz/mt/?pn=nfp Page URL
  4. https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
  5. https://prize.youarelucky.click/?utm_term=7296551941545394293&tid=57696e3332 Page URL
  6. https://prize.youarelucky.click/proc.php?2aaefb3f1bd411de24b7f103d24287d6c5bd9001 Page URL
  7. https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296551941545394293&sourceid=25426-5a4e140z&tt=2&geo=us Page URL
  8. https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z Page URL
  9. https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
    https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780 Page URL
  10. https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false HTTP 302
  • https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
C8wppspgu
excursionfriction.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://excursionfriction.top/C8wppspgu?qocv1698852887476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:163f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f5f76b4e7f4bd5-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noM%2F5LNifqbgWDDYqmqxRO8Yrenyrpr0pXhROLJW8dki7DBrAxVxn1E9j%2FeOAi8fWJbutstOkPSZhNxMjE4sXHhoyj8FPleU%2BoTlEQ5Ih3tGcJureyvRepmvOID623xR69Fu1CdQ4%2BDQ8tsUcF%2Fd0QOv75Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nfp.html
excursionfriction.top/404/ 		836 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://excursionfriction.top/404/nfp.html
Requested by
Host: excursionfriction.top
URL: https://excursionfriction.top/C8wppspgu?qocv1698852887476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:163f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f5f76ebec74bd5-BUF
content-encoding
br
content-type
text/html
date
Wed, 01 Nov 2023 17:48:04 GMT
last-modified
Sat, 21 Oct 2023 05:35:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NrxAtUDNUCCBayY6cFaWlzgwiNJLLTbOEDmyAD9J7H%2BufvcSw0U92qMuK%2F%2FjAzyjrvvVA2NUqGxwXHf0LEgU8ypKG3Uq0UTs7lGMgqyK1J%2BRHWeXcrFiYF%2FAoeJsrTxG5dLZYrAOgSVRnNfifDHXNkz%2F3g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c
Requested by
Host: excursionfriction.top
URL: https://excursionfriction.top/404/nfp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://excursionfriction.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 17:48:05 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
0e0b57ea544ee5d1596709d379867e6e
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11255
/
ad.admo.buzz/mt/ 		179 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.admo.buzz/mt/?pn=nfp
Requested by
Host: excursionfriction.top
URL: https://excursionfriction.top/404/nfp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://excursionfriction.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f5f7713d106aee-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKHepKBZUifXwSQb%2BEOEhtyVaboAHym0Z1Ga9UHdIDRfst1ajwXmZzQjfOl87h2P0StKwv58yhMOkSuSys7bTzCdR%2Fcj3MO7iDpJFZy9a3EzkOnVq%2FWKy1R5S%2BsdJ%2BwqMdN2Uzx272Fn8o4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
prize.youarelucky.click/ 		1 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Requested by
Host: ad.admo.buzz
URL: https://ad.admo.buzz/mt/?pn=nfp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://ad.admo.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
/
prize.youarelucky.click/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/?utm_term=7296551941545394293&tid=57696e3332
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash
15eb6085985b19aeb220ba200e246900bcdac0629383453c9c41ff27c54f6849

Request headers

Referer
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 17:48:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
proc.php
prize.youarelucky.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prize.youarelucky.click/proc.php?2aaefb3f1bd411de24b7f103d24287d6c5bd9001
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/?utm_term=7296551941545394293&tid=57696e3332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://prize.youarelucky.click/?utm_term=7296551941545394293&tid=57696e3332
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296551941545394293&sourceid=25426-5a4e140z&tt=2&geo=us
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
tds3_2.html
for-j.com/ 		45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296551941545394293&sourceid=25426-5a4e140z&tt=2&geo=us
Requested by
Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/proc.php?2aaefb3f1bd411de24b7f103d24287d6c5bd9001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://prize.youarelucky.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
25536
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
81f5f778ea6b36d9-YYZ
content-encoding
br
content-type
text/html
date
Wed, 01 Nov 2023 17:48:05 GMT
expires
Sat, 02 Dec 2023 17:48:05 GMT
last-modified
Fri, 27 Oct 2023 10:22:36 GMT
server
cloudflare
vary
Accept-Encoding
afu.php
ak.hetahien.com/ 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
Requested by
Host: for-j.com
URL: https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296551941545394293&sourceid=25426-5a4e140z&tt=2&geo=us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.227.169 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-221-227-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d20bdf8d1b0456b9e45a5f3feda753316120ea2294324eca8ea2bc9e5f99d94c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
12651
content-type
text/html; charset=utf8
date
Wed, 01 Nov 2023 17:48:06 GMT
expires
Wed, 01 Nov 2023 17:48:06 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=101 origin; dur=11 ak_p; desc="1698860886077_399493033_3460458810_11235_1159_39_269_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-akamai-transformed
9 11990 0 pmb=mRUM,1
x-content-type-options
nosniff
x-trace-id
d757c2321b1c0f19ddcce0eda72b327c
LDA9V-XELL8-WJK28-ZAL9U-A63WA
s.go-mpulse.net/boomerang/ Frame FAA1 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:5400:4a8::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:06 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sun, 24 Sep 2023 04:38:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
sftouch
ak.hetahien.com/ 		2 B
679 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.hetahien.com/sftouch?userId=462e5dbf39174fdbb70d0ac0ee4d60e0&z=5460780&p_rid=0c3e494a-aaf8-4071-9662-7374659fad88&p_src=sf
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.227.169 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-221-227-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Wed, 01 Nov 2023 17:48:06 GMT
x-content-type-options
nosniff
server-timing
cdn-cache; desc=MISS, edge; dur=84, origin; dur=13, ak_p; desc="1698860886541_399493033_3460459625_9715_909_39_0_109";dur=1
content-length
2
x-trace-id
d50c8caa8f47603f5f3f06d5fe7a4bdd
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.hetahien.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Wed, 01 Nov 2023 17:48:06 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=462e5dbf39174fdbb70d0ac0ee4d60e0&z=5460780&p_rid=0c3e494a-aaf8-4071-9662-7374659fad88&p_src=sf
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:06 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296551941545394293&var=25426-5a4e140z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://ak.hetahien.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 01 Nov 2023 17:48:06 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.hetahien.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
config.json
c.go-mpulse.net/api/ Frame FAA1 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=LDA9V-XELL8-WJK28-ZAL9U-A63WA&d=ak.hetahien.com&t=5662870&v=1.720.0&if=&sl=0&si=0e0fa388-51a1-4785-a30b-95709ee8cc3f-s3ghg6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=760894
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LDA9V-XELL8-WJK28-ZAL9U-A63WA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:c400:d8d::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.hetahien.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Nov 2023 17:48:06 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
/
yourfreshstories.com/
Redirect Chain
  • https://ak.hetahien.com/?z=5460780&syncedCookie=true&rhd=false
  • https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d1...
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
af6a29e525a5a16c0cac1ef446d1b05f9acafea94cf8dfbb84a5109604232c99

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ak.hetahien.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f5f782aa55420d-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk7hLxHeP1AVb%2F9Q4P9ygr9k1OvDgWB6iNZARJwMys3KZwO04ngo4K0E79QnfOQnS30o%2BXT8MPu%2Fbador%2FLyKGHtJkoVAM8sI5aBv82Lt%2BN6urJhBIXScO91omMNKAX5iC6qs92fgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ak.hetahien.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 01 Nov 2023 17:48:07 GMT
expires
Wed, 01 Nov 2023 17:48:07 GMT
link
<https://yourfreshstories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
pragma
no-cache
referrer-policy
no-referrer
server-timing
cdn-cache; desc=MISS edge; dur=245 origin; dur=40 ak_p; desc="1698860887057_399493033_3460461681_28521_912_39_0_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
d6c58bfae57b248671afcc599f86330a
style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:50:57 GMT
server
cloudflare
age
2664
etag
W/"654249b1-1bb3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
81f5f7848dd34bd2-BUF
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=462e5dbf39174fdbb70d0ac0ee4d60e0
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
073a00bcbdc672f156942cfd685af6f95827b71f1963cfa165038759c85f0f68
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yourfreshstories.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
yourfreshstories.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41c8bbd8470841133e8f75a5d430b23debb55e831532b2d2c6fe48400c4caed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 17:48:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 09:40:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65421cfe-6972"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsth576IfpolyBN6AM5FQJJOanbUhWP7%2BGcF7nuZXMnWKmZlHPXfufIZUEuklRRFQmq%2BRpc2sXfObKjbv%2FBLFtpozQMK2%2BFD8xuQMab4oEfEjAv1lClKlivl%2BEjmeY0Gokk71LjaqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
81f5f7843bf7420d-EWR
alt-svc
h3=":443"; ma=86400
/
yourfreshstories.com/19/5202628/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/19/5202628/?abt_opts=1&var=5460780&var3=743639062178702071&ymid=&rhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fd2bf90e189a8f13a92d51cf9228945b5f634703d3abde7118c931f1b83c96
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
12034a18631dd9a94c0d62c3473c5b2b
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh4y0%2FOg27P3MTe2x8WzTzhUnTCmDyXGEA1crGVyO4xKDv%2Ft2M%2BkBOpnr31e7RG85F2XuMNvqTaskfGKAKOmeIHeSFJ0%2Fu6wCAKts2kSTxH9tchOE%2FZBevFrd732CgKd6Z5n7pGe2A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81f5f7843bf9420d-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
yourfreshstories.com/ 		2 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&mprtr=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBzfsS9Mm%2BkXqA1i75WXSsVDufCsbUBoPBFRBywnu9PQ5b5NsqsHvSgBfPLkVjercW3yCwZiUjBV4PH82s7vchEjqsx2ITw7FXMG%2BoP7uOgKjuch%2Bdq6qnSxaYaHeoW6oiibic0Y0g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
81f5f784ea4e43e3-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
yourfreshstories.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/rhd?rb=fReBAQm4wwSDLNY-M235ULf63QrdA2HiUSPqYurMTliCU4gDszbQeLhaFGbBFnlCn-kKcjab-MBP5a5787OufQJfUeyTEaVvWX126B0aViOI_n7oJ7rh0eV2ci8CsMREQJiNJ-62W3KhDGzFGwZyAhXyoKl7eRYzNr0n_Zc8j2K9wHCCL77rRPQHbm252UP7LknTzL10m1bUbhz9OLkycifW1hDSYoNh9bJ51KUTM1paWhPAJGzpruWVVFqmbliHYRzgdzEH4y7XBd_hWr44YdtiHqEdbQQbGjRnGFinv5jZ58Cj-HNHrc4mj5zixR8tM8m-WHxut77ld9_VRCtSiNuTyWHNyvgeUZkIrIC3L4B9exArAwBZY7FJL8ZKryASOyE3t4_MI6U0-6VxNJRAJY-tQGfqtXmlsHylbl8RZcOo-zyHQ6uy8arSYePom9esLJusz3CBCuqrUrvCyHpkdmH_R-aPFTIcKFb4Y_87lxs_-cRXyBijBPTnInVP9dM2xtdJBVkrn7b4e_m0RBPabYbcQ_sWS7P3m2JRShRMGqDInEEWh9hItdtlwmCD7RdyxORwCMTuHFoY5QBhIXnn4jF_Ewj89hetQPBmXU2VgCLXLcSGLc7qWfcwzK8GabS1UlRJiLsZzIKBSqTWiGpNhw%3D%3D&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D462e5dbf39174fdbb70d0ac0ee4d60e0%26pshr%3D0%26rd%3D0%26s%3D743639062178702071%26ssk%3D83711d158e8937675adcb68f18fc4d5b%26svar%3D1698860887%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5460780&var3=743639062178702071&ymid=&rhd=1&m=link
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f852cbc54124c07b9e59a9c81c3488de74265f8ef09625b93b64b48c63e525
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
be653025a95a77ce8846f7279acb92d7
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBHGzBvNR9pFhmGyD4Hgvu66yWkGsm8W6fXawHO0aC5nXuOPjCfV0gw2B1FQLvT7nsl%2BCLuNQm3yNlbW7jmWG7qlehkxOG9KyMF%2FYjODcSz6c2admVISPdxTHw2PjIrymXvN%2BQGwlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81f5f7850a6143e3-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
5202932
yourfreshstories.com/sw-check-permissions/ 		0
965 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/sw-check-permissions/5202932?var=5460780&ymid=743639062178702071&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B1iqQnTsHv9lm5eU0im7%2BB4IEtPA5Xl9%2BsnprvZnDzUGkKtuXRT4%2B7cwwBeUnLWuOhs7iRY%2BA%2BinvA4XkHh6PUM6XGEdvc67IzeMfXMJyUXP76tNGCOJY5UMh6wElmz%2Bm3DhFIeow%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
81f5f7858b4d43e3-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
yourfreshstories.com/ 		0
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=743639062178702071&var_3=&var_4=&dsig=&tg=1&action=prerequest
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id
2a3b76418e4c04bf8c616d9f61a1c9cf
date
Wed, 01 Nov 2023 17:48:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jtBTTGjsueYZsuA%2Fqapv75Gjn0DwS4%2BQIcu9NwQKCLdsF1vncsEhg7XDS1vgqMB%2B%2Bzivl2aSLRbhys%2B3rwOtnoXSZrvDl2eJVXxPx5mCnwbG%2BcG42L7urjx3CHk7ro0eg7B3m%2FCng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://yourfreshstories.com
access-control-allow-credentials
true
cf-ray
81f5f7858b5243e3-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=743639062178702071&var=5460780
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
073a00bcbdc672f156942cfd685af6f95827b71f1963cfa165038759c85f0f68
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yourfreshstories.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yourfreshstories.com/ 		794 B
988 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=743639062178702071&var_3=&var_4=&dsig=&tg=1&action=settings
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
937e579efd373a3150f720d12b1b2447
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4v8peu3hZjaCEPirml7dUAP%2BmH08ciO272OpditN%2BNp5psTs%2F20QEmcYdDJbINQtVgnMqJ0IaqZq%2BA8SIgakPCP6XmyhaSZ61KPokv%2BgqxChdEX4VcFRF47Jnm2LBO%2FA3sTCj5aYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
81f5f785ab8543e3-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
Primary Request /
yourfreshstories.com/ 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
3638d1aed9dfed243da0c11897a0d8890aede1c076b9f069349e74d52b7eea56

Request headers

Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f5f7865c6343e3-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 17:48:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeTqRvLF0EnKYq6%2FBXJ79zJ3U%2FI0YoRSTeMbVudDMk2GSDcciV0Bo6nSs9Fd6XWt89N71eLpGF0UJU5DN8Y7S9esGYtt5iKj82TjJScw6y0Vk1ppez69TPyfuI%2BXd3MCW4rGyNYG3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:50:57 GMT
server
cloudflare
age
2665
etag
W/"654249b1-1bb3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
81f5f7879df14bd2-BUF
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
micro.tag.min.js
yourfreshstories.com/pfe/current/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/pfe/current/micro.tag.min.js?z=5202932&ymid=743639062178702071&var=5460780&sw=/sw-check-permissions/5202932&uhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41c8bbd8470841133e8f75a5d430b23debb55e831532b2d2c6fe48400c4caed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 17:48:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 09:40:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65421cfe-6972"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K77PzDuKi%2FjMd9diKvyAtkKQVynrq2Y64LHWsnf2U1RmviEuT%2BW7FclEdp5%2FLpobZ3CaVi5b0Nm%2F9v%2BSPTL2yMPMdmbDKfn%2BEclzmUfsivhi%2FaMlt5SfNXbnPI1BWBrL%2FhiFSH%2FD%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
81f5f787be4643e3-EWR
alt-svc
h3=":443"; ma=86400
/
yourfreshstories.com/19/5202628/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/19/5202628/?abt_opts=1&var=5460780&var3=743639062178702071&ymid=&rhd=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126183715bdfeb398a550c0e114f0d662ecff91c1a9ee38c5bfc46e653c3d675
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
6eac5b491408121f672e468ab0809852
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVaZiRUvTQMA2Mw%2FHmhCaHqKmM1RRWCYAkNExhRe2A2IvPMjQYPjZy0s%2BUgHwm0bvzHQbO51t1YEavYgYm1xld%2Fwcl%2F0wrbRu2wN9JOrr%2FjD%2BiYjjhQniGszZl5Ru0VBECkhtqkCXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81f5f787be4743e3-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
yourfreshstories.com/ 		2 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2&mprtr=1
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX2biMh1gos90M%2BlqRd%2BEuZB5Jq8EkeigK%2BxqZE1C0wUjY%2B2tlktx%2BzHU2jA9Xeb8Zp4QZo6SwCT6Kn2OGlTnAS53fOaksgnRJrUU4Znm%2FKxOYDNoyhU4mJjU6cjbhxf8To2aFn%2FTg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
81f5f787fe8e43e3-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
yourfreshstories.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yourfreshstories.com/rhd?rb=lwwLmbsEcy27Zb4VBOBN4BYH9H8ppzdpSQ1jgkQulILwMtIOpQsKJS5UnG_QuseeYA9g8bV5vaLD3z-q-ZWRBoggEz25WPazxbnmcRID0g-gFMm4z4smpAFB6PHkZ8yKphYSE_HSnPg56lTvBHOWMnMKQ82CA2BazB_nBBklHGJU7dFtlK0XmSkdkAPbNMwwvRkXtq6M-SrrlAxntgidjQjPd-0LGvwEQvubuISr-5E-jWF3vt855zRpIL-u4_0TTSFFFB5wDIJpsUcA1GV1vmkUYAhIWkwqR62Mq-eB47vaAIiiJ2-NXAARUqt8H2QORiuz-3oinOwDv6AmtXWbivUcJ6w2sdhobuYxrd0G48zbxCVqOwYILu-gmHTd7NNuOhGhEbnCiJWhfP_8yU6Hvo-7OJYd_4HhoKOK5IdeF-8fZvqrZ7Ja_yFasLsDNuUwVv0pbNjZc0tmxD5Y7PWRHw7jx9Qa_xUMmX3Ubv9VBqqnq0pCufNA-XlSdnoy7HCHUZHhtqUfPcbuGCR8YWFsO2mTqfE_RD3uwmbSJK7CKrAW_bvOeMbldIQ27jyD5_fSuvM0bpzWicc5yrZIxYnoNCd6giPWplVX0Tt3Y367W6cYA88zUPRhQjpAmUGXZnPuGuWMa-6Ccf6grxgYWIvk-r9NIdkR4QnY&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D462e5dbf39174fdbb70d0ac0ee4d60e0%26pshr%3D0%26rd%3D0%26s%3D743639062178702071%26ssk%3D83711d158e8937675adcb68f18fc4d5b%26svar%3D1698860887%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780%26rdc%3D2&drf=https%3A%2F%2Fyourfreshstories.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D462e5dbf39174fdbb70d0ac0ee4d60e0%26pshr%3D0%26rd%3D0%26s%3D743639062178702071%26ssk%3D83711d158e8937675adcb68f18fc4d5b%26svar%3D1698860887%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D5460780&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5460780&var3=743639062178702071&ymid=&rhd=1&m=link
Requested by
Host: yourfreshstories.com
URL: https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.160.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91993ad22a4c9397ef58fbb807e13c69f3cdf62036bf3d070645decf2a527ee
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yourfreshstories.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=462e5dbf39174fdbb70d0ac0ee4d60e0&pshr=0&rd=0&s=743639062178702071&ssk=83711d158e8937675adcb68f18fc4d5b&svar=1698860887&tb=5202628&tbad=5234825&vi=0&vo=0&z=5460780&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
89cb4353d35d95bce460753f36e1f936
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwBLixMMLuIWcSge2Mr2Ju5%2FaNsMwviU5KCyhJ83JZLYP5VUh1F8vSxnIfBFduwpkCCU6tR6gSErXpiwRJ4%2Fwxv2Cj%2BRqYrPDfk304hW%2BZ%2FhvufpdF7LGvTxKdlWejLeRBDYfa1XoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81f5f7889f9443e3-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
5202932
yourfreshstories.com/sw-check-permissions/ 		0
0
zone
yourfreshstories.com/ 		0
0
gid.js
my.rtmark.net/ 		0
0
zone
yourfreshstories.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yourfreshstories.com
URL
https://yourfreshstories.com/sw-check-permissions/5202932?var=5460780&ymid=743639062178702071&uhd=1
Domain
yourfreshstories.com
URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=743639062178702071&var_3=&var_4=&dsig=&tg=1&action=prerequest
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=743639062178702071&var=5460780
Domain
yourfreshstories.com
URL
https://yourfreshstories.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshstories.com&var=5460780&ymid=743639062178702071&var_3=&var_4=&dsig=&tg=1&action=settings

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getCookie function| rtrDebugLog function| getGid function| addURLParams string| osVerUrlParam string| osVerNum object| osVerPromise string| alphabet string| subdomain function| randomInt function| Prefetcher string| tbPrefLog function| openHiddenLink string| mtPushZone string| mtS string| mtZ string| tbZone string| tbADZone string| mtTargetUrl string| mtDebug string| mtRDC string| mtSameDomain string| pushTagDomain string| pushTagMicroName string| wvrdParam function| redirect object| mtScript function| updateURLParameter object| reverseConfig object| zfgformats

11 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: EA7C583DB1271C9E
ak.hetahien.com/ Name: OAID
Value: 462e5dbf39174fdbb70d0ac0ee4d60e0
ak.hetahien.com/ Name: oaidts
Value: 1698860886
my.rtmark.net/ Name: ID
Value: 462e5dbf39174fdbb70d0ac0ee4d60e0
ak.hetahien.com/ Name: syncedCookie
Value: true
yourfreshstories.com/ Name: reverse
Value: 34MzUh3oJcK7hKm7nuHGzYpHDJ5C-AkQ_r5sv9R5y9I
yourfreshstories.com/ Name: OAID
Value: 462e5dbf39174fdbb70d0ac0ee4d60e0
yourfreshstories.com/ Name: oaidts
Value: 1698860887
.ak.hetahien.com/ Name: RT
Value: "z=1&dm=ak.hetahien.com&si=0e0fa388-51a1-4785-a30b-95709ee8cc3f&ss=log1wp1n&sl=2&tt=1dc&rl=1&ld=pd&hd=1bl"
yourfreshstories.com/ Name: syncedCookie
Value: true
yourfreshstories.com/ Name: prefetchAd_5202628
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admo.buzz
ak.hetahien.com
c.go-mpulse.net
datatechone.com
excursionfriction.top
for-j.com
hm.baidu.com
littlecdn.com
my.rtmark.net
prize.youarelucky.click
s.go-mpulse.net
yourfreshstories.com
my.rtmark.net
yourfreshstories.com
103.235.46.191
108.178.23.114
139.45.195.8
172.64.155.33
172.64.160.30
23.221.227.169
2600:1408:5400:4a8::11a6
2600:1408:c400:d8d::11a6
2606:4700:10::6816:1874
2606:4700:3036::6815:163f
2606:4700:3036::ac43:9e01
37.48.68.71
0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78
01f852cbc54124c07b9e59a9c81c3488de74265f8ef09625b93b64b48c63e525
073a00bcbdc672f156942cfd685af6f95827b71f1963cfa165038759c85f0f68
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
126183715bdfeb398a550c0e114f0d662ecff91c1a9ee38c5bfc46e653c3d675
15eb6085985b19aeb220ba200e246900bcdac0629383453c9c41ff27c54f6849
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3638d1aed9dfed243da0c11897a0d8890aede1c076b9f069349e74d52b7eea56
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
93fd2bf90e189a8f13a92d51cf9228945b5f634703d3abde7118c931f1b83c96
af6a29e525a5a16c0cac1ef446d1b05f9acafea94cf8dfbb84a5109604232c99
d20bdf8d1b0456b9e45a5f3feda753316120ea2294324eca8ea2bc9e5f99d94c
e41c8bbd8470841133e8f75a5d430b23debb55e831532b2d2c6fe48400c4caed
f91993ad22a4c9397ef58fbb807e13c69f3cdf62036bf3d070645decf2a527ee