alugha.com Open in urlscan Pro
2a01:4f9:4a:12c5:dd:ff:0:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://b1.viralsnap.xyz/scrgtgf
Effective URL:
https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propeller...
Submission: On September 13 via manual (September 13th 2023, 5:04:46 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2a01:4f9:4a:12c5:dd:ff:0:1, located in and belongs to . The main domain is alugha.com.
TLS certificate: Issued by R3 on August 24th 2023. Valid for: 3 months.

This is the only time alugha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:b:7... 2a02:4780:b:739:0:2be4:9d0b:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
17	172.64.129.11 172.64.129.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:f48:2000... 2a00:f48:2000:affe:fe00::30	() ()
1	2a01:4f9:4a:1... 2a01:4f9:4a:12c5:dd:ff:0:1	() ()
25	6

1 2a02:4780:b:739:0:2be4:9d0b:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

b1.viralsnap.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

shulugoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.129.11 (United States)

ASN13335 (CLOUDFLARENET, US)

wholedailyjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f48:2000:affe:fe00::30 (None, ) 1 redirects

ASN- ()

alugha.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f9:4a:12c5:dd:ff:0:1 (None, )

ASN- ()

alugha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wholedailyjournal.com wholedailyjournal.com — Cisco Umbrella Rank: 75304	64 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9998	2 KB
1	alugha.com alugha.com static.alugha.com Failed	896 B
1	alugha.it 1 redirects alugha.it	965 B
1	shulugoo.net shulugoo.net	2 KB
1	viralsnap.xyz b1.viralsnap.xyz	1 KB
25	6

	Domain	Requested by
17	wholedailyjournal.com	shulugoo.net wholedailyjournal.com
4	my.rtmark.net	shulugoo.net wholedailyjournal.com
1	alugha.com	wholedailyjournal.com
1	alugha.it	1 redirects
1	shulugoo.net	b1.viralsnap.xyz
1	b1.viralsnap.xyz
0	static.alugha.com Failed	alugha.com
25	7

This site contains no links.

Subject Issuer	Validity	Valid
b1.viralsnap.xyz ZeroSSL RSA Domain Secure Site CA	`2023-09-12` - `2023-12-11`	3 months	crt.sh
shulugoo.net R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
wholedailyjournal.com E1	`2023-08-01` - `2023-10-30`	3 months	crt.sh
alugha.com R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propellerAds&mtm_medium=popunder_smartcpm&mtm_content=MobileSp%C3%BCle&mtm_group=channel:travel&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6
Frame ID: 80A17B3F4F57DB0E2E42BD3DDA33569C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://b1.viralsnap.xyz/scrgtgf Page URL
https://shulugoo.net/4/6106042 Page URL
https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z... Page URL
https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z... Page URL
https://alugha.it/go/travel?&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6... HTTP 307
https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&... Page URL

Page Statistics

25
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

71 kB
Transfer

152 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://b1.viralsnap.xyz/scrgtgf Page URL
https://shulugoo.net/4/6106042 Page URL
https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://alugha.it/go/travel?&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6 HTTP 307
https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propellerAds&mtm_medium=popunder_smartcpm&mtm_content=MobileSp%C3%BCle&mtm_group=channel:travel&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 scrgtgf Show response
b1.viralsnap.xyz/ 4 KB
1 KB 849ms
430ms Document
text/html 2a02:4780:b:739:0:2be4:9d0b:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://b1.viralsnap.xyz/scrgtgf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:739:0:2be4:9d0b:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

cb8f2ef71a9a9696bcb14a68d88d44a9af67ead6ba407b69b9e7084d15b0aee3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 944
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 05:04:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 6106042
shulugoo.net/4/ 1 KB
2 KB 171ms
56ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shulugoo.net/4/6106042
Requested by: Host: b1.viralsnap.xyz
URL: https://b1.viralsnap.xyz/scrgtgf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://b1.viralsnap.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 13 Sep 2023 05:04:44 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://wholedailyjournal.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 83ecfa394ec75ae18166669732c37f21

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 152ms
45ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=93a22db512624268be2175506361cb5e

Requested by

Host: shulugoo.net
URL: https://shulugoo.net/4/6106042

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://shulugoo.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
wholedailyjournal.com/ 40 KB
13 KB 188ms
89ms Document
text/html 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: shulugoo.net
URL: https://shulugoo.net/4/6106042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 493c56cc0a8e4e59f5016a7ad50770d26c1748bf29c6618f8c6204ee8f1af166

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 805dd9e87c019b49-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVDJCgO07j41nlNjNG165n5iFM0XLBpR0eVoNSRY0zLkXilRJiuOCKtTfaOMG0MAScMye55qzhlcDGInPn4MP6VEg1iQxVVBxaqsANiA5UGLLZiQehiOMm%2BDFJ0dVuUdPPBWiIufOnQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 46ms
45ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=9f6e146414e342d0dc67a68e37bcb7a6

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f483552f5614db7f5ac971175803f579de3080d3fc13bf66472ef95f90e96c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholedailyjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
wholedailyjournal.com/pfe/current/ 26 KB
10 KB 59ms
59ms Script
application/javascript 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Sep 2023 13:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f1e924-68a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JfwMAWObKH2p9CWmooLbce%2F9EcR5rvQ364EZYEyAAVDaxnwfZCHYD5AKIW0Qi%2FGomsSagkomtpHnu5DGLXIXCWqjPJq5iw8TGA9xLu2rg%2FlxVU3fz%2BZq%2B9cyf51HptQbN9HfsgFg6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 805dd9e92c6e9b49-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
wholedailyjournal.com/ 2 B
404 B 66ms
65ms XHR
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIRgcYtaSSzvZfX3XQRDO8iVcyMzqGxfFP%2BiVboeeT8zQ43iYSOmiOih25NXzCu4jfK4ddIIIlkZc5zSACvyuN9T8HdEtXSWybSw%2B7xAqkocKEqp8bCCeAmpSzaPF%2F4jA41AGq%2FZuSw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 805dd9e92c6f9b49-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
wholedailyjournal.com/19/4662728/ 3 KB
2 KB 81ms
81ms XHR
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=6106042&var3=725689941484646932&ymid=&rhd=1

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9644cc9278075c57c2cbe34c1ff22427155d2a85248ceda3e5e5f35245def7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: d899b2495c35bc11b2ea7d9e0c3be10c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBRMRG6GsipE2lFDUH7i3u%2FjndD7oZx31AKKxI05opxOVmW%2B%2Bevviaus%2BZdVOzsN6uYGB2d%2Bv7q5QGAJAIHhfk3LmVTqZtVDzVHQ1we4eGipFZHn11xUs4ISKP3msTPIRVaPO10e1mY%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 805dd9e93c799b49-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
wholedailyjournal.com/sw-check-permissions/ 0
969 B 66ms
65ms Other
application/javascript 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/sw-check-permissions/4662709?var=6106042&ymid=725689941484646932&uhd=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQJ%2Fhjc0lHFVL2Iks8MxzSn%2BSMbDXCvaQB%2Fwh34vYm6KfzU%2F%2B7X%2Fck%2BDgpiJjEG8xFY9MIgw%2BR%2B7OTox%2FBMwRn7w1IvLAhDQ29YldGb9rqqQ4aETrtbYHwauUIguESRrL%2BwR%2BEfos40%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 805dd9e99bf51cc9-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
wholedailyjournal.com/ 0
529 B 65ms
65ms Ping
text/plain 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6106042&ymid=725689941484646932&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-trace-id: 8472ec91e06b606356a3c1d28a596e1a
date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGfZvDZsv3JZuOlagEjgHnoOny%2FnC3gtToo4gWUtBfYX33hV5M6kG4KcIaM%2FIDZIWsDJIYbjEQY90Gt2VgrKZPXJheNm7xnI2xohxYkD7f3Rz3a3IEI6JkXlSORmRJeELn%2B4LV430DA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholedailyjournal.com
access-control-allow-credentials: true
cf-ray: 805dd9e99bf61cc9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 49ms
49ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=725689941484646932&var=6106042

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f483552f5614db7f5ac971175803f579de3080d3fc13bf66472ef95f90e96c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholedailyjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
wholedailyjournal.com/ 795 B
981 B 68ms
67ms Fetch
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6106042&ymid=725689941484646932&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: d2d41b12e9815a202aa38fdd96b7c11c
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO0OtJJ8flilV%2Ff18KsB7DUAzOn6J4aNa5LyyPo%2BdaVOOXENDaQsZkX7Dq6WanU%2FW1kyI9DpK7mCZG5Pm9kUuzvEAidWmNkB%2BazAmA0o4V9ffdgdwGSROHdv0VOLZgn6Q3xh%2BtQVJT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 805dd9e9ac041cc9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 rhd
wholedailyjournal.com/ 2 KB
3 KB 154ms
153ms Fetch
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/rhd?rb=O_4uvn-FTLZnm-46XwR-mfghzqWBPZN2Lj3kuf8I2LsgB6jOq2RCN2NAzf9w9b_-Dd9IWnTA-h7NBaFtsHiCUzuBZfTM85WZRMvlnYSCuNSMTD8CNu1WHZ-ZxOJ9L-uIG803fY-KReaSTWpgH3ujgrIWmtTg2A7hjq-DoqGoYbnfKXIscRguCD-2ebvFWRgzIspb5BTzDCXis-iUV2ZPeA5KOBEMGDJCbjC7bF2OpRxouOHHQOPsIKay9j9f7c4_dcC-6a1Pr8lB1fE3r5CuAlHfJu1VvnHbtymF526aHd8o70tvUl5eFRohjDXcLCNag3RR1S7uUk2NuWNbPtM9YEw2pJ8zlAyLm-AfQMH-ydj-LwZcSRhVlmIF4KfmCAV1gR2FMEX9NVr5GqJ95Nl5egrfZ9cMo7jSp8wI6irjQCd8N_pXkA5KyU3A1szEzUg5Z6MfNV_nnZ82Ey_YcZm2yQomQE0Gth-fWGoQ_PcUJy3tNMmCv-iCRg%3D%3D&request_ab2=150012&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D725689941484646932%26ssk%3Df2e87b2948f900b1ce0c7df573bfc66d%26svar%3D1694581484%26z%3D6106042%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6106042&var3=725689941484646932&ymid=&rhd=1&m=link

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 0ba28f2a941116ed3f221fc0ffc3f820
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7406mnNKyacv1WM5KlWNxg5E01EWemp8z5f0K2evlpI4PutC87%2FLOLymuf1p%2Fj4vHmxWVeoom0xkta0BNHKqXnJ3yU%2FHGO33Y3z97SqfKHGTKrnZE9wjh%2BlpdY7pqo7mYX2biRlAYc%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 805dd9e9bc111cc9-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 / Show response
wholedailyjournal.com/ 40 KB
13 KB 113ms
112ms Document
text/html 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 7426e93277451ee9bf60b67263fedda5e4f8bcded93e62303deac1b8441838a0

Request headers

Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 805dd9e9fc521cc9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 05:04:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FtkZ%2BeRa3jaDfvgJ6kIejzz3s74fw3erMJPW2cFntrZO28%2B04SH06LqncSRWxO2pksruADAqBvd3wdDpU2YAuoS8cQ3BfCeEORqGz8HChn%2Faj67RIAytMFQQXrninBx0bfWVITdXfs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.27

GET
H3 200 / Show response
wholedailyjournal.com/19/4662728/ 3 KB
3 KB 66ms
66ms XHR
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=6106042&var3=725689941484646932&ymid=&rhd=1

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59f774ce7263a35d9413dcc576000254d29f2bc1fb74eb5d8d6a1bb25d7fce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f85dafc0cd4d8ca2fcd5871b36b6189d
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT2Ui4Z2v7sGvg2ES6Z1MXCsjGia2GB2sad8kmKuQT1od%2By8LFb%2FHXynlml6NkHNnhwQoNTKm78sPyBzbrSihefIT2sqpDjFiKQ3%2BSF7D4qoZK2gmkszmLkyv%2FlQeS0mKRHCmIGImlM%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 805dd9eacd291cc9-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 micro.tag.min.js Show response
wholedailyjournal.com/pfe/current/ 26 KB
10 KB 66ms
65ms Script
application/javascript 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Sep 2023 13:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f1e924-68a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyzmN%2BRJHyFex9Vc9d6XAIO33GpPnFtiRLwa2PyfeHeAmzviJaQB7wlcv7wM%2BhTNZtm8BKGdWg56Y9DmGAbr9mQvcKqTOK9SkAxVB2%2FfERN2%2Fh5yU0RG2AZPCccAM%2Fbob6yk886grXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 805dd9eaed581cc9-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
wholedailyjournal.com/ 2 B
535 B 63ms
63ms XHR
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojQC5CfKibjir4bCOCzQ9d%2FK5w2Y5rG0ZaQgKoaZ8eTL7fkrCCpGdX5oapIrVqTgwEmXWnS2k1PXtv7wYyPVxF2rjxYTThZk1KuYgDB%2B32u8peC8yn0AvthvBZqIQD8%2F%2FbbC8JObOEM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 805dd9eafd5b1cc9-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
wholedailyjournal.com/ 3 KB
3 KB 72ms
72ms Fetch
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/rhd?rb=RXID8xlJUG9aKpFPdoTVDAaym12xTMO7_BJTpEjQR6NWTq1YhrjaLlDQmtT45MK_7GZUcWZaH4Z94W_lQwVGfio5Ft65uUyapuq-zNJC5IjK6wwlKHftY67hibtdbbZhVG9g8OxKFXheOzlR91jqqVs63NQh8vsyTp3aal_gsfGeE6Gwgwmo3wzEmQp5osYkDUd6_5xhs61RKeXuUz6FgQ1tXWN3TQq8mUN7G2I-InFABY7zh0Nwj6dDP9pW7KwNA89OdcF9N09QhkmSVxPydgHDr0YXPkE9imjZPJ-GAnINnJpBk2gtS71KeCxNbES8FgqyEwPz60djpKwqD-sgdN_bZvQQ9825b-K5wWvyTD7uHQHAXTGJAe6p2x1SA2KH03ud3fpOfON5uRmN0rtC1Ejo5bGPJrTEpZmjfyXjN5rvQ1FXBIPBqcEKSaviYJpPzwBfG_88vdeMO0Xq9mxEg9RU3pzIlmHyby6xR4DOG3nMC1kf7r7F5zaD0Co%3D&request_ab2=150012&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D725689941484646932%26ssk%3Df2e87b2948f900b1ce0c7df573bfc66d%26svar%3D1694581484%26z%3D6106042%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D725689941484646932%26ssk%3Df2e87b2948f900b1ce0c7df573bfc66d%26svar%3D1694581484%26z%3D6106042%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6106042&var3=725689941484646932&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ee4db3de1a01427b0803b967518963a04fac5b0301a441e8a1790b063ee591

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: d87fab747d67d82c26ac32b205a40bac
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QL7cez4U%2FjWnG99VMV0HG3zMjFMk33YF6wh4V8O%2F%2FJ1b%2B7TqMJAuqHHX9I3AvsmQ%2FyW3I%2Bc60vVD0xZYL0ocrFMeWIbICJ67FzBj7t5arpxVK2gHvcxdr507cDutpFzt1lOEkdkHIs%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 805dd9eb3d8e1cc9-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
wholedailyjournal.com/sw-check-permissions/ 0
958 B 64ms
64ms Other
application/javascript 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wholedailyjournal.com/sw-check-permissions/4662709?var=6106042&ymid=725689941484646932&uhd=1
Requested by: Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ6lK0CE4KDjhlrmOSorF6VY6NG0z0xKg63hjWDDBXUQ6HOmgdsM1lK4b1ifQk3%2BKEXjryQGWgRl%2FkS0XwEZeAT1rWO0rkeQs%2BBCCJ2ilFSJqnjnwjLjN6f9FjsW4qSuCyVCQPkKm%2Bc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 805dd9ec4e921cc9-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
wholedailyjournal.com/ 0
492 B 59ms
59ms Ping
text/plain 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6106042&ymid=725689941484646932&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-trace-id: 57720403357bdbefb8e519a938ea8e6a
date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuolX4jN8vSw2hmP75DnPwHC%2BXvewKq7kPRmrdVdhq8isXtuIpavZJ9cEBagbGhvY9INc7lkhVwnz7wa3TeijiBgYfVImr8SPiwetNz%2Bp2TcBQAjK6%2BHRh2AwMS2RVkgdmvDqmSovZ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholedailyjournal.com
access-control-allow-credentials: true
cf-ray: 805dd9eb6dbe1cc9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 46ms
46ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=725689941484646932&var=6106042

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f483552f5614db7f5ac971175803f579de3080d3fc13bf66472ef95f90e96c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wholedailyjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
wholedailyjournal.com/ 795 B
978 B 60ms
59ms Fetch
application/json 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6106042&ymid=725689941484646932&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: wholedailyjournal.com
URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=725689941484646932&var=6106042&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb3786e513baa5d4a64e5f6af0b2630522077330d64b07647e4fb595cea399f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:04:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 78069189df1899a7b38b40c775717653
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwxYA2YXTjfGJqi7s7QEj3rzvHuSAd4nWrGoWqRta64xGpO6omDIIuUyqRVRZCi8l8mJrwQtf11929DJNb%2BH15pGMMo7bD2zRtWVRNeVJwimPQrEyAA%2BNbag8Oyj4Ch6a2RRBOBvRjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 805dd9ec4e961cc9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

Primary Request 1d26cb30-e759-11ec-9abb-394e4228fcc0 Show response
alugha.com/videos/
Redirect Chain

https://alugha.it/go/travel?&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6
https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propellerAds&mtm_medium=popunder_smartcpm&mtm_content=MobileSp%C3%BCle&mtm_group=channel:tr...

1 KB
896 B

195ms
61ms

Document
text/html

2a01:4f9:4a:12c5:dd:ff:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propellerAds&mtm_medium=popunder_smartcpm&mtm_content=MobileSp%C3%BCle&mtm_group=channel:travel&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:4a:12c5:dd:ff:0:1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fda800c4aced0f216029be8924bd9d1b5c2f2ce1016c9a06c7d127f8ae148003

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 05:04:46 GMT
etag: W/"4a5-2o2y+b3xzm6H0r8jjXSmwOuOJWY"
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 05:04:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
location: https://alugha.com/videos/1d26cb30-e759-11ec-9abb-394e4228fcc0?lang=deu&mtm_campaign=LR-Travel&mtm_source=propellerAds&mtm_medium=popunder_smartcpm&mtm_content=MobileSp%C3%BCle&mtm_group=channel:travel&mtm_kwd=7343812&mtm_cid=7343812&PPAID=725689946182259036&oaid=9f6e146414e342d0dc67a68e37bcb7a6
pragma: no-cache
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-lima-id: at97lzNKWp9OHlg0EW
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-redirect-powered-by: https://www.betterlinks.io/
x-robots-tag: noindex, nofollow

POST
H3 200 cat.php
wholedailyjournal.com/ 0
762 B 54ms
54ms Ping
text/plain 172.64.129.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wholedailyjournal.com/cat.php?userId=9f6e146414e342d0dc67a68e37bcb7a6&zoneid=4662728&rb=RXID8xlJUG9aKpFPdoTVDAaym12xTMO7_BJTpEjQR6NWTq1YhrjaLlDQmtT45MK_7GZUcWZaH4Z94W_lQwVGfio5Ft65uUyapuq-zNJC5IjK6wwlKHftY67hibtdbbZhVG9g8OxKFXheOzlR91jqqVs63NQh8vsyTp3aal_gsfGeE6Gwgwmo3wzEmQp5osYkDUd6_5xhs61RKeXuUz6FgQ1tXWN3TQq8mUN7G2I-InFABY7zh0Nwj6dDP9pW7KwNA89OdcF9N09QhkmSVxPydgHDr0YXPkE9imjZPJ-GAnINnJpBk2gtS71KeCxNbES8FgqyEwPz60djpKwqD-sgdN_bZvQQ9825b-K5wWvyTD7uHQHAXTGJAe6p2x1SA2KH03ud3fpOfON5uRmN0rtC1Ejo5bGPJrTEpZmjfyXjN5rvQ1FXBIPBqcEKSaviYJpPzwBfG_88vdeMO0Xq9mxEg9RU3pzIlmHyby6xR4DOG3nMC1kf7r7F5zaD0Co=&var=6106042&var3=725689941484646932&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://wholedailyjournal.com/?s=725689941484646932&ssk=f2e87b2948f900b1ce0c7df573bfc66d&svar=1694581484&z=6106042&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Sep 2023 05:04:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: c1aa35cf9ee5b8002f3a3c7a629af463
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N71RUMdwzSPO1c1Nug2RAWjj0HU5JMuOy9ibCtda7yGhPQwWrb6xI48uFtECRlRcQbsGyS60pT8A1ZmeIqNsxVLw9iwh5OJRYDQ7ZKGqqvQU4S3Sq3Lh8jghgGavi%2BKJQ6WD5bxmEhg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wholedailyjournal.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 805dd9efb9ad1cc9-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET 179.862447f9599eae80cae1.js
static.alugha.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.alugha.com
URL: https://static.alugha.com/179.862447f9599eae80cae1.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
b1.viralsnap.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: adac56626f7777a56d9e04a9775f4194
b1.viralsnap.xyz/	1970-01-20 14:43:02	Name: short_139625 Value: 1
shulugoo.net/	1970-01-20 23:28:37	Name: OAID Value: 93a22db512624268be2175506361cb5e
shulugoo.net/	1970-01-20 23:28:37	Name: oaidts Value: 1694581484
my.rtmark.net/	1970-01-20 23:28:37	Name: ID Value: 93a22db512624268be2175506361cb5e
wholedailyjournal.com/	1970-01-20 23:28:37	Name: oaidts Value: 1694581484
wholedailyjournal.com/	1970-01-21 00:19:01	Name: syncedCookie Value: true
wholedailyjournal.com/	1970-01-20 23:28:37	Name: OAID Value: 9f6e146414e342d0dc67a68e37bcb7a6
wholedailyjournal.com/	1970-01-20 14:43:01	Name: prefetchAd_4662728 Value: true
wholedailyjournal.com/	1970-01-20 14:43:05	Name: reverse Value: 0a5IYaOeEwopZHb2DVDEY7FrOBGasBxCFgKKsRbofi8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alugha.com
alugha.it
b1.viralsnap.xyz
my.rtmark.net
shulugoo.net
static.alugha.com
wholedailyjournal.com
static.alugha.com
139.45.195.8
139.45.197.243
172.64.129.11
2a00:f48:2000:affe:fe00::30
2a01:4f9:4a:12c5:dd:ff:0:1
2a02:4780:b:739:0:2be4:9d0b:10
0c9644cc9278075c57c2cbe34c1ff22427155d2a85248ceda3e5e5f35245def7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47ee4db3de1a01427b0803b967518963a04fac5b0301a441e8a1790b063ee591
493c56cc0a8e4e59f5016a7ad50770d26c1748bf29c6618f8c6204ee8f1af166
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
7426e93277451ee9bf60b67263fedda5e4f8bcded93e62303deac1b8441838a0
93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049
9cb3786e513baa5d4a64e5f6af0b2630522077330d64b07647e4fb595cea399f
cb8f2ef71a9a9696bcb14a68d88d44a9af67ead6ba407b69b9e7084d15b0aee3
d59f774ce7263a35d9413dcc576000254d29f2bc1fb74eb5d8d6a1bb25d7fce4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f483552f5614db7f5ac971175803f579de3080d3fc13bf66472ef95f90e96c08
fda800c4aced0f216029be8924bd9d1b5c2f2ce1016c9a06c7d127f8ae148003

alugha.com Open in urlscan Pro 2a01:4f9:4a:12c5:dd:ff:0:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

96 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

71 kBTransfer

152 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

10 Cookies

Security Headers

Indicators

alugha.com Open in urlscan Pro
2a01:4f9:4a:12c5:dd:ff:0:1 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

71 kB
Transfer

152 kB
Size

10
Cookies

25 HTTP transactions
2 data transactions