bnr.hyperadsdesign.com Open in urlscan Pro
52.73.194.70  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://grunoaph.net/4/6292835 Page URL
2. https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
3. https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
4. https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://r.secprf.com/v1/redirect?type=linkId&id=f71552f3d4624d27b4fcc15639cac318&api_key=98341c9fbb624095eb1df1d5dfe69d45&site_id=afa4f178d8554681b6bf3ab6124ce1de&dch=feed&ad_t=advertiser&yk_tag=64f719d94ad48c43e39faf0d-RL-373838 HTTP 302
• https://r.secprf.com/v2/go?t=kt.pc%3Ah%2Fnwr..wwnF.%25o2%2FAw%25ltch.phm%3Fcie%3Dn1v5r%26tdd1a3w6w%261lecpref1wcw2a6datfr6v1n6e5c8m8c1i4kfe-21v83e4b011e8c9975447682a63581596344901060f05%3Ddccaiek1ec32a6aaff76d1564588b8b134bf1%3D4ferdc%26lw%26r1v83e4b011e8c9975447682a63581596344901060f05%3Ddfaracfl7%26do5.4u8ebeba3abd1.4we%3Dde%26krifc%3D6w4.4d%3Daia8e2e2ud.mop%26p%3Dktipc3a%25mFc21wiwacwuwc%2F.sotuh&e=1&ai=68642e357c0c43a8b51d3ad1ed815c81&sct=0&ct=1693915610195&cu=971457682a63485596c4e911b6ef851d&sr=1&ykuid=8433c348df6046cdbfb170bb1e3f0601&sc=1&cs=6c1d9298f5f3c7afc014c591f891d864 HTTP 302
• https://www.awin1.com/awclick.php?mid=21258&id=143466&clickref=www.addatarevenue.com&clickref2=v030400014839971457682a63485596c4e911b6ef851d&clickref3=afa4f178d8554681b6bf3ab6124ce1de&awcr=v030400014839971457682a63485596c4e911b6ef851d-afa4f178d8554681b6bf3ab6124ce1de&pref1=www.addatarevenue.com&p=http%3A%2F%2Fwww.crunch.co.uk HTTP 302
• https://www.crunch.co.uk/?utm_source=AWIN&utm_medium=143466&utm_campaign=Sub+Networks&awcr=v030400014839971457682a63485596c4e911b6ef851d-afa4f178d8554681b6bf3ab6124ce1de&awc=21258_1693915610_d4728cfd11913d691ec33a9c7bb6ba55

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	6292835 grunoaph.net/4/	1 KB 2 KB	164ms 46ms	Document text/html	139.45.197.238 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://grunoaph.net/4/6292835 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * * access-control-max-age 86400 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf8 date Tue, 05 Sep 2023 12:06:46 GMT expires Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://wholedailyjournal.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch" pragma no-cache no-cache server nginx timing-allow-origin * x-trace-id 24e016397cdc3469bd55e11d0b7c1750
POST H2	200	img.gif my.rtmark.net/	43 B 505 B	227ms 140ms	Ping image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/img.gif?f=merge&userId=721f0e8f4eed41b5a57a292052007792 Requested by Host: grunoaph.net URL: https://grunoaph.net/4/6292835 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin https://grunoaph.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	/ Show response wholedailyjournal.com/	40 KB 13 KB	378ms 135ms	Document text/html	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Requested by Host: grunoaph.net URL: https://grunoaph.net/4/6292835 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 57ed110de18389b5342f5a76f2998969b2428b5faaaf36d4a809eff242a00006 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 801e59204e2371b1-LHR content-encoding br content-type text/html; charset=UTF-8 date Tue, 05 Sep 2023 12:06:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxuL9vGYSOIMCXW6Bfu6WZ54dEsGhOWg87W0Lkua98QV81MKtDHoKsCoyva3uOVzDUA%2BtwdjXo6aqfMl1b2JerLHT86%2FRdByUfgKzx3ACTPh9q6deYYquw%2FfWDH4FTd16lxlcbuX8I4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	gid.js Show response my.rtmark.net/	65 B 547 B	36ms 35ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=20c7e9b8b1f756dfa71e7458eef502a9 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 81bd27cb34884ebdc676273aa1a6205fd1b5bfbed946355059c5496e00bf9afc Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	micro.tag.min.js Show response wholedailyjournal.com/pfe/current/	26 KB 10 KB	69ms 68ms	Script application/javascript	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049 Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status MISS last-modified Fri, 01 Sep 2023 13:37:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64f1e924-68a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8HjSQFA%2BY47%2BThHFlE6BNkfhyOIsV8HJAWWuBm5gBJfvRG1GTHsY6m2ha02k89XAVsuwIwjVKow2NdBDiNcB4z%2BE9i3LB4s40XAQREbxEjd5saiqZ02LViFgWPWGs%2FWavqdC2X8qHQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 801e5921482471b1-LHR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response wholedailyjournal.com/19/4662728/	3 KB 2 KB	65ms 65ms	XHR application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=6292835&var3=722897048210510198&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28fd3a06cc1d4d8eef9ddac4ade4b432138373839f5e50097ef60566fba16edf Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 8f30c5db19f3e1c12128af7f4c4a5c9c pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HBesYy4Xv6xg9nfj0P5DYNEEs4eJmYHwhFZ2dJcm5Sd7m%2Fsrtn9EXQrtydQ%2FSfVIbvfwAaXXzTo1M0PnJc14byYfYt4242MkXtQAxEjlSi5X5lY0xHNnSoi44M2%2BD4LxZtA7nDXwJA%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 801e5921583971b1-LHR expires Tue, 11 Jan 1994 10:00:00 GMT
POST H2	200	/ Show response wholedailyjournal.com/	2 B 425 B	72ms 72ms	XHR application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3%2BgSxETcuc8725fUSAmPQVq0lrHOk9uSoS%2Fh3VtlFNZkgMdGGPoqLQAb%2FLqD2eYvanLVnIkdotXouQ5xyN2kB8xeic0uIMf5MuQUlhsjWOBRX5N1A3T6zpCe1wIATqvZM3WIxSYGCc%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 801e5921583f71b1-LHR access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H3	200	4662709 wholedailyjournal.com/sw-check-permissions/	0 992 B	85ms 84ms	Other application/javascript	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/sw-check-permissions/4662709?var=6292835&ymid=722897048210510198&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.27 Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.27 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWGQi86wiE9SB9P6%2FbsKOwHMKQl7%2BZaWZUh9ZV3afCcXaDhbCF6EQ9wEkHqnRx2nKhrcsi0gbNfzOrAw93WuUavnwc%2BZ%2FRKUANt1yRTsBlqAfLcyF1A3LovxihWltN2lIjN6dhIphLc%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 801e5921cd5c24e0-LHR access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	zone wholedailyjournal.com/	0 497 B	93ms 93ms	Ping text/plain	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6292835&ymid=722897048210510198&var_3=&var_4=&dsig=&tg=1&action=prerequest Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers x-trace-id ae6f972faca86fe5495a515f1a497919 date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05%2BHk%2Bf4EIBL5VS1sEw8Zf1by6k4faXPk7W48x2z59yyxzJK3m8tCKxZ9%2FgxY4jE5NepjmZBiRPqJ4UqS9bqTLM15wVNqjH%2Bre8eXbaUgHAjeuGYWbfxCKk3lZHou%2F67z%2BCGwwu2aVI%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com access-control-allow-credentials true cf-ray 801e5921cd6024e0-LHR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	rhd wholedailyjournal.com/	3 KB 3 KB	107ms 107ms	Fetch application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/rhd?rb=vZMK7gwi_lg0LMOJ7sefN2z5bp206S2JcX9hww_DJ_Jw2tQYzzfHBSV6Y9zuoWxcxZUhvL908-63c0rGQtUUmEuQ8qbNzOUhF93H-pRfbVzmdDnm28KM0npdula4nSyC1WpImEG44qGctq_GR3BDWwPDVRiHx1gGqRuxfFyH7jv--Q31ggwiWFKKA6grWusiVlEBflVfo7MCRyxsdznBEYV-_muuBrmudN2TEp19YBl-p35vkddL44RHpotDRU7SfmNRyvGzfWUZnNFuMuGrXY57jSWIlt9PTdrlKwuj71RJNX9rUT2UAwo6Z62HsOmHawnEtT4nYtuOing4oy205kPlpPG6U_L3XivOpR1TUipglp0IjEnEyK6VJItYB_mji-nPuVVS8XuVO0kxYcNwhxLbM4_xb4NVDerdzhZoqhFPskT-AFfXsJXrwCOdiNqfR5Z6yQPdKo82uxLkxTqWHxndb7Majh4yaiBGS58v5vA_UPTi&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D722897048210510198%26ssk%3Ddd0c403c3c3007c05dd44260a4726ea5%26svar%3D1693915606%26z%3D6292835%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6292835&var3=722897048210510198&ymid=&rhd=1&m=link Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id a081ca254e8c24b4ca90de88d5c8b95a pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMk9c2fEw5TowIevxv9afiO7HiOzwnhrQZ4TP1CTe%2FGlSG%2FKMjIKKeitpjqTMNvDHCjKI5Ga%2FPOYFLmFQMwzF2Mwok91Uo9KY2mMPNvRanNppvMxhGPdynysVdy1YQIhQLTkT5USVgA%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 801e5921dd9424e0-LHR expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js my.rtmark.net/	65 B 547 B	37ms 37ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=722897048210510198&var=6292835 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone wholedailyjournal.com/	798 B 979 B	95ms 95ms	Fetch application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6292835&ymid=722897048210510198&var_3=&var_4=&dsig=&tg=1&action=settings Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id bf99206b4e9ad8252b7aa8185071c17d server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mltqZ0A4bG4lEk6LU5qBlRLGcTqRHgp7n7N%2FULzTpHGqwYwBV5INojPLC8cAKEzhE1WfgP7mEI1oqDFDgVUpC3t7x0v8p5t%2BMvCNrmWl1pga40VjcuRCkCd21sSsnX1Ln047p0Hu1s%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 801e5921dd9e24e0-LHR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H3	200	/ Show response wholedailyjournal.com/	40 KB 13 KB	126ms 126ms	Document text/html	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.26 Resource Hash 1dbe75b22b10f7ec26373f3964aa7e7aa7f93b3e6eb0b5c94884145f8c532f97 Request headers Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 801e59222e1524e0-LHR content-encoding br content-type text/html; charset=UTF-8 date Tue, 05 Sep 2023 12:06:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLLHcbXj%2FfFfv80ef5h5cPoZ98fAGVG%2FL3QMmB6iZIqzfkbihgEzNNpFNU83IRi6vidKsDjD4MfyynyRqHxNMkJQI7M%2BoBO2Rda2qWu%2FV%2B0R18DbozmNkEsu%2BqSoHJbPeXEkUjFlh6o%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.26
GET H3	200	micro.tag.min.js Show response wholedailyjournal.com/pfe/current/	26 KB 10 KB	81ms 81ms	Script application/javascript	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049 Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status MISS last-modified Fri, 01 Sep 2023 13:37:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64f1e924-68a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxGpqzxLGdf3qYvxXTGFOQ2%2BpRMWknqm9chzf9FEC7MVaEtjZTA83JJ7CwcoLOOWz6T00iBAL32yMqu76d47MDotVR%2FxQMvv%2FDoJU1APcQ2po2RCWRFTzcNKcQ7vVXpVPU%2BmScKtJDg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 801e5923681b24e0-LHR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	/ Show response wholedailyjournal.com/19/4662728/	3 KB 3 KB	83ms 83ms	XHR application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=6292835&var3=722897048210510198&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b09ba30037df6da8e03104a627985c5c4efa3f71a21e3c8c5e9c00aa23f39126 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id c74de32cc3779b63ff983c44a1dff1ed pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sPiCbdUZihrmKgWJPS9Di%2B0tjYI4qkTy1Sz8QAnIGLZxgdPEo1vyXSj3w%2BGG0RWWfgnxILTNGkzgMZqhG%2BHWW%2BLimoHxvyDXb%2BZNtLjpuB%2FM6lJ%2FS12Eo6XE%2BPDNZEqxo3K2ghaG68%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 801e5923783e24e0-LHR expires Tue, 11 Jan 1994 10:00:00 GMT
POST H3	200	/ Show response wholedailyjournal.com/	2 B 538 B	89ms 88ms	XHR application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.24 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.24 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BGqVmn%2FywvuLSHvPFFXaSXuKaJnfQEH3lKlPa5fiVM2eY%2BQE3QldQ5z7exOSadyM%2BCsrf7qyMzh4We4QcG6nJ8fcRuw%2Fn20nVowRDQz4YV%2FJYQAO3vfLAf1YQwNjWWBEJj9ztJz5ZA%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 801e5923784624e0-LHR access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H3	200	4662709 wholedailyjournal.com/sw-check-permissions/	0 956 B	98ms 96ms	Other application/javascript	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/sw-check-permissions/4662709?var=6292835&ymid=722897048210510198&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeWK84yI0S%2BmhlQvzD2B8UTVXg5EyIfuBsZadxlNo4CJ0rMAiqlD5EGDBfLZGGo9r4506T6Gzt7UqNHOiiBtCQlmQ2T%2BzFk0%2Fb1Ph41EHIdivcijaSBlqLwQpcuUIU35DZEa1rv2%2FsY%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 801e5924095424e0-LHR access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	zone wholedailyjournal.com/	0 491 B	85ms 84ms	Ping text/plain	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6292835&ymid=722897048210510198&var_3=&var_4=&dsig=&tg=1&action=prerequest Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers x-trace-id 0edc60ab92089cb371d6f3bb65bb7144 date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MQ%2FmwiG3kIFgcnAJg703S3cEGZBDHoTTvMjq%2B9pzvtP9FQrTE0xh6N7hYOsFZ3g%2BMxHcn6oMV3HMil1UYFCqxj1BOfnfmatmEFMmmdTYgnpC3o2rgxFTLe6x0vRvZbZhDVEt4tprzs%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com access-control-allow-credentials true cf-ray 801e5924095024e0-LHR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	rhd Show response wholedailyjournal.com/	3 KB 3 KB	85ms 84ms	Fetch application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/rhd?rb=OP-rXJ6dv3BBNkGFbjN3En9JYwllVtm3ElJSKkamrXg6HvsjmQFZsjkoFMOplDbXuJwMqau4Ar3c9tr3OeWFUEtv-_WdljsAsNu4ouSmP77aD6XVYnh8pbr4sZeamz4bewBtmmVZC3KqBr2H0HODo5IduORNAoVT2HLpuMDCrHeR7n1pVbExQtTJ4VYKeHrb46E2ydaIoOCiEnHauGr51ZxYcZ0OyyrudBJhCdZLZdvnEjkp5ZzJf8zdqtRMsIzozr8xccj-gfFcRoblaF33Sm4c-ZZnOB9MB3cMLuUYYQypTxij8bQUFMT_7HD6Eo5Tecj6wNTS5NaGocDwsfy9XJ-thG3Zz8wXAhiz2jY79BFTxL-hq5GMIJN1EcCU7hvEoCKLTzfzzirY5aKqvHF7UfP7EFCm577YxGDyTUG9MmKsQlfzCzODzZqqKE-B5RabdmImnH0Zj5bwJLBPZijdd5gnYdUEiD1FPxNgxbYc8Rl380a89JTENgjBeUU%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D722897048210510198%26ssk%3Ddd0c403c3c3007c05dd44260a4726ea5%26svar%3D1693915606%26z%3D6292835%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D722897048210510198%26ssk%3Ddd0c403c3c3007c05dd44260a4726ea5%26svar%3D1693915606%26z%3D6292835%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6292835&var3=722897048210510198&ymid=&rhd=1&m=link Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c978ba1841fdfa0edbaca7bcc1694582aa72cd85e890c3d76f71263da580868 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 907ccf666eb8a6a2f513f97c0b6541d5 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcDIPJDjAmPA8VQDEmLrmsZIeKmVS1jaDevd0Wkk5IVdMUB0juPzXcqahtU1CUVgmIbOVFECr0GjugsAp80koKcGbxJ7e%2Fs3I5vpiJovZEnO%2F5ukDeRemVgzzk4AEZUcJq44psPfF80%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 801e5924096224e0-LHR expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 547 B	38ms 37ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=722897048210510198&var=6292835 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 81bd27cb34884ebdc676273aa1a6205fd1b5bfbed946355059c5496e00bf9afc Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone Show response wholedailyjournal.com/	798 B 986 B	91ms 90ms	Fetch application/json	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=6292835&ymid=722897048210510198&var_3=&var_4=&dsig=&tg=1&action=settings Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=722897048210510198&var=6292835&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d14e7c4a639e6bcb5ac2bfd4f80d254166dd182e62610dabe434ecd0d35e7ca Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:47 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id 27c55c88c3c8718bd6d1bbbc0758277c server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSdkT%2BmOhN5zdjPX2OPy4f%2BE09PYXVgTMknLlpixnh%2FU2BS4JNK1gR2dPr5gUKeP0%2FFMH3jWcaTr2X%2BkFeP1ziO0qe%2FolH7CxQGf2tkn6P4s9PKDSklADmhfo60ORNk65kfO7ezlxUM%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 801e5924096824e0-LHR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	Primary Request bAxqvF1d45pWHW4v5AoorosX Show response bnr.hyperadsdesign.com/get/	2 KB 2 KB	656ms 171ms	Document text/html	52.73.194.70 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.194.70 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-194-70.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash 37b09006da306439b8dfaef3b1194bb3bff21e0851adcc7dc7df2f4bb653d8a1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-length 1681 content-type text/html date Tue, 05 Sep 2023 12:06:48 GMT server awselb/2.0
POST H3	200	cat.php wholedailyjournal.com/	0 766 B	77ms 77ms	Ping text/plain	172.64.160.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/cat.php?userId=20c7e9b8b1f756dfa71e7458eef502a9&zoneid=4662728&rb=OP-rXJ6dv3BBNkGFbjN3En9JYwllVtm3ElJSKkamrXg6HvsjmQFZsjkoFMOplDbXuJwMqau4Ar3c9tr3OeWFUEtv-_WdljsAsNu4ouSmP77aD6XVYnh8pbr4sZeamz4bewBtmmVZC3KqBr2H0HODo5IduORNAoVT2HLpuMDCrHeR7n1pVbExQtTJ4VYKeHrb46E2ydaIoOCiEnHauGr51ZxYcZ0OyyrudBJhCdZLZdvnEjkp5ZzJf8zdqtRMsIzozr8xccj-gfFcRoblaF33Sm4c-ZZnOB9MB3cMLuUYYQypTxij8bQUFMT_7HD6Eo5Tecj6wNTS5NaGocDwsfy9XJ-thG3Zz8wXAhiz2jY79BFTxL-hq5GMIJN1EcCU7hvEoCKLTzfzzirY5aKqvHF7UfP7EFCm577YxGDyTUG9MmKsQlfzCzODzZqqKE-B5RabdmImnH0Zj5bwJLBPZijdd5gnYdUEiD1FPxNgxbYc8Rl380a89JTENgjBeUU=&var=6292835&var3=722897048210510198&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.160.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://wholedailyjournal.com/?s=722897048210510198&ssk=dd0c403c3c3007c05dd44260a4726ea5&svar=1693915606&z=6292835&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 05 Sep 2023 12:06:48 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 x-trace-id 4cae9625d96da39d0d1413e93e9c5c25 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAJqTwIu4zZx5TqfdqHJUG0YOdM88xbgUylt%2BGYHHK32za7bRZDkjFSL1e2NrIJLiPN4dM%2FoEzd3kb5DdSVz5ws0PnvUh70a36JwoRjvUqhdD%2BiSnMBmXfvsrHXCijrCEk670G67GHk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 801e59276fd324e0-LHR expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	a3d3afe7577cccb9cc96364e66bb813d.png d38dxwbthvbuvi.cloudfront.net/jcm-mm/	570 KB 571 KB	226ms 55ms	Image image/png	2600:9000:223d:4c00:c:cb59:380:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d38dxwbthvbuvi.cloudfront.net/jcm-mm/a3d3afe7577cccb9cc96364e66bb813d.png Requested by Host: bnr.hyperadsdesign.com URL: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4c00:c:cb59:380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5cfd3c225762e475b902bafa2569160aad910b0403721574f5d935eab86d9948 Request headers accept-language en-GB,en;q=0.9 Referer https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 08:10:04 GMT via 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront) last-modified Thu, 18 May 2023 14:36:18 GMT server AmazonS3 x-amz-cf-pop FRA56-P3 age 14214 x-amz-server-side-encryption AES256 etag "89b85ec4fb75ee6cae061ab7d536aa9f" vary Accept-Encoding x-cache Hit from cloudfront accept-ranges bytes content-length 583445 x-amz-cf-id l_-IowZtiSypF9JFF0hSGCWrRPvk5rIkxcmhqKsGvv-g0Vcj7tyDmQ==
GET H2	200	bAxqvF1d45pWHW4v5AoorosX Show response lnk.gameclickads.net/trk/ Frame E543	1 KB 2 KB	1019ms 283ms	Document text/html	18.193.21.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=116&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000250&country=GB&device=desktop&language=en&oaid=20c7e9b8b1f756dfa71e7458eef502a9&operatingSystem=windows&osVersion=win10&paid=722897053445005371&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.140+Safari%2F537.36&zoneId=4662728&c2=true&vpw=1600&vph=1200 Requested by Host: bnr.hyperadsdesign.com URL: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.21.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-21-196.eu-central-1.compute.amazonaws.com Software / Resource Hash 0735d72e03cf2cb977438c007416c69763a65f19924352881d041f6184bc60b4 Request headers Referer https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=116&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.140%20Safari/537.36&browser=chrome&zoneId=4662728&cost=0.000250&campaignId=7345864&paid=722897053445005371&subzone_id=0&oaid=20c7e9b8b1f756dfa71e7458eef502a9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-language en-GB content-type text/html;charset=UTF-8 date Tue, 05 Sep 2023 12:06:49 GMT
GET H2	200	c.js Show response lnk.gameclickads.net/js/ Frame E543	8 KB 8 KB	53ms 52ms	Script application/javascript	18.193.21.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.gameclickads.net/js/c.js Requested by Host: lnk.gameclickads.net URL: https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=116&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000250&country=GB&device=desktop&language=en&oaid=20c7e9b8b1f756dfa71e7458eef502a9&operatingSystem=windows&osVersion=win10&paid=722897053445005371&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.140+Safari%2F537.36&zoneId=4662728&c2=true&vpw=1600&vph=1200 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.21.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-21-196.eu-central-1.compute.amazonaws.com Software / Resource Hash e762d6ca1ddd7dab2fa0db7702efdbd3bc10e6f7f3be7b0f8818d45d5bcb96d7 Request headers accept-language en-GB,en;q=0.9 Referer https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=116&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000250&country=GB&device=desktop&language=en&oaid=20c7e9b8b1f756dfa71e7458eef502a9&operatingSystem=windows&osVersion=win10&paid=722897053445005371&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.140+Safari%2F537.36&zoneId=4662728&c2=true&vpw=1600&vph=1200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 12:06:49 GMT last-modified Thu, 02 Mar 2023 20:32:50 GMT accept-ranges bytes content-length 7804 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript
GET H2	200	/ Show response lnk.gameclickads.net/ Frame 8361	833 B 944 B	47ms 46ms	Document text/html	18.193.21.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.gameclickads.net/?bt=lnk.addatarevenue.com&ref=&friend=&u=r.secprf.com%252Fv1%252Fredirect%253Ftype%253DlinkId%2526id%253Df71552f3d4624d27b4fcc15639cac318%2526api_key%253D98341c9fbb624095eb1df1d5dfe69d45%2526site_id%253Dafa4f178d8554681b6bf3ab6124ce1de%2526dch%253Dfeed%2526ad_t%253Dadvertiser%2526yk_tag%253D64f719d94ad48c43e39faf0d-RL-373838&log=false&type=ROTATOR_LINK&linkId=373838&clickId=64f719d94ad48c43e39faf0d&br=true Requested by Host: lnk.gameclickads.net URL: https://lnk.gameclickads.net/js/c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.21.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-21-196.eu-central-1.compute.amazonaws.com Software / Resource Hash 2b43b403519ba5d66d2771055e480dc139fa71c51db00a2fc1c2f85ffd9c9125 Request headers Referer https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=116&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000250&country=GB&device=desktop&language=en&oaid=20c7e9b8b1f756dfa71e7458eef502a9&operatingSystem=windows&osVersion=win10&paid=722897053445005371&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.140+Safari%2F537.36&zoneId=4662728&c2=true&vpw=1600&vph=1200 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-language en-GB content-type text/html;charset=UTF-8 date Tue, 05 Sep 2023 12:06:49 GMT referrer-policy no-referrer
GET H2	200	collect Show response www.google-analytics.com/ Frame E543	35 B 299 B	148ms 45ms	XHR image/gif	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect?v=1&tid=UA-65760897-1&t=pageview&ds=web&aip=1&cs=AWIN&cm=143466&cn=Sub%2BNetworks&cc=%28not+set%29&dh=www.crunch.co.uk&dp=%2F&dt=Online+Accountants+-+Unlimited+Expert+Advice+%26+Service+%7C+Crunch&dr=&vp=1600x1200&sr=1600x1200&je=0&ul=en-US&cid=1195910500.1338069684 Requested by Host: lnk.gameclickads.net URL: https://lnk.gameclickads.net/js/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://lnk.gameclickads.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 10:28:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 5874 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect Show response www.google-analytics.com/ Frame E543	35 B 91 B	149ms 47ms	XHR image/gif	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect?cs=Ad+Data+Revenue&cc=373838&ck=42229&cm=YieldKit&cn=CRUNCH&tid=UA-207009773-1&v=1&t=pageview&ds=web&aip=1&dh=www.crunch.co.uk&dp=%2F&dt=Online+Accountants+-+Unlimited+Expert+Advice+%26+Service+%7C+Crunch&dr=&vp=1600x1200&sr=1600x1200&je=0&ul=en-US&cid=1962597040.1704272069 Requested by Host: lnk.gameclickads.net URL: https://lnk.gameclickads.net/js/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://lnk.gameclickads.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 10:28:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 5874 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET		/ www.crunch.co.uk/ Frame 8361 Redirect Chain https://r.secprf.com/v1/redirect?type=linkId&id=f71552f3d4624d27b4fcc15639cac318&api_key=98341c9fbb624095eb1df1d5dfe69d45&site_id=afa4f178d8554681b6bf3ab6124ce1de&dch=feed&ad_t=advertiser&yk_tag=64... https://r.secprf.com/v2/go?t=kt.pc%3Ah%2Fnwr..wwnF.%25o2%2FAw%25ltch.phm%3Fcie%3Dn1v5r%26tdd1a3w6w%261lecpref1wcw2a6datfr6v1n6e5c8m8c1i4kfe-21v83e4b011e8c9975447682a63581596344901060f05%3Ddccaiek1e... https://www.awin1.com/awclick.php?mid=21258&id=143466&clickref=www.addatarevenue.com&clickref2=v030400014839971457682a63485596c4e911b6ef851d&clickref3=afa4f178d8554681b6bf3ab6124ce1de&awcr=v0304000... https://www.crunch.co.uk/?utm_source=AWIN&utm_medium=143466&utm_campaign=Sub+Networks&awcr=v030400014839971457682a63485596c4e911b6ef851d-afa4f178d8554681b6bf3ab6124ce1de&awc=21258_1693915610_d4728c...	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.crunch.co.uk

URL

https://www.crunch.co.uk/?utm_source=AWIN&utm_medium=143466&utm_campaign=Sub+Networks&awcr=v030400014839971457682a63485596c4e911b6ef851d-afa4f178d8554681b6bf3ab6124ce1de&awc=21258_1693915610_d4728cfd11913d691ec33a9c7bb6ba55

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| vph number| vpw object| jcc

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			grunoaph.net/	1970-01-20 23:17:31	Name: OAID Value: 721f0e8f4eed41b5a57a292052007792
			grunoaph.net/	1970-01-20 23:17:31	Name: oaidts Value: 1693915606
			my.rtmark.net/	1970-01-20 23:17:31	Name: ID Value: 721f0e8f4eed41b5a57a292052007792
			wholedailyjournal.com/	1970-01-20 23:17:31	Name: oaidts Value: 1693915607
			wholedailyjournal.com/	1970-01-21 00:07:55	Name: syncedCookie Value: true
			wholedailyjournal.com/	1970-01-20 23:17:31	Name: OAID Value: 20c7e9b8b1f756dfa71e7458eef502a9
			wholedailyjournal.com/	1970-01-20 14:31:55	Name: prefetchAd_4662728 Value: true
			wholedailyjournal.com/	1970-01-20 14:31:59	Name: reverse Value: md64kquZXdOYpbKnqU0QvM7CZfi_-6d15gBK7c-qc9Q
			.lnk.gameclickads.net/	1970-01-20 23:17:31	Name: v Value: t
			.lnk.gameclickads.net/	1970-01-20 23:17:31	Name: cas Value: 3833:2073:2073:1
			.lnk.gameclickads.net/	1970-01-20 23:17:31	Name: rls Value: 373838:2073:2073:1
			.lnk.gameclickads.net/	1970-01-20 23:17:31	Name: com Value: 13335:141:GB:2073:2073:1
			.awin1.com/	1970-01-20 15:15:07	Name: aw21258 Value: 143466|0|0|1693915610|v030400014839971457682a63485596c4e911b6ef851d-afa4f178d8554681b6bf3ab6124ce1de|aw|0
			.awin1.com/	1970-01-20 23:17:31	Name: bId Value: HLEX_64f719da9ab628.92277912

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnr.hyperadsdesign.com
d38dxwbthvbuvi.cloudfront.net
grunoaph.net
lnk.gameclickads.net
my.rtmark.net
wholedailyjournal.com
www.crunch.co.uk
www.google-analytics.com
www.crunch.co.uk
139.45.195.8
139.45.197.238
172.64.160.19
18.193.21.196
2600:9000:223d:4c00:c:cb59:380:21
2a00:1450:4001:831::200e
52.73.194.70
0735d72e03cf2cb977438c007416c69763a65f19924352881d041f6184bc60b4
1c978ba1841fdfa0edbaca7bcc1694582aa72cd85e890c3d76f71263da580868
1dbe75b22b10f7ec26373f3964aa7e7aa7f93b3e6eb0b5c94884145f8c532f97
28fd3a06cc1d4d8eef9ddac4ade4b432138373839f5e50097ef60566fba16edf
2b43b403519ba5d66d2771055e480dc139fa71c51db00a2fc1c2f85ffd9c9125
37b09006da306439b8dfaef3b1194bb3bff21e0851adcc7dc7df2f4bb653d8a1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
57ed110de18389b5342f5a76f2998969b2428b5faaaf36d4a809eff242a00006
5cfd3c225762e475b902bafa2569160aad910b0403721574f5d935eab86d9948
7d14e7c4a639e6bcb5ac2bfd4f80d254166dd182e62610dabe434ecd0d35e7ca
81bd27cb34884ebdc676273aa1a6205fd1b5bfbed946355059c5496e00bf9afc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049
b09ba30037df6da8e03104a627985c5c4efa3f71a21e3c8c5e9c00aa23f39126
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e762d6ca1ddd7dab2fa0db7702efdbd3bc10e6f7f3be7b0f8818d45d5bcb96d7