urlscan.io logo urlscan.io
SecurityTrails logo

www.worthreferral.com Open in urlscan Pro
169.62.217.68  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Submission: On September 18 via manual from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 35 HTTP transactions. The main IP is 169.62.217.68, located in United States and belongs to SOFTLAYER, US. The main domain is www.worthreferral.com.
This is the only time www.worthreferral.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 169.62.217.68 36351 (SOFTLAYER)
5 169.60.151.135 36351 (SOFTLAYER)
1 34.174.225.84 396982 (GOOGLE-CL...)
11 157.240.201.15 32934 (FACEBOOK)
4 157.240.201.35 32934 (FACEBOOK)
2 142.250.185.142 15169 (GOOGLE)
35 7
10    169.62.217.68 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 44.d9.3ea9.ip4.static.sl-reverse.com
www.worthreferral.com
5    169.60.151.135 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 87.97.3ca9.ip4.static.sl-reverse.com
www.apsense.com
1    34.174.225.84 (Dallas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.225.174.34.bc.googleusercontent.com
images.shrinktheweb.com
11    157.240.201.15 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams4.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
4    157.240.201.35 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-ams4.facebook.com
www.facebook.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 worthreferral.com
www.worthreferral.com
236 KB
9 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 822
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 268
156 KB
5 apsense.com
www.apsense.com
32 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
14 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
90 KB
1 shrinktheweb.com
images.shrinktheweb.com
244 B
0 alexa.com Failed
widgets.alexa.com Failed
xslt.alexa.com Failed
35 8
Domain Requested by
10 www.worthreferral.com www.worthreferral.com
7 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
5 www.apsense.com www.worthreferral.com
4 www.facebook.com www.worthreferral.com
connect.facebook.net
2 scontent.xx.fbcdn.net www.facebook.com
2 www.google-analytics.com www.worthreferral.com
2 connect.facebook.net www.worthreferral.com
connect.facebook.net
1 images.shrinktheweb.com www.worthreferral.com
0 xslt.alexa.com Failed www.worthreferral.com
0 widgets.alexa.com Failed www.worthreferral.com
35 10

This site contains links to these domains. Also see Links.

Domain
www.apsense.com
www.alexa.com
www.whois.sc
www.similarsites.com
www.apsensewiki.com
Subject Issuer Validity Valid
www.apsense.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-11 -
2024-05-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-27 -
2023-09-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Frame ID: 7CE0DB27BF383E56D6D377CE6103338F
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Frame ID: 40CB20BCC5CBE7F77FC5262BFE76D22F
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=135021456540158&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a8b873414b2%26domain%3Dwww.worthreferral.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.worthreferral.com%252Ff1008d5dc91267c%26relation%3Dparent.parent&container_width=658&href=http%3A%2F%2Fnpkohlercampaign.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=660
Frame ID: 61075C2045172AEBF48AED907626F86A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=135021456540158&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aec964f353eac%26domain%3Dwww.worthreferral.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.worthreferral.com%252Ff1008d5dc91267c%26relation%3Dparent.parent&container_width=658&height=100&href=http%3A%2F%2Fnpkohlercampaign.com%2F&locale=en_US&sdk=joey&width=655
Frame ID: 3518F32BDC30728B8CE95F151A4149D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Review of npkohlercampaign.com - Legit or Scam |

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

35
Requests

46 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

7
IPs

2
Countries

547 kB
Transfer

1264 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 14
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642 HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Request Chain 16
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 29
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Review%20of%20npkohlercampaign.com%20-%20Legit%20or%20Scam%20%7C&utmhid=1635575982&utmr=-&utmp=%2Fwrcard%2Fnpkohlercampaign.com&utmht=1695033386152&utmac=UA-29897725-1&utmcc=__utma%3D103537158.1237455570.1695033386.1695033386.1695033386.1%3B%2B__utmz%3D103537158.1695033386.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1721393285&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Review%20of%20npkohlercampaign.com%20-%20Legit%20or%20Scam%20%7C&utmhid=1635575982&utmr=-&utmp=%2Fwrcard%2Fnpkohlercampaign.com&utmht=1695033386152&utmac=UA-29897725-1&utmcc=__utma%3D103537158.1237455570.1695033386.1695033386.1695033386.1%3B%2B__utmz%3D103537158.1695033386.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1721393285&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request npkohlercampaign.com
www.worthreferral.com/wrcard/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
5b2cc92781c723b8d9663404e1451d1e598d6ad34b99877281b1c6ff639cd226

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3428
Content-Type
text/html;;charset=UTF-8
Date
Mon, 18 Sep 2023 10:36:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
all.css
www.worthreferral.com/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.worthreferral.com/css/all.css?v=1.1
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
08e3de23d22ec1e441bb9e34af82d40f61a4c2790ab389838869f7a951b56d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Mar 2012 03:32:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12296
all.js
www.worthreferral.com/js/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.worthreferral.com/js/all.js
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
fefd80798e4f690b563e54134e6b91f28231d5d83496076d2bfdc810c40567b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:24 GMT
Last-Modified
Sat, 10 Mar 2012 15:19:02 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
106528
islandescape.css
www.worthreferral.com/themes/islandescape/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.worthreferral.com/themes/islandescape/islandescape.css?v=1.1
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
7ca0fcd8053d82ad75b83af79024d7b2656dd8ec12c9ec1e0b4dec91804aada5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2011 16:30:46 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
867
logo2.png
www.worthreferral.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.worthreferral.com/images/logo2.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
675f1c9005abfd06fd2dca650c0a2a14026f48b16650f96f8716d01b3b4942d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Wed, 21 Mar 2012 08:46:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10275
passport.gif
www.apsense.com/public/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.apsense.com/public/passport.gif
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.60.151.135 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.97.3ca9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
7d6c1059d6ef3034ddf9729c26e3d4fbfcf0889e62d7a3a988607b37d1130531

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Sat, 26 Feb 2011 07:56:54 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3604
10star.gif
www.worthreferral.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.worthreferral.com/images/10star.gif
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
ff6a7cb002f1fd09f288134958c6e866f0795322d5bc680eff989b916edb9f75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Sun, 16 Jan 2011 06:34:16 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1371
1688716204849802.jpg
www.apsense.com/m_photo/profile/20230707/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apsense.com/m_photo/profile/20230707/1688716204849802.jpg
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
169.60.151.135 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.97.3ca9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
b767cbd2b021057921362fafbbe4b470629df49e63aa83fc59a8d70698c22caa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Fri, 07 Jul 2023 07:50:04 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12691
graph.js
widgets.alexa.com/traffic/javascript/ 		0
0
xino.php
images.shrinktheweb.com/ 		4 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.shrinktheweb.com/xino.php?stwembed=1&stwxmax=200&stwymax=150&stwaccesskeyid=bc8ee716224640b&stwurl=http://www.npkohlercampaign.com
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
34.174.225.84 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
84.225.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Httpd-Modphp
1
Connection
keep-alive
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Content-Length
4
X-Proxy-Cache
HIT
btn_share.png
www.apsense.com/public/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.apsense.com/public/btn_share.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.60.151.135 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.97.3ca9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
b3a475d75b9ea5616805f83e8a7c7a00a5f974239e747086ee8023bff99cc619

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Mon, 13 Feb 2012 20:39:26 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3350
b
xslt.alexa.com/site_stats/js/t/ 		0
0
rss.png
www.worthreferral.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.worthreferral.com/images/rss.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
fa512fe69fe3e9ebba6c78585437d87d28dd62185e2c5d2b39fc34c71cd33b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Sat, 17 Mar 2012 14:33:33 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2712
bmc-badge.js
www.apsense.com/ 		351 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.apsense.com/bmc-badge.js
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Server
169.60.151.135 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.97.3ca9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4079edebbb2db09baeeac2d050627252dc1fde37d9ada8f9957f95e9fa15de0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
257
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
H2
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
9c904445f08a68e46b677e704168fb973dcc19de6f13e6b4e22cbc2dcb6de1eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 10:36:26 GMT
content-md5
PlEDeIPWYBX15RG2Q4WALw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
XRyzfgdnlm1vufCwjCXs1MmrUzr/7A1rrLO0EBjZFQhWAksAkZBjLfJ+djiCopdM5jOlEaW6s6ljL7Xa8dq3AA==
x-fb-content-md5
712d2dfec4e348ea46921b53dc3413dd
cross-origin-opener-policy
same-origin-allow-popups
etag
"cb429f98de66401588c18955f388240b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 18 Sep 2023 10:53:49 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1&appId=135021456540158
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
likebox.php
www.facebook.com/plugins/ Frame 40CB
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&app...
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&ap...
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
/
Resource Hash
b60e345ceedb722e3a74092d2910afd951b2d2b117034d019d829373b1abb9fd
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.worthreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 10:36:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Myt9iHgMrCNbtwau7uSxsxGqJYFZbqIACE3f02fv1Q6Dq0tpFTy4VLCjNGJK+t/uhjei4dJhBmV5m8bipgnf8A==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Non-Authoritative-Reason
HSTS
bmc_corner1.png
www.apsense.com/public/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apsense.com/public/bmc_corner1.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
169.60.151.135 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.97.3ca9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
ec49d846b4837c2a90202d13bfc71bacc658ff43f8e2e62d5eb89fac1552312a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Mon, 03 Sep 2012 17:08:52 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11884
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
H2
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 09:45:02 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3084
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 18 Sep 2023 11:45:02 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
header_bar.png
www.worthreferral.com/images/layout/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.worthreferral.com/images/layout/header_bar.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/css/all.css?v=1.1
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
e3b6c4d7bdfe7bcb4f4615972f26fb52b3eff426e4d7606d5e4c0cee867a0e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/css/all.css?v=1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Sat, 03 Sep 2011 15:46:34 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
51119
btn-35.png
www.worthreferral.com/images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.worthreferral.com/images/btn-35.png
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/themes/islandescape/islandescape.css?v=1.1
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
0e90ab470ea5cc858e30faed72978137d668622a49486df2304465343ce4d4c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/themes/islandescape/islandescape.css?v=1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Last-Modified
Sat, 03 Sep 2011 15:46:34 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
50393
ReadyMade.Themes.js
www.worthreferral.com/wrcard/js/ 		315 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.worthreferral.com/wrcard/js/ReadyMade.Themes.js?_=1695033385408
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/js/all.js
Protocol
HTTP/1.1
Server
169.62.217.68 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
44.d9.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://www.worthreferral.com/wrcard/npkohlercampaign.com
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:36:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
odNeguaslqE.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame 40CB 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/odNeguaslqE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
672d7b60591c4cd9e6314fdd086489fe9971cf090e8b1ce80d57c6d98ad8bfb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kDnlpBTesiFj8L9XY8/rcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6410
x-fb-debug
SqJf7368d6aamAWPL2WjlrMST0AaO8BgD4Yi/gJNS+sio6y1f2DIZSfxKtsG7PVbgYlnOkLVqDfJWQ02axqxdw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 16 Sep 2024 15:29:34 GMT
-bSw8LNV252.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 40CB 		315 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/-bSw8LNV252.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
e1c785b9e1075de6db5c35f5640ac0012bf91e0b16c83f49eec69bc813101eb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aVYMi9cV4zWYej0ddFLJoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86002
x-fb-debug
yOl2Qu/TLbZaCpp5RuDDopExkvYckoHVTdKmzcQIJLaOV/dxxv3Oanb5A/Bhk3/mdbEkoZ12QTzcGd3CuEIydg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 15 Sep 2024 03:16:37 GMT
Qto6lZB1h_E.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 40CB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/Qto6lZB1h_E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fzNYTRpcsZeVNcWDrqrE9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-debug
jQWD4pPb/ilWVs2Pyki2BTNvnwH+KhcxRcXgWlmofVK4tRgQPELmmb4pkVSIQ3U6ulcELpXSn7IbtNk45U4hBA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 16:05:12 GMT
gbZcNcIOK-B.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 40CB 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/gbZcNcIOK-B.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
2af7140c4dcfddf465fb46c8d392ea551c1a1f06831bbb82a969cf69e12589b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8wAGELOtlH6He7KbUlEeUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27730
x-fb-debug
vSEFjbMJn1+/oQvpjgHg6ZQjNgQ91WMXauJb6DSIdkIl3oIcNz0qbc1xWutg70l8nfG9Iz4jU+aHFxYIBhGLfw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 21:39:27 GMT
4KUI3JyKF2j.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yE/l/de_DE/ Frame 40CB 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yE/l/de_DE/4KUI3JyKF2j.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
0d567d79d6729e2b3e7133ba8245552b78da72ad8493ac9870c3cf423cfea3e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7ym0QrGTY1yeYBCfzfUdSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30050
x-fb-debug
8om1rJohbn8D6vUlqMaQjo2bdzknxlKJ6le1GswEFnzc/dqMnOByNNN2IM5Xii+Xc62NaDt7jKKeNfCoTjmCPA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 23:11:26 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 40CB 		507 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
EPTLsivoTr7nDZXj9E1Lo+1ysomSp2lsmYGkirpDaeLuJQV8aTSVmwR3KVNjVq0UgQ/nFrOAt8mEvcg0Wq1z+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 13:46:13 GMT
299815337_149178197754027_1064809887352382397_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 40CB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/299815337_149178197754027_1064809887352382397_n.jpg?stp=dst-jpg_p130x130&_nc_cat=104&ccb=1-7&_nc_sid=649c01&_nc_ohc=YeYaAT_zPpgAX97NmqQ&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfCEYi8XrrZ6nUIljOiiv_FH8dZXyl-c8mwqHIWeIT0MzA&oe=650D6B9F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
fe2b632c760c428e25b877d73488c2c63b761a3549c34b119286ad0f7fc6174e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 24 Aug 2022 20:02:23 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2284322105
thrift_fmhk
GBBJbuSfcDmtolM86Bej82c/FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1528421313
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3706
300352352_149178194420694_3409527162633768922_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 40CB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/300352352_149178194420694_3409527162633768922_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=100&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=FZx7uO4l560AX_cYxJi&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfAnVX3eAOcCI5dW9iBRCEhXBmucMiIEGKgSSoLFdvpmSg&oe=650CE0D9
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FWorthReferral&width=250&height=510&colorscheme=light&show_faces=true&border_color=white&stream=false&header=true&appId=174821412541642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
a9ce3364c0f143c81cac33b73d23daea2d9401487343d91fc5d980578524028b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 24 Aug 2022 20:02:23 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2809459839
thrift_fmhk
GBBAt+0qTtO355fvzlBE9YK5FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
357503029
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1546
all.js
connect.facebook.net/en_US/ 		309 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=1ba9f7db0fa7e0283edde5cf20fa245d
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
2faa095296ad3ee475bd741ac61163ec481f773d848e7893de0d87c1c9d0c819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.worthreferral.com/
Origin
http://www.worthreferral.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 10:36:26 GMT
content-md5
drCBEdabzmdnuTf31/dr5Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88831
x-fb-debug
GA01/0G+cP/mbIlbdObML6yBGpC4U0WiPyJhmpU9NcaLHIQSqwb2j4FnQOnqO29U5IzG5iHEqZVrev5GHK0Msg==
x-fb-content-md5
2c5e12fbe3405d7c7a48907c50506a1d
cross-origin-opener-policy
same-origin-allow-popups
etag
"f02ea09ace6941535fe557697b9c4f46"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 17 Sep 2024 10:00:31 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Review%20of%20npkohlercampaign.com%20-%20Legit%20or%20Scam%20%7C&utmhid=1635575982&utmr=-&utmp=%2Fwrcard%2Fnpkohlercampaign.com&utmht=1695033386152&utmac=UA-29897725-1&utmcc=__utma%3D103537158.1237455570.1695033386.1695033386.1695033386.1%3B%2B__utmz%3D103537158.1695033386.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1721393285&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.worthreferral.com
URL: http://www.worthreferral.com/wrcard/npkohlercampaign.com
Protocol
H2
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 10:36:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534367160&utmhn=www.worthreferral.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Review%20of%20npkohlercampaign.com%20-%20Legit%20or%20Scam%20%7C&utmhid=1635575982&utmr=-&utmp=%2Fwrcard%2Fnpkohlercampaign.com&utmht=1695033386152&utmac=UA-29897725-1&utmcc=__utma%3D103537158.1237455570.1695033386.1695033386.1695033386.1%3B%2B__utmz%3D103537158.1695033386.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1721393285&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 40CB 		573 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/odNeguaslqE.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/odNeguaslqE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:36:26 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
Wzr6DRHLfWz8Dnafqp2t10bBrGgSRiFj+YQxDSB+06BjWq1edTHE27KZ3ektv5Q+G9oOSQsC03zSOR33aARU1Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 13 Sep 2024 00:51:11 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=135021456540158&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.worthreferral.com%2Fwrcard%2Fnpkohlercampaign.com&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1ba9f7db0fa7e0283edde5cf20fa245d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.worthreferral.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 18 Sep 2023 10:36:26 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
rXBpPe9N+046zTV0mJ7315d681F7G+vhNMuR6SPu4cBncwe7DGY7il/Oz0R9in/8y6oZIiU/zEHoVy66M7aA5Q==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.worthreferral.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame 6107 		0
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=135021456540158&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a8b873414b2%26domain%3Dwww.worthreferral.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.worthreferral.com%252Ff1008d5dc91267c%26relation%3Dparent.parent&container_width=658&href=http%3A%2F%2Fnpkohlercampaign.com%2F&locale=en_US&sdk=joey&send=true&show_faces=true&width=660
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1ba9f7db0fa7e0283edde5cf20fa245d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.worthreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Sep 2023 10:36:26 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
4Y92Ptu+WN78IKHiVdbflnPaM15PqN1R6aElasYgMW1BD8REcPBSC3umaAFXXCEfAMzhoSukBOxckw1xhVgnsA==
x-xss-protection
0
comments.php
www.facebook.com/plugins/ Frame 3518 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/comments.php?app_id=135021456540158&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aec964f353eac%26domain%3Dwww.worthreferral.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.worthreferral.com%252Ff1008d5dc91267c%26relation%3Dparent.parent&container_width=658&height=100&href=http%3A%2F%2Fnpkohlercampaign.com%2F&locale=en_US&sdk=joey&width=655
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1ba9f7db0fa7e0283edde5cf20fa245d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.worthreferral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Sep 2023 10:36:26 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
twvRI91qz8TdnKh+lXVUD1oR6O9wd7ZstyJpyLlRjxAOjPizHhUVXKsJVYNca0qg1sVQQVP8RoYx2Gw6FNuMnQ==
x-frame-options
DENY
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.alexa.com
URL
http://widgets.alexa.com/traffic/javascript/graph.js
Domain
xslt.alexa.com
URL
http://xslt.alexa.com/site_stats/js/t/b?url=npkohlercampaign.com

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ReadyMade function| inputMaxLen function| dolike function| HideMsgBox function| $ function| jQuery object| sites object| opts string| brandtag object| _gaq object| jQuery152009199491658958614 object| FB object| _gat object| gaGlobal object| __buffer

6 Cookies

Domain/Path Name / Value
www.worthreferral.com/ Name: PHPSESSID
Value: i66iv32ggh31tqrlliffcbhsr0
.worthreferral.com/ Name: __utma
Value: 103537158.1237455570.1695033386.1695033386.1695033386.1
.worthreferral.com/ Name: __utmc
Value: 103537158
.worthreferral.com/ Name: __utmz
Value: 103537158.1695033386.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.worthreferral.com/ Name: __utmt
Value: 1
.worthreferral.com/ Name: __utmb
Value: 103537158.1.10.1695033386

6 Console Messages

Source Level URL
Text
network error URL: http://widgets.alexa.com/traffic/javascript/graph.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://xslt.alexa.com/site_stats/js/t/b?url=npkohlercampaign.com
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.worthreferral.com/wrcard/js/ReadyMade.Themes.js?_=1695033385408
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
images.shrinktheweb.com
scontent.xx.fbcdn.net
static.xx.fbcdn.net
widgets.alexa.com
www.apsense.com
www.facebook.com
www.google-analytics.com
www.worthreferral.com
xslt.alexa.com
widgets.alexa.com
xslt.alexa.com
142.250.185.142
157.240.201.15
157.240.201.35
169.60.151.135
169.62.217.68
34.174.225.84
08e3de23d22ec1e441bb9e34af82d40f61a4c2790ab389838869f7a951b56d7f
0d567d79d6729e2b3e7133ba8245552b78da72ad8493ac9870c3cf423cfea3e1
0e90ab470ea5cc858e30faed72978137d668622a49486df2304465343ce4d4c4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2af7140c4dcfddf465fb46c8d392ea551c1a1f06831bbb82a969cf69e12589b4
2faa095296ad3ee475bd741ac61163ec481f773d848e7893de0d87c1c9d0c819
4079edebbb2db09baeeac2d050627252dc1fde37d9ada8f9957f95e9fa15de0d
5b2cc92781c723b8d9663404e1451d1e598d6ad34b99877281b1c6ff639cd226
672d7b60591c4cd9e6314fdd086489fe9971cf090e8b1ce80d57c6d98ad8bfb3
675f1c9005abfd06fd2dca650c0a2a14026f48b16650f96f8716d01b3b4942d0
7ca0fcd8053d82ad75b83af79024d7b2656dd8ec12c9ec1e0b4dec91804aada5
7d6c1059d6ef3034ddf9729c26e3d4fbfcf0889e62d7a3a988607b37d1130531
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9c904445f08a68e46b677e704168fb973dcc19de6f13e6b4e22cbc2dcb6de1eb
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a9ce3364c0f143c81cac33b73d23daea2d9401487343d91fc5d980578524028b
b3a475d75b9ea5616805f83e8a7c7a00a5f974239e747086ee8023bff99cc619
b60e345ceedb722e3a74092d2910afd951b2d2b117034d019d829373b1abb9fd
b767cbd2b021057921362fafbbe4b470629df49e63aa83fc59a8d70698c22caa
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e1c785b9e1075de6db5c35f5640ac0012bf91e0b16c83f49eec69bc813101eb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b6c4d7bdfe7bcb4f4615972f26fb52b3eff426e4d7606d5e4c0cee867a0e83
ec49d846b4837c2a90202d13bfc71bacc658ff43f8e2e62d5eb89fac1552312a
fa512fe69fe3e9ebba6c78585437d87d28dd62185e2c5d2b39fc34c71cd33b2e
fe2b632c760c428e25b877d73488c2c63b761a3549c34b119286ad0f7fc6174e
fefd80798e4f690b563e54134e6b91f28231d5d83496076d2bfdc810c40567b2
ff6a7cb002f1fd09f288134958c6e866f0795322d5bc680eff989b916edb9f75