fortyphlosiona.com Open in urlscan Pro
139.45.197.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phoocauk.top/cndi4858vmefovl/4292615
Effective URL:
https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
Submission: On February 21 via api (February 21st 2024, 9:34:20 pm UTC) from US — Scanned from US

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 64 HTTP transactions. The main IP is 139.45.197.169, located in and belongs to . The main domain is fortyphlosiona.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.

This is the only time fortyphlosiona.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 4	172.67.178.128 172.67.178.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
17	172.64.202.18 172.64.202.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
5	139.45.197.169 139.45.197.169	() ()
64	8

4 172.67.178.128 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

phoocauk.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.202.18 (United States)

ASN13335 (CLOUDFLARENET, US)

yourfreshjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phicmune.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.169 (None, )

ASN- ()

fortyphlosiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 24293 Failed
17	yourfreshjournal.com yourfreshjournal.com	69 KB
5	fortyphlosiona.com fortyphlosiona.com	21 KB
5	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	3 KB
4	phoocauk.top 2 redirects phoocauk.top	15 KB
2	phicmune.net phicmune.net	14 KB
2	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 15895	3 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 36259	465 B
64	8

	Domain	Requested by
17	jouteetu.net	yourfreshjournal.com phicmune.net
17	yourfreshjournal.com	yourfreshjournal.com
5	fortyphlosiona.com	yourfreshjournal.com fortyphlosiona.com phicmune.net
5	my.rtmark.net	phoocauk.top yourfreshjournal.com phicmune.net
4	phoocauk.top	2 redirects phoocauk.top
2	phicmune.net	fortyphlosiona.com phicmune.net
2	littlecdn.com	yourfreshjournal.com
1	datatechone.com	phoocauk.top
64	8

This site contains no links.

Subject Issuer	Validity	Valid
phoocauk.top GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
yourfreshjournal.com GTS CA 1P5	`2024-01-08` - `2024-04-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
jouteetu.net R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
fortyphlosiona.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
phicmune.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
Frame ID: C5F679E9CC256C97A257B961A46000C9
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://phoocauk.top/cndi4858vmefovl/4292615 HTTP 301
https://phoocauk.top/cndi4858vmefovl/4292615 Page URL
https://phoocauk.top/?z=4292615&syncedCookie=true&rhd=false HTTP 302
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b... Page URL
https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6 Page URL

Page Statistics

64
Requests

80 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

123 kB
Transfer

371 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phoocauk.top/cndi4858vmefovl/4292615 HTTP 301
https://phoocauk.top/cndi4858vmefovl/4292615 Page URL
https://phoocauk.top/?z=4292615&syncedCookie=true&rhd=false HTTP 302
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615 Page URL
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2 Page URL
https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://phoocauk.top/cndi4858vmefovl/4292615 HTTP 301
https://phoocauk.top/cndi4858vmefovl/4292615

Request Chain 4

https://phoocauk.top/?z=4292615&syncedCookie=true&rhd=false HTTP 302
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615

64 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

4292615 Show response
phoocauk.top/cndi4858vmefovl/
Redirect Chain

http://phoocauk.top/cndi4858vmefovl/4292615
https://phoocauk.top/cndi4858vmefovl/4292615

33 KB
13 KB

236ms
196ms

Document
text/html

172.67.178.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phoocauk.top/cndi4858vmefovl/4292615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.128 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df1e684dcfd8ba4ef61401140732ba595ee10dcc8f435ad6b7a4251b40b46bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 85921cbd4a484bc0-BUF
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 21 Feb 2024 21:34:14 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F%2BbJc1O9O24hlCvVcR6I%2F3Jjjo1P%2B%2BviHxJLuwW0quiLq6Ddy6UsT1QaT0s3B2XtDBp2CXtwVaASTGJxyBrE%2Bpxjx7Le3ojH4asNOgAVtBBkZ9HCzVozzpI3FVbkMU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: 01e438a96830f12271b29b22292d330b

Redirect headers

CF-RAY: 85921cbcd9554bc6-BUF
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 21 Feb 2024 21:34:14 GMT
Expires: Wed, 21 Feb 2024 22:34:14 GMT
Location: https://phoocauk.top/cndi4858vmefovl/4292615
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnECnkqAol65qbWE%2BbhpTw1qol0NC0VbEnqDjh%2Bb5RfnEbHwPUtRfqa%2B5bgDYgHHVZAMMFAX5wjVcY7HftSBhDKp4oYYHqf%2FI%2FwzNyKU3c7Qy2FGwH5O7CceQkFb9ic%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

POST
H2 200 sftouch
phoocauk.top/ 2 B
330 B 110ms
109ms Ping
text/plain 172.67.178.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phoocauk.top/sftouch?userId=0080093e36b04d0afc987d2faed865b6&z=4292615&p_rid=ee95e76c-0aa3-4988-a625-9d3ec2c42f25&p_src=sf&branchId=0&rb=PZMh3aXgI3T-hoN7zYDospyFYnTI81zj3dFjhy5wQZZ4E_ucio0PfG22nTkVz9odboxqeiZ1606ywePa_TYWpRmDuCKiIpdeRXAbXvJJ2kZptbaa1eQjKKsci0s8vxg0QZWkdSd3TCJZl74jCkbivEAdv68M6svsMc5k5R8E4avHkhzKMVIxSKylexP1TSxl_oUWmnZMBh4VFb5W2d-fIXWeKnfVpQASyJcPlZdU0V2nixQgj9xREUs4M5l3wWVqz5u8zl6dIevie-2NkO89WCOhQZ12Tj9e

Requested by

Host: phoocauk.top
URL: https://phoocauk.top/cndi4858vmefovl/4292615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.178.128 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phoocauk.top/cndi4858vmefovl/4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
x-trace-id: ed86a30974a0a416ad77b9948de34d16
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://phoocauk.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ%2B4vh9ptG6Kr%2BR1kZfKjwZoSviwx1N1kxVpUSwa8QmT6BeJXJrTbjYAitGtZjy45liNEU%2Bi50YJb6vsAnNuJ%2FFMf8we%2FJztrTXH9vMYjBJiFgG8QwmiiYieBzmewvE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921cbeabc74bc0-BUF
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 298ms
97ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080093e36b04d0afc987d2faed865b6&z=4292615&p_rid=ee95e76c-0aa3-4988-a625-9d3ec2c42f25&p_src=sf

Requested by

Host: phoocauk.top
URL: https://phoocauk.top/cndi4858vmefovl/4292615

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phoocauk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 315ms
99ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ee95e76c-0aa3-4988-a625-9d3ec2c42f25
Requested by: Host: phoocauk.top
URL: https://phoocauk.top/cndi4858vmefovl/4292615
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://phoocauk.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Feb 2024 21:34:15 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://phoocauk.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
yourfreshjournal.com/
Redirect Chain

https://phoocauk.top/?z=4292615&syncedCookie=true&rhd=false
https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421ede...

35 KB
13 KB

265ms
172ms

Document
text/html

172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5b6e704220c1b8a9e48afd56bfdfbfa1c52318e1fd8a8436754210cb49c7017b

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://phoocauk.top
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85921cc2ce9a2c95-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 21:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaYNVET%2Bg6niKG08RVPWTQbaLsND1UecAFuI6kiHQb23A98%2BR%2FkhBlQolhS0y43UwgGa39cHKevd59SuYuscozz9EKwTvIf5LiU6Qn85z%2FqXEWm2xpKA7EbEf7ZMd813KNUihslbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://phoocauk.top
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 85921cc0dc5f36cc-YYZ
content-length: 0
date: Wed, 21 Feb 2024 21:34:15 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yourfreshjournal.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziBfYJ%2FaIq%2F20qmLYxxLBpuOCI%2BoIj5i3xkcV%2BNFLuct%2BibLdHPeHVR0l875o5zS6D9wrM1gBI2NK%2FR9YCfjBTsMvZL9ggYYO54u007tlgqW5MJ5azjAIc9e3%2Ba80rg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff
x-trace-id: 06230b938b03b28682b98578ad0f3a57

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
2 KB 116ms
36ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Feb 2024 10:50:27 GMT
server: cloudflare
age: 4890
etag: W/"65d5d573-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 85921cc468eb4bcd-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 98ms
98ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=0080093e36b04d0afc987d2faed865b6

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c1b88c34be7d670800e7bc35f8fcaa59fc02ded16db3d5f1fc0f7f96f7978a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yourfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
yourfreshjournal.com/pfe/current/ 33 KB
13 KB 257ms
256ms Script
application/javascript 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ab6a27afe39979f44047b51c1f57911c89ac5498c6fb861703aa960c2f6371

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 21:34:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2024 13:29:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d5faae-8569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lENyCHNfutU3%2FQ8fW8lwqgKQAYxw8sgWnlixn6o%2BIlYd3t6B%2FuJJwWwSG4ILmrNaZMA%2BCKjlYXNiFKnnB8t7QYap9M6yYB7iRs58uBmYwmIMrzeUCYclBx5raJ2ltdeKuzumyJbTEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 85921cc418002c95-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
yourfreshjournal.com/19/5202628/ 3 KB
3 KB 151ms
150ms XHR
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/19/5202628/?abt_opts=1&var=4292615&var3=784283412763779124&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9e410bf905347cfb307078e896ec3f1073f185533577549feddb6e062ce97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 8b52b7dae6b0818d79ff7bea0d17b1bc
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbvHNNLOfS8UTyEQtt1Bmn%2BRMcbQF0iVuvIdJN4LAhFc9OmqNsYNfUOSlHkPYYFwA%2FGEkcQqa2dlNkAvldVIMuOrsxFvFjEAU%2F1E51A5d7t1TRR8CfVhdaZheqPNk5a7QAQIjcITBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921cc418022c95-ORD
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
yourfreshjournal.com/ 2 B
573 B 159ms
158ms XHR
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&mprtr=1
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BB9qgc7aLsUm5etsdQldZZNB7pB1RsywYSQ%2FUwUMUSWX%2Fs8wOqEiHboGYipWCJdceOKVfTwlgtcl7IzNBmeXKjdUd3UbjoX5BoSrIxVhuB85rGB%2FHLs%2FzSw3FgYKo1u9z0vAj6rig%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85921cc4d8306182-ORD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
yourfreshjournal.com/ 3 KB
3 KB 143ms
140ms Fetch
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/rhd?rb=DCZTbUbTi4atENIDxaV-i7oGh1-E4Aa_jer_6zGx32hcCXpB5dbon5Pu1Ov8PT_3YqHVAb1COshu2nTIkG1iiU3dmm0g_kw29lB9QzF8XxbN_iY0ehCIatQhHgd71J9l2iC1ZCPJESpsWpUrjEylOiqSlWrN10BXzy9nE8BH0Pb_c7U9H_QAsejG87xwVAZUM8sj3yXClp9BdkyFeFl_k0EA3Rly1P7vYUhIChBpZzImgmOFPnOXBoNWzHmLT1eSvWYFMAWfjk-Jfqe0JTcjkMrxg0GGOaImtwxOiYq0kaVjMY4-rokxxZ9r9-_I7Rwk7pPb9_IikFLxtsgsTLiYkYlYK_K3eH9PIwtSp5Q3Vn3Qow0NlCjIdKrthHwsDgMRnyREeJu01GzFH_aw_9m3KGmWgxxcHOR-l4RCjCfTw4h7qivfslxgW0QsTbug5KNn6JNCNQth2rEV2-ELTVTMvdf2Bla3FY-Wpq7_E13zjFkjwmV-KC-o_18y-PIpdpIDkBQ4s1qZUH025KF8zwSUgdGpjqxW0WtyOY1lY6LY7BZHzmsiK_pU-lbe3piE8ZdDtyEzngMLYllox1rAQMReNv58a4PKYzLLfsMwD8pdYv6Tcv-V-axHi6ofFR0Hv7Xk_F3XUg5sVm-A40ZgWxkZqqB-CYYhJnZ87et0_gT7hLuuVC55WCW1_begrv4vMBU0&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshjournal.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D0080093e36b04d0afc987d2faed865b6%26pshr%3D0%26rd%3D0%26s%3D784283412763779124%26ssk%3D6421edecbd1f522cd6bacd5d415dc349%26svar%3D1708551255%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D4292615&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=4292615&var3=784283412763779124&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa37a8f47c6be8b0aa9dcb53951fd4a05ac80bee21a8daa9914ae1e10a0a1257

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 4e8704589773828f521562c9781d2f49
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9Z7jK6dK6lpnROa%2Fm4AB5Qo2crlxC4X34HDRDa2NNC0oxHOUKXVyVfFlBqAFCEr0fWnCvuNRMmFp9U3PDdMLkLWl8eqrpUOz7MODklLxr74PP0ssCuc0j1HEAkE6q%2FJMI7tYYsTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921cc5188b6182-ORD
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST custom
jouteetu.net/ 0
0

GET
H3 200 5202932
yourfreshjournal.com/sw-check-permissions/ 0
1014 B 146ms
145ms Other
application/javascript 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/sw-check-permissions/5202932?var=4292615&ymid=784283412763779124&uhd=1&zoneId=5202932
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOnI0vvAQU4utC%2BN2%2BAg0fhn%2FY8Pk0wePgz0rLAsGHMWcwjSeqAn4JUHX9XGRdHTnuaCyD%2BmDXbStKv5oCK7Xkr0N0IuRihdSvx7HZGKl0IliFcJoqrRp%2BPq9M6xWiByZGorWfICJA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85921cc5d98d6182-ORD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

POST
H3 200 zone
yourfreshjournal.com/ 0
504 B 152ms
151ms Ping
text/plain 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshjournal.com&var=4292615&ymid=784283412763779124&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=5c9d6a9e-7daa-4b99-a6ad-98345fc24fae&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: e7dbfbaf24c9c88e1c89ecaf6fd62f25
date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFtJnNiJl9E8DLrvWhx4Wf2Jv0Hc6zmAWyTvhPBB4zW6NZ5MzKdnvq2DCY88TyG7y7%2FjNEOH6ayM2I%2ByTHrTN6xKywrSuFHtbdeyYefJPInr%2BSCnBnYhYD%2By%2BYAf3lpshQKRax4KQg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://yourfreshjournal.com
access-control-allow-credentials: true
cf-ray: 85921cc5d9916182-ORD
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 101ms
100ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=784283412763779124&var=4292615

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yourfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST custom
jouteetu.net/ 0
0

GET
H3 200 zone
yourfreshjournal.com/ 794 B
986 B 151ms
151ms Fetch
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshjournal.com&var=4292615&ymid=784283412763779124&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=5c9d6a9e-7daa-4b99-a6ad-98345fc24fae&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 31da41277617a9c2dff8a5fb026f924f
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V6j5ObWSsL4UO82%2B%2BEyXBmuwnfaymqAr7ebluaGpKugNfGCuQbhdska4Oam%2BO3q160y5tS6m1rZd1HctZsGabmJqqQID7ASq8L%2BCb6kCqxkNmzQGChuMpkRAnj3l7xgvTmoKzXhDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85921cc5f9cc6182-ORD
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST custom
jouteetu.net/ 0
0

GET
H3 200 / Show response
yourfreshjournal.com/ 35 KB
12 KB 193ms
192ms Document
text/html 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: abe58711433f9d45a44b63186a4e99d4b49561d56c6d9561357a9860f45264ad

Request headers

Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85921cc67aca6182-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 21:34:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d%2BncVx8F65Q1qYO96so%2BeKNgYiHylFMcn8Smb7S3EyR7c9e8fhFTUBPO1GUglZO84D61wTOeHyvemiVgrFH%2BGnBVEvIE8maHmJOond%2BAH9nh1N%2BVmpFgl0NBfk%2FcZkv0Qhkl%2BPtnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST custom
jouteetu.net/ 0
0

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
1 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Feb 2024 10:50:27 GMT
server: cloudflare
age: 4891
etag: W/"65d5d573-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 85921cc7ba634bcd-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 micro.tag.min.js Show response
yourfreshjournal.com/pfe/current/ 33 KB
13 KB 263ms
262ms Script
application/javascript 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ab6a27afe39979f44047b51c1f57911c89ac5498c6fb861703aa960c2f6371

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 21:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2024 13:29:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d5faad-8569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gd%2BAtaGnccKIrFDCSmbuDBZk2irQfzfC4W%2FK6u7yMq4vczduSg4EmV3ahm8wB0lcKN2R%2Fn1NWqEPvoh2Ue7Il%2BV%2Bi0zuj181dLaI7piw1MaULB09sESKSW4QhN7%2FqB4IFGqvZccMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 85921cc7dcfb6182-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
yourfreshjournal.com/19/5202628/ 3 KB
3 KB 138ms
138ms XHR
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/19/5202628/?abt_opts=1&var=4292615&var3=784283412763779124&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79e732bc15ff9eb4d6089850e583525f329ab952b532a13333148541acb63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 00e50e5564670dcc753052d44f674463
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=995X6t1OYxr33aHnzI%2FuR898XrD5Dca6hoI%2B8ubTJKLlq21Ad%2Fzv7TlSXZAboQIW6MUZDPHOjTula%2BOIXXEMNFA1NATvP%2BZY3onaZhGsTyn%2BvxzUKaIUSyhKrEgVfI42YXME6JdkZw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921cc7dd006182-ORD
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
yourfreshjournal.com/ 2 B
533 B 143ms
143ms XHR
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2&mprtr=1
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rlFrs5XEmyC5eJZn3NlZEkQw7fd0bqYmv3LuOakAqGL3uFCRbPcvFB%2F9WfzM7Qb2YaChHHfl4V9YMlan2CpHmJIehOf1wEiRwMOQYF33XDDHK0Yj0OZYSNCFShdTXhbXgdpLNp20A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85921cc7fd3c6182-ORD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
yourfreshjournal.com/ 3 KB
3 KB 141ms
140ms Fetch
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/rhd?rb=JjYFa9fh7amiuTJ-o7TAalvd9OSjtX0j0oJZmSOUbWUx276NtLJNvuTjYSpnNmuJve9waJUYMV9fqRJxXJL9RS-A1y50xZsrgTANUj_NuiYzziYmhrhkEoKnJO-qhVLQ5wVVPOa8hSylHr-4wcWlV5-LlQNLHxAWMmiAUTr5w_DRRz8aakUIhkBlj5qH4GkmXH3tOyw1xeb90E3U18bbT3iOOJgziZ_-pkoss-90UOgBln5Owv2pzijbvUscpXLOCZ9eXopxPackjNedmLI7y4TEVzdEogy-ZSCyFtUWqz0si4uXFN1jvenciV5L8Ik9UKU427SS2cIhfioTMDvpYm_wMpjpuI36v3TXKiODXTsVL-O7SUO6G2R-L5_-KJWauBpaE_CbM_wTPx2bUvuUp84vzECUpa2yakHFpTLIXVln3HQ9n_rDsYAPB3QyhcepM-kTbpUsV7ydz2g7HHnxUtVJA6onjY7W_MmkLd3IgiGTyyryvrWoRsSTTaYHBmhCOTNv35TwONJwMIRTl_vLZajjTflC09kvaHZTQb0UxXcKPF9q66x6wCPlp7i_JrRVHw_305ytITQ1S1Alj1Tsi4sG1qR4NtVZyHd_nEomaiwxh34SZhqKQSFOnuStDbsV_Uk1WY_m3wdopqDCu_iIfHu2pItfW2nU3Rm5l5rtNXBWLCIebWBKdIOW2KVeeB5Zz0_0f-jIvd8%3D&request_ab2=0&zoneid=5202628&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyourfreshjournal.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D0080093e36b04d0afc987d2faed865b6%26pshr%3D0%26rd%3D0%26s%3D784283412763779124%26ssk%3D6421edecbd1f522cd6bacd5d415dc349%26svar%3D1708551255%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D4292615%26rdc%3D2&drf=https%3A%2F%2Fyourfreshjournal.com%2F%3Fb%3D2909618%26ba%3D0%26campid%3D14083%26did%3D2%26dm%3D0%26ep%3D0%26fp%3D0%26g%3DUS%26hr%3D0%26i18db%3D1%26l%3DgnSq6b3k7lHvVR4%26oaid%3D0080093e36b04d0afc987d2faed865b6%26pshr%3D0%26rd%3D0%26s%3D784283412763779124%26ssk%3D6421edecbd1f522cd6bacd5d415dc349%26svar%3D1708551255%26tb%3D5202628%26tbad%3D5234825%26vi%3D0%26vo%3D0%26z%3D4292615&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=4292615&var3=784283412763779124&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0572b46b40a027bb038929318b3e0217a1665e5a4bdd524c423fe073c0515e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: eba0343c2e775011e94c17ad67b73c5e
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sAUluMviTdcmPDYrMHx4l6V2aRPhI82iX4NpPopoDhyir5DTB%2FSbyBH1DuaHKDbn1MT486zad%2FN03XnMyjAXPIjNqy1t0sKsC1eByanRlEHsIAUakK%2F%2FwYha0Jr814RZkRj%2BxSiJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921cc8ce3e6182-ORD
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 5202932
yourfreshjournal.com/sw-check-permissions/ 0
1013 B 146ms
146ms Other
application/javascript 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfreshjournal.com/sw-check-permissions/5202932?var=4292615&ymid=784283412763779124&uhd=1&zoneId=5202932
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgtjyRxS1pRSDIyyfrTSU8tRhSKUa04%2BjI5RG7LX3hiCa3Crdz9mxPxbxFHcuzCuXuJ23XSdj7SL%2BACMbhGo4UantpftSVz4L17PQaffGLbIZ%2B%2BMftHRHACSsCeye9MpaXLR%2BwiAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85921cc98f5a6182-ORD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 100ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
yourfreshjournal.com/ 0
501 B 134ms
133ms Ping
text/plain 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshjournal.com&var=4292615&ymid=784283412763779124&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=29582c85-176d-4d02-956e-8d604452ad22&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: e0273193aadc022e2e91d126ba79952e
date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzynN6ZLlhT3svxsg9s1mR%2FySS8VNUG5vcZ%2Fe7CkqNFxJz3X87UoIbh%2BwXuCVUFPs6I09Lz2gVposnMK6qVEuIlvH9ke8XrDEIN5FW16nFXgB1BFROoYINMJzMH9l7IUYXDMv1UK4w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://yourfreshjournal.com
access-control-allow-credentials: true
cf-ray: 85921cc98f646182-ORD
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 101ms
99ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 100ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 102ms
101ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5202932&checkDuplicate=true&ymid=784283412763779124&var=4292615

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c1b88c34be7d670800e7bc35f8fcaa59fc02ded16db3d5f1fc0f7f96f7978a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yourfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 100ms
99ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 99ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
yourfreshjournal.com/ 794 B
992 B 157ms
157ms Fetch
application/json 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/zone?&pub=0&zone_id=5202932&is_mobile=false&domain=yourfreshjournal.com&var=4292615&ymid=784283412763779124&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=29582c85-176d-4d02-956e-8d604452ad22&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03a4cdbf8e155cf056df48142b947313644e447b265b4333a83e11d10e86bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 0fe44d1cfd415d06787eabbb82a40e14
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Abmrz9Cj3m%2BmPdKDeve4DK3%2FKD9ewASpVfmznt%2BD5vSKaf%2BRPRr7eL8uLhtK4XTZ7x4wj8s7gjImRkCQF8PaTmPO90vQ5o8mLp4eaOW%2BlgVaNODmKNOKtVPQ%2FAA%2B9whz8LxsRumh%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85921cc9bfb76182-ORD
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: yourfreshjournal.com
URL: https://yourfreshjournal.com/pfe/current/micro.tag.min.js?z=5202932&ymid=784283412763779124&var=4292615&sw=/sw-check-permissions/5202932&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourfreshjournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 Primary Request / Show response
fortyphlosiona.com/ 20 KB
5 KB 1412ms
1165ms Document
text/html 139.45.197.169

General

Check archive.org

Show headers Download Go to

Full URL

https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.169 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2b8347db0ad54c0556e54bd9eb35489331873bfabb9660d664aca5777e408d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 21:34:18 GMT
etag: W/"5176-18bf6d1f1e0"
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
server: nginx
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H3 200 cat.php
yourfreshjournal.com/ 0
774 B 135ms
134ms Ping
text/plain 172.64.202.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yourfreshjournal.com/cat.php?userId=0080093e36b04d0afc987d2faed865b6&zoneid=5202628&rb=JjYFa9fh7amiuTJ-o7TAalvd9OSjtX0j0oJZmSOUbWUx276NtLJNvuTjYSpnNmuJve9waJUYMV9fqRJxXJL9RS-A1y50xZsrgTANUj_NuiYzziYmhrhkEoKnJO-qhVLQ5wVVPOa8hSylHr-4wcWlV5-LlQNLHxAWMmiAUTr5w_DRRz8aakUIhkBlj5qH4GkmXH3tOyw1xeb90E3U18bbT3iOOJgziZ_-pkoss-90UOgBln5Owv2pzijbvUscpXLOCZ9eXopxPackjNedmLI7y4TEVzdEogy-ZSCyFtUWqz0si4uXFN1jvenciV5L8Ik9UKU427SS2cIhfioTMDvpYm_wMpjpuI36v3TXKiODXTsVL-O7SUO6G2R-L5_-KJWauBpaE_CbM_wTPx2bUvuUp84vzECUpa2yakHFpTLIXVln3HQ9n_rDsYAPB3QyhcepM-kTbpUsV7ydz2g7HHnxUtVJA6onjY7W_MmkLd3IgiGTyyryvrWoRsSTTaYHBmhCOTNv35TwONJwMIRTl_vLZajjTflC09kvaHZTQb0UxXcKPF9q66x6wCPlp7i_JrRVHw_305ytITQ1S1Alj1Tsi4sG1qR4NtVZyHd_nEomaiwxh34SZhqKQSFOnuStDbsV_Uk1WY_m3wdopqDCu_iIfHu2pItfW2nU3Rm5l5rtNXBWLCIebWBKdIOW2KVeeB5Zz0_0f-jIvd8=&var=4292615&var3=784283412763779124&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.202.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 21:34:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: d399dabe2e699352a9834c0e325dcbb2
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kdGIPCCLE%2B6T%2B%2FmwK607wnujkiuIQm%2BeSuvwI1R0J5V8I2lJVJ8Mp6FWveJyPk58Uq9TP3LBfhaoIhkY%2BedzebhupkJAjp8FUt%2Fru%2FQqEWeJrUWyqEQOJ%2FUStdpqj6yNiCD56T8dA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://yourfreshjournal.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85921ccd5c876182-ORD
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 animate.css
fortyphlosiona.com/Attention_files/ 78 KB
4 KB 835ms
833ms Stylesheet
text/css 139.45.197.169

General

Check archive.org

Show headers Download Go to

Full URL

https://fortyphlosiona.com/Attention_files/animate.css

Requested by

Host: fortyphlosiona.com
URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.169 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
server: nginx
content-encoding: br
etag: W/"1361f-18bf6d1f1e0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 qrcode.js Show response
fortyphlosiona.com/ 32 KB
9 KB 835ms
834ms Script
application/javascript 139.45.197.169

General

Check archive.org

Show headers Download Go to

Full URL

https://fortyphlosiona.com/qrcode.js

Requested by

Host: fortyphlosiona.com
URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.169 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
server: nginx
content-encoding: br
etag: W/"80f0-18bf6d1f1e0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 new_free.svg
fortyphlosiona.com/Attention_files/ 2 KB
2 KB 426ms
425ms Image
image/svg+xml 139.45.197.169

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortyphlosiona.com/Attention_files/new_free.svg

Requested by

Host: fortyphlosiona.com
URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.169 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
server: nginx
etag: W/"609-18bf6d1f1e0"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1545

GET
H2 200 loading.svg
fortyphlosiona.com/Attention_files/ 386 B
600 B 980ms
979ms Image
image/svg+xml 139.45.197.169

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortyphlosiona.com/Attention_files/loading.svg

Requested by

Host: fortyphlosiona.com
URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.169 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
server: nginx
etag: W/"182-18bf6d1f1e0"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 386

GET
H2 200 micro.tag.min.js Show response
phicmune.net/pfe/current/ 33 KB
14 KB 411ms
189ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Requested by: Host: fortyphlosiona.com
URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 13ab6a27afe39979f44047b51c1f57911c89ac5498c6fb861703aa960c2f6371

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 21:34:19 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 13:28:14 GMT
server: nginx
etag: W/"65d5fa6e-8569"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET or5bfqxg8e8
fortyphlosiona.com/w/ 0
0

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET bg.gif
fortyphlosiona.com/assets/ 0
0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78acd4af31822ef0312f9e33af222bd3f2d9e07563761c84a0112eb0ae583902

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 custom
jouteetu.net/ 0
0 104ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET micro.js
fortyphlosiona.com/ 0
0

POST
H2 200 custom
jouteetu.net/ 0
0 105ms
100ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
phicmune.net/ 0
260 B 101ms
96ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phicmune.net/zone?&pub=0&zone_id=6601407&is_mobile=false&domain=fortyphlosiona.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=25bc30a3-c66f-4dbe-81b5-41014bd6413e&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: c7f194af0c6e55b96d312c25849eb243
date: Wed, 21 Feb 2024 21:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://fortyphlosiona.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 106ms
101ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 102ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js
my.rtmark.net/ 65 B
545 B 106ms
103ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6601407&checkDuplicate=true&ymid=&var=

Requested by

Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fortyphlosiona.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:34:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fortyphlosiona.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 105ms
102ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 101ms
100ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 99ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 103ms
101ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: phicmune.net
URL: https://phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fortyphlosiona.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET zone
phicmune.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: fortyphlosiona.com
URL: https://fortyphlosiona.com/w/or5bfqxg8e8

Domain: fortyphlosiona.com
URL: https://fortyphlosiona.com/assets/bg.gif

Domain: fortyphlosiona.com
URL: https://fortyphlosiona.com/micro.js?zoneId=6601407

Domain: phicmune.net
URL: https://phicmune.net/zone?&pub=0&zone_id=6601407&is_mobile=false&domain=fortyphlosiona.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.488&trace_id=25bc30a3-c66f-4dbe-81b5-41014bd6413e&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phoocauk.top/	1970-01-21 03:21:27	Name: OAID Value: 0080093e36b04d0afc987d2faed865b6
phoocauk.top/	1970-01-21 03:21:27	Name: oaidts Value: 1708551254
my.rtmark.net/	1970-01-21 03:21:27	Name: ID Value: 0080093e36b04d0afc987d2faed865b6
phoocauk.top/	1970-01-20 18:45:56	Name: syncedCookie Value: true
yourfreshjournal.com/	1970-01-21 03:21:27	Name: OAID Value: 0080093e36b04d0afc987d2faed865b6
yourfreshjournal.com/	1970-01-21 03:21:27	Name: oaidts Value: 1708551255
yourfreshjournal.com/	1970-01-20 18:45:56	Name: syncedCookie Value: true
yourfreshjournal.com/	1970-01-20 18:35:51	Name: prefetchAd_5202628 Value: true
yourfreshjournal.com/	1970-01-20 18:35:54	Name: reverse Value: VPKL8xSId0Bbd3CYWd-JmOgkhdFMfX4raMh9mtkrqMM

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://phoocauk.top/cndi4858vmefovl/4292615 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615(Line 574) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615(Line 574) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yourfreshjournal.com/?b=2909618&ba=0&campid=14083&did=2&dm=0&ep=0&fp=0&g=US&hr=0&i18db=1&l=gnSq6b3k7lHvVR4&oaid=0080093e36b04d0afc987d2faed865b6&pshr=0&rd=0&s=784283412763779124&ssk=6421edecbd1f522cd6bacd5d415dc349&svar=1708551255&tb=5202628&tbad=5234825&vi=0&vo=0&z=4292615&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fortyphlosiona.com/?t=0&ymid=784283417197154646&oaid=0080093e36b04d0afc987d2faed865b6 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

datatechone.com
fortyphlosiona.com
jouteetu.net
littlecdn.com
my.rtmark.net
phicmune.net
phoocauk.top
yourfreshjournal.com
fortyphlosiona.com
jouteetu.net
phicmune.net
139.45.195.253
139.45.195.8
139.45.197.169
139.45.197.251
172.64.202.18
172.67.178.128
2606:4700:10::ac43:a62
0572b46b40a027bb038929318b3e0217a1665e5a4bdd524c423fe073c0515e5b
13ab6a27afe39979f44047b51c1f57911c89ac5498c6fb861703aa960c2f6371
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b8347db0ad54c0556e54bd9eb35489331873bfabb9660d664aca5777e408d27
2c1b88c34be7d670800e7bc35f8fcaa59fc02ded16db3d5f1fc0f7f96f7978a3
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4f79e732bc15ff9eb4d6089850e583525f329ab952b532a13333148541acb63b
5b6e704220c1b8a9e48afd56bfdfbfa1c52318e1fd8a8436754210cb49c7017b
78acd4af31822ef0312f9e33af222bd3f2d9e07563761c84a0112eb0ae583902
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
aa37a8f47c6be8b0aa9dcb53951fd4a05ac80bee21a8daa9914ae1e10a0a1257
abe58711433f9d45a44b63186a4e99d4b49561d56c6d9561357a9860f45264ad
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
df1e684dcfd8ba4ef61401140732ba595ee10dcc8f435ad6b7a4251b40b46bd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9e410bf905347cfb307078e896ec3f1073f185533577549feddb6e062ce97b
f03a4cdbf8e155cf056df48142b947313644e447b265b4333a83e11d10e86bf6

fortyphlosiona.com Open in urlscan Pro 139.45.197.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

64 Requests

80 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

123 kBTransfer

371 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fortyphlosiona.com Open in urlscan Pro
139.45.197.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

80 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

123 kB
Transfer

371 kB
Size

9
Cookies

64 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!