mywallpaper.co Open in urlscan Pro
99.86.4.34  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ak.itponytaa.com/4/5434422?var\=4724913 Page URL
2. https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
3. https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
4. https://topsolutions.rdtk.io/64fb0d22f5d4a2000190e7cf?sub1=4662728&sub2=7461763&sub3={creativeId}&sub4=19075016&sub5=windows&sub6=DE&sub7=19075016&sub8=keyweb%20ag&sub9=desktop&sub10=broadband&ref_id=731051125025022253&cost=0.000145&oaid=e7004deee34c800fdd07886ae384c028 Page URL
5. https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	5434422 Show response ak.itponytaa.com/4/	6 KB 4 KB	260ms 60ms	Document text/html	95.101.54.122 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ak.itponytaa.com/4/5434422?var\=4724913 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.122 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-122.deploy.static.akamaitechnologies.com Software / Resource Hash e09c4235a02afe23c6bd15374e47ba040327e0f4da198f018f3c750842d29b44 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * * access-control-max-age 86400 cache-control max-age=0, no-cache, no-store content-encoding gzip content-length 2681 content-type text/html; charset=utf8 date Thu, 28 Sep 2023 00:08:09 GMT expires Thu, 28 Sep 2023 00:08:09 GMT link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://wholedailyjournal.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" pragma no-cache server-timing cdn-cache; desc=MISS edge; dur=7 origin; dur=5 ak_p; desc="1695859689197_1600468598_591304555_1217_669_44_97_255";dur=1 timing-allow-origin * vary Accept-Encoding x-akamai-transformed 9 711 0 pmb=mRUM,1 x-trace-id a6244c33cfbe9aa2ba0f9044d0884016
GET H2	200	6WL56-FSD2M-ZCAVG-BJ5B7-474ZA s.go-mpulse.net/boomerang/	205 KB 49 KB	100ms 23ms	Script application/javascript	2a02:26f0:480:980::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/6WL56-FSD2M-ZCAVG-BJ5B7-474ZA Requested by Host: ak.itponytaa.com URL: https://ak.itponytaa.com/4/5434422?var\=4724913 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:980::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br customappheader mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite last-modified Mon, 11 Sep 2023 23:39:08 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 50393
POST H2	200	img.gif my.rtmark.net/	43 B 508 B	149ms 42ms	Ping image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/img.gif?f=merge&userId=ba22078f72e5416687583338f7785219 Requested by Host: ak.itponytaa.com URL: https://ak.itponytaa.com/4/5434422?var\=4724913 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin https://ak.itponytaa.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	/ Show response wholedailyjournal.com/	40 KB 13 KB	158ms 73ms	Document text/html	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Requested by Host: ak.itponytaa.com URL: https://ak.itponytaa.com/4/5434422?var\=4724913 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash a0a4229c3be41e7daceccb1d90b3b97919ea54cfe1210de51d3dc31ee025b3f5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80d7c01319ce1901-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 28 Sep 2023 00:08:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef9OkjZD2Htr6Daot9mK3fwhz86xVrBvu7m7%2BWTY7Rlzs3Mh0iSJ8PBwxBL%2FKLR8UOTPYxCRobB%2BePcTTpnPIT77H4PrlPa8ePlY2YMhfr8WJp40OiQhqFZAKAuCsIGHlj24QEirNbc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	gid.js Show response my.rtmark.net/	65 B 548 B	41ms 41ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=e7004deee34c800fdd07886ae384c028 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9937b5a2fef291fca2440b11884a4620fdc5d7fcd6b59dcbea0a06bf6c48ddeb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	micro.tag.min.js Show response wholedailyjournal.com/pfe/current/	26 KB 10 KB	49ms 49ms	Script application/javascript	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0902f69ebed38e29e2de16ad44c314d1510fc88b2187dee42c506aae7b67aec3 Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status MISS last-modified Mon, 18 Sep 2023 12:11:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65083e7c-68a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEeayYgpbo44HBB8OkdJd68IuUIkI0auRH8juEuyAcM%2F9Ub6vmf6KiJL7N4SrdBQuFiGZKiVCZzcAGTQM0nOXmDa9QXb0FZ1eszyvKtHOtyfodsJ%2B%2FJCUF36qptnJt28GKGxe3dM9J8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 80d7c013da6b1901-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response wholedailyjournal.com/19/4662728/	3 KB 2 KB	53ms 52ms	XHR application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=5434422&var3=731051120394506958&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565d743eb29c7848404296f7a7d6f6fd9ecb1f179331bb7b0a47c89cd466a82c Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 4da84e10b956c97c547bbfbd4a765047 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E57TfnbfYWpenjYtp7RyMVzAycOIkUS59X0PTSe%2B363ikQx7tBj1kxnyCTLvoUPlS%2FUo3YCOm0r5hKxcTM9HZDGuvxSNsuKEDlBvOvCorFpxm%2BCUMDoPe7lQwW%2FsookD2%2BL%2B7ztOwzw%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 80d7c013ea721901-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
POST H2	200	/ Show response wholedailyjournal.com/	2 B 419 B	62ms 62ms	XHR application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaKj1lB7NVVmacJNBPGi%2FvvfXSTJY%2FF27ePV522IUC9vEbvEjfmvTxSJBfX%2BsK1uJufCqvb1Tf81jZRMVvPeJwoiI6RW5oHOgGWEhHgIyW%2BCn6x9CQFeQuqKQA%2BJ6b9fgfs3Sgs286E%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 80d7c013ea761901-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H3	200	4662709 wholedailyjournal.com/sw-check-permissions/	0 952 B	48ms 48ms	Other application/javascript	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/sw-check-permissions/4662709?var=5434422&ymid=731051120394506958&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.27 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.27 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDeRqDxWl3PQy2ltDSLrG4K5qkHqk4cgWrjwSIOClKE5EQW0sHLdhUCG5DUL4zyItzfmvjOLcglmTGLCj92oMit7M1ka5dw0wY8vCLL5bG1Ws5F7R6RoxYyc6P0ssSED%2F1CTUiJAiA0%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 80d7c0145d174d38-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	zone wholedailyjournal.com/	0 534 B	38ms 38ms	Ping text/plain	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=5434422&ymid=731051120394506958&var_3=&var_4=&dsig=&tg=1&action=prerequest Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-trace-id adb56c097f7262534a4ff698422558d9 date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojPufhy1Zo0lmLh%2BvvFaYEweJNFrD2Y8ahFkOZlfiElFOvT6fc%2FSuTXYlJwXqOzXg1Ws00aIfj3rq%2BJviPrv2%2FllmI8l%2FwF3kM%2BjkbrFfFZU2Zik%2FuY6wtkmfywKYXR5h5h8DfVRhF0%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com access-control-allow-credentials true cf-ray 80d7c0145d194d38-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	rhd wholedailyjournal.com/	3 KB 3 KB	51ms 50ms	Fetch application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/rhd?rb=1Qt6VCB-1cRWZHciFsZyLqGp88HSfJsXeQ8s5hhExsw-1OaFluVA4Ggzl3MJXVQ9jaB7J9inZI38meLOi63jSh21fH2fMOm9AyR5C24bKnR-yM3Aj07Zb6YvBbjvORtThFXfyEH8gxvxA6TLkuy2aalZ7TVVfRF8VGNkPESWpaAErLiPy8nR9TDv3VsVQ0yA2x6tooRVXswlw53ACKKK_BKQNIqSHHHoY_Sq0FNW6uYpE4fuP8Qu9Rb48k2k0S_Bx3KqhFCUWdeP2VqAJj07QVQemYn60GIcFjQWCeddNF5-4sgq1teN83c5OCSMUaq3chSWnAsgDyg6DfcupnDHU1X909xYbV2JkIu3-4wqabDpc8eNgvo191KwFnm0vw06kDE1YmE8zVB5QXWYz0C-lMdlbUysteDv80Hdo-0nN5ol9jepkndCTC-xZqAIO3EKIitbOQ_wKcXxJVaGFg9Z8WpKRlKgPcPaGB061CUWQ1-JJ7YV&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D731051120394506958%26ssk%3D9c69f625f53543ab0562f83d20f612d3%26svar%3D1695859689%26z%3D5434422%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5434422&var3=731051120394506958&ymid=&rhd=1&m=link Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id a185ed93391df147973349526277d061 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwKvwSKRcJYEa9rfPrlks50nxlEWjT7uFROjuLTlvpS4tdrJfS4Wf84FoLtBvxOrs%2BptUY4etWkhX%2BhGBCNONzyO8c4h9Z6EzV26f9Iz3%2B2DaWIIrECjvp4XwquM8zlD%2BKTTAyaXWdE%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 80d7c0147d294d38-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 548 B	43ms 43ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=731051120394506958&var=5434422 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9937b5a2fef291fca2440b11884a4620fdc5d7fcd6b59dcbea0a06bf6c48ddeb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone Show response wholedailyjournal.com/	798 B 977 B	35ms 34ms	Fetch application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=5434422&ymid=731051120394506958&var_3=&var_4=&dsig=&tg=1&action=settings Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c2c05d81956475bc175cc0a672fd4a11fd7d71d2dbba279243768751afad46b Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id 2313430ed2cbf105cd8e3c183b9caf15 server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UTKcoy6%2BskEVxkcqF8btN6JOQAjd5J5rt0Qj2eMRLp0sq478qARBDAaFgtdkLznDB9VmpcjU%2B687tgd10uVJE3eepEPRYuyo7ACHbHcbGSa1F4Pd00qse3uRnIX5odfzrh9G5TehGw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 80d7c0147d2d4d38-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H3	200	/ Show response wholedailyjournal.com/	40 KB 13 KB	82ms 81ms	Document text/html	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 1ea4dad98133d86d6711297848f9bdc902414e48b3dc88527958a1c8f35d4459 Request headers Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80d7c014cd5d4d38-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 28 Sep 2023 00:08:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cA1XAIWsDK7YVRxZprVM17v33UEVLNhDPA%2BiSypZeqIZESQIbnDgiAzMmHXH771BlmF13cyYfv1ZbOf5NcKEQm8R7Dh6haGcZpOdBdgBoJYAVc2YXtd2BjG3%2F7PpRMUoiiQUL2ED8sM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H3	200	micro.tag.min.js Show response wholedailyjournal.com/pfe/current/	26 KB 11 KB	50ms 50ms	Script application/javascript	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0902f69ebed38e29e2de16ad44c314d1510fc88b2187dee42c506aae7b67aec3 Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status MISS last-modified Mon, 18 Sep 2023 12:11:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65083e7c-68a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cppWknxEcKwjJrKYBM8Kp34VOW9TwdIIK%2Ful8NmgtTt%2Fw2rkrNZTDGN1xQJk4ESoIN8%2FcxqEQDPUw%2FvE6U61BPGguk26QO%2FWbN3FM7qVb3GWJrkRtWoisrjd7%2FXxtYv8tSQEsNazWNY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 80d7c0157dc94d38-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	/ Show response wholedailyjournal.com/19/4662728/	3 KB 3 KB	38ms 38ms	XHR application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/19/4662728/?abt_opts=1&var=5434422&var3=731051120394506958&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6906928ca828c78ab98fe747b2fe20e1c208bce45d791df4be162ed13de5c12e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 186adddcf2dc3678ce6829dfaad70614 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wr5SUYXe0IigTinHNGF7jamWceyfuafSKR9wgxMxUvxkhkLrw71TovVa4%2F1fpr0p5z1E3Ury8PsSsRp9j%2BWH8ZnH5eQO5gkJfz0L%2FCPNUZenizeZlM2GzBsVIEpU3fxH8bGy%2FQV19WM%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 80d7c0157dce4d38-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
POST H3	200	/ Show response wholedailyjournal.com/	2 B 534 B	42ms 41ms	XHR application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy6SUOysv%2FXbU0N8ydFIibsJfhO8ZAqIaHnq2Ds2W7ns7lkqoYDVyNIgXczvFC%2BsRRI0hNf49mNvX2ZIdUnNvCGWCNkqZngXSfepikj5ZjsrzjK2F9k9F3reAJ0131O9RgOL%2FIWonKk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 80d7c0158dcf4d38-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H3	200	rhd Show response wholedailyjournal.com/	3 KB 3 KB	59ms 58ms	Fetch application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/rhd?rb=DWKRrnOhQfGFxDo0f5hEuTuO6NaTcCrox0E0W-WMzeutsQiXvO0d_SUWHv1Zr77nmNJWxpSLL_cBkafCA8dQ5qMZZyvA1bYb26dTSzelPhrqDkH-CeJN0WqHjYZJR8F687F2xhY_xV5N9ySy4CMV4CpffQwA2npY54L77ZE4GvW8u_MESEP_AjovAlhOmlw6IexTYDMGJ6FQi1YzaqjZh0HWOSZ_0zyL9u_xq8FYIQAjS2miE0X3PM1xsZreQHpICiTkwpIuhyUlolfzBA1OBtFOaie61t2NySKIPUaKETdlSqB4rj7hn6B0GQH-Oxbx4XJo8vjZoyFww_jY_Jsi1Te0fVnkVkzexboDHScfsxgt0JB9mOyeJdkVfXEc-PaglGblGUl6csbVS-KVN4EQpsZauCm7HdniXRq2VvoMx_0c4Lgea0h3ysuNQlo9QvAsIVAf2I3bGKTdbMQRaC618vqHmTtelBjJ3OKlXJcHr63HR0XLVhvRncwqmMQ%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D731051120394506958%26ssk%3D9c69f625f53543ab0562f83d20f612d3%26svar%3D1695859689%26z%3D5434422%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fwholedailyjournal.com%2F%3Fs%3D731051120394506958%26ssk%3D9c69f625f53543ab0562f83d20f612d3%26svar%3D1695859689%26z%3D5434422%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5434422&var3=731051120394506958&ymid=&rhd=1&m=link Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e275b6e76ec14205f9afbce5d35b92282acc78be58212fbdf3c15bae1d9bbf1a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id d016c59298492ef37540b32efed70248 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0RnQUsWC6589gMSatDm9JofwcfUCdfzzvLSJCJbZdLdqyMhK1eJsG5u6qAKBymQmk5OpdRj79CHN80eVdPK5WqsPBsH%2FXTh0iyIvlmAo4L7DiJl0T1KcUTd10a2vKSQhIKLU%2BDUnPg%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 80d7c015ee224d38-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
GET H3	200	4662709 wholedailyjournal.com/sw-check-permissions/	0 955 B	54ms 53ms	Other application/javascript	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/sw-check-permissions/4662709?var=5434422&ymid=731051120394506958&uhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMVsOPheNbqTMpJhk36fA0lkvQC06V3st0zUAIUtR2sdPSHj15IG%2Be6QcwojvPtBQV3qCJaFqRtx12aNj%2Fj3wObWoT8egwpLYLeoVcNR%2FCoiCkaiI63GKnJ4Zx9JqSGJaR7V0Uvc%2Fqo%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 80d7c015fe4a4d38-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	zone wholedailyjournal.com/	0 492 B	41ms 40ms	Ping text/plain	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=5434422&ymid=731051120394506958&var_3=&var_4=&dsig=&tg=1&action=prerequest Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-trace-id 1bb7a60ea7293b7adeb387a55137d5c1 date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KyRBj26ZnkSdT02aan4fCQGG%2BBrE%2F7sXmuec03z3hI4bvyMrAjbzPWUHb%2FIrc4txATm1YrRwrtwqyScabU6P93GyuMQ9j5P7WGn5SIQDhNEauIwJgmoEBKICFone%2Frl81mQF1xUbfg%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com access-control-allow-credentials true cf-ray 80d7c015fe4e4d38-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	gid.js Show response my.rtmark.net/	65 B 548 B	46ms 45ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=731051120394506958&var=5434422 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9937b5a2fef291fca2440b11884a4620fdc5d7fcd6b59dcbea0a06bf6c48ddeb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wholedailyjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone Show response wholedailyjournal.com/	798 B 981 B	44ms 44ms	Fetch application/json	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholedailyjournal.com&var=5434422&ymid=731051120394506958&var_3=&var_4=&dsig=&tg=1&action=settings Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=731051120394506958&var=5434422&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c2c05d81956475bc175cc0a672fd4a11fd7d71d2dbba279243768751afad46b Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:08:09 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id 68670a3da38e5afe46994c209a874dcc server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cmv%2FY0bb7V%2BRyfMMf0qGrGA11yZwEjJ53djGUWHB35CuBXQCH1ZQnByB7eiow9xTfyPeVbk7mKr1lJtVT5au4099VhQL7SCSDiCtR%2BwvqRv0hiAJkzAppuY7Qj3K1alCOshNWKETQr4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 80d7c0160e5b4d38-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	64fb0d22f5d4a2000190e7cf topsolutions.rdtk.io/	244 B 1 KB	227ms 64ms	Document text/html	37.48.87.182 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://topsolutions.rdtk.io/64fb0d22f5d4a2000190e7cf?sub1=4662728&sub2=7461763&sub3={creativeId}&sub4=19075016&sub5=windows&sub6=DE&sub7=19075016&sub8=keyweb%20ag&sub9=desktop&sub10=broadband&ref_id=731051125025022253&cost=0.000145&oaid=e7004deee34c800fdd07886ae384c028 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 37.48.87.182 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.20.2 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Content-Length 244 Content-Type text/html; charset=utf-8 Date Thu, 28 Sep 2023 00:08:10 GMT Server nginx/1.20.2
POST H3	200	cat.php wholedailyjournal.com/	0 763 B	53ms 51ms	Ping text/plain	172.64.200.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wholedailyjournal.com/cat.php?userId=e7004deee34c800fdd07886ae384c028&zoneid=4662728&rb=DWKRrnOhQfGFxDo0f5hEuTuO6NaTcCrox0E0W-WMzeutsQiXvO0d_SUWHv1Zr77nmNJWxpSLL_cBkafCA8dQ5qMZZyvA1bYb26dTSzelPhrqDkH-CeJN0WqHjYZJR8F687F2xhY_xV5N9ySy4CMV4CpffQwA2npY54L77ZE4GvW8u_MESEP_AjovAlhOmlw6IexTYDMGJ6FQi1YzaqjZh0HWOSZ_0zyL9u_xq8FYIQAjS2miE0X3PM1xsZreQHpICiTkwpIuhyUlolfzBA1OBtFOaie61t2NySKIPUaKETdlSqB4rj7hn6B0GQH-Oxbx4XJo8vjZoyFww_jY_Jsi1Te0fVnkVkzexboDHScfsxgt0JB9mOyeJdkVfXEc-PaglGblGUl6csbVS-KVN4EQpsZauCm7HdniXRq2VvoMx_0c4Lgea0h3ysuNQlo9QvAsIVAf2I3bGKTdbMQRaC618vqHmTtelBjJ3OKlXJcHr63HR0XLVhvRncwqmMQ=&var=5434422&var3=731051120394506958&ymid=&rhd=1 Requested by Host: wholedailyjournal.com URL: https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.200.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://wholedailyjournal.com/?s=731051120394506958&ssk=9c69f625f53543ab0562f83d20f612d3&svar=1695859689&z=5434422&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 28 Sep 2023 00:08:10 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 x-trace-id 521e613c0bfbb57aa338cc228dec6d74 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVStRjJJ%2B4eIcyYcxR17kGiJzmhcxItS9q6CFgoLaJvqYqji1rvrsHCfmrbVRoaqwsmVxATLwvmRr8GUYGoV30ds00Ov5LvnPL8HfTKPb%2FmCCabPDzpODKVOvtvpQhR8W2gbWSbbMkk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://wholedailyjournal.com cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 80d7c01988734d38-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	Primary Request lander-2.php Show response mywallpaper.co/	6 KB 2 KB	303ms 208ms	Document text/html	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Requested by Host: topsolutions.rdtk.io URL: https://topsolutions.rdtk.io/64fb0d22f5d4a2000190e7cf?sub1=4662728&sub2=7461763&sub3={creativeId}&sub4=19075016&sub5=windows&sub6=DE&sub7=19075016&sub8=keyweb%20ag&sub9=desktop&sub10=broadband&ref_id=731051125025022253&cost=0.000145&oaid=e7004deee34c800fdd07886ae384c028 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40 Resource Hash ec50a51d6492e629b6466f4ccf3eb5e7ae8b02612125864662c753725f380f1a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1975 content-type text/html; charset=UTF-8 date Thu, 28 Sep 2023 00:08:10 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 vary Accept-Encoding,User-Agent via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) x-amz-cf-id C_bw077qBNJzYPirekmoPMwtnSEoAukkfBQ2oiGoRMmSDo3F-W2LDg== x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront x-powered-by PHP/5.6.40
GET H2	200	bootstrap-theme.min.css mywallpaper.co/css/	23 KB 3 KB	31ms 30ms	Stylesheet text/css	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywallpaper.co/css/bootstrap-theme.min.css Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 13:22:52 GMT content-encoding gzip via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1248318 x-cache Hit from cloudfront content-length 2776 last-modified Fri, 01 Sep 2023 08:26:32 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 etag "5b71-60447eafe7e00-gzip" vary Accept-Encoding content-type text/css cache-control max-age=2592000 accept-ranges bytes x-amz-cf-id mqqHL182feOK-0u132cOPOaLZJ9puN-mzOoiBf9KOY2lrtJ7GubnTw== expires Fri, 13 Oct 2023 13:22:52 GMT
GET H2	200	lander-2.css mywallpaper.co/css/	6 KB 2 KB	29ms 29ms	Stylesheet text/css	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywallpaper.co/css/lander-2.css Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 493cc5e72efe3e35a1ff5fb13523003d31b3a6edbbfeb8232cd2f95b6efab891 Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 13:50:48 GMT content-encoding gzip via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1246643 x-cache Hit from cloudfront content-length 1538 last-modified Tue, 05 Sep 2023 05:47:53 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 etag "1640-604962afb9440-gzip" vary Accept-Encoding content-type text/css cache-control max-age=2592000 accept-ranges bytes x-amz-cf-id _O94kRGDyqckL9f4ZIBdyAhOrk4Feiz1NR3p5aAm7rdIDWzsifexPw== expires Fri, 13 Oct 2023 13:50:48 GMT
GET H2	200	logo-min.jpg mywallpaper.co/img/	27 KB 27 KB	34ms 32ms	Image image/jpeg	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mywallpaper.co/img/logo-min.jpg Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 8c67c4d00bb478ed65163040fd8ec48cfa30fe8bf5861954735b4ad5a3d0ef46 Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 03 Sep 2023 08:42:01 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) last-modified Fri, 13 Apr 2018 05:41:57 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 x-amz-cf-pop FRA6-C1 age 2129170 etag "6ac5-569b4548b5340" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 27333 x-amz-cf-id axJEe37bz2rVzerEpbWK6yL5efdTTlqpFAgHfa-nNmaBZDar3DboaA== expires Mon, 02 Sep 2024 08:42:01 GMT
GET H2	200	1.png mywallpaper.co/img/	2 KB 3 KB	27ms 26ms	Image image/png	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mywallpaper.co/img/1.png Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 30650f5efc8f62761619ff8b102c10acfcc4a1b584405445c2bceae9a56ebeaa Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 13:50:48 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) last-modified Fri, 01 Sep 2023 08:26:40 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 x-amz-cf-pop FRA6-C1 age 1246643 etag "959-60447eb789000" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 2393 x-amz-cf-id tWw3J11vt97KzZZ4ahssEmtwhfexbu97JaJtLSIJBkGi0rQnE6NUbA== expires Thu, 12 Sep 2024 13:50:48 GMT
GET H2	200	2.png mywallpaper.co/img/	1 KB 2 KB	28ms 27ms	Image image/png	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mywallpaper.co/img/2.png Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash be93866df22fcc1604a3c2ff965555b4689efa412f66be253201798127bf38f1 Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 13:50:48 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) last-modified Fri, 01 Sep 2023 08:26:40 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 x-amz-cf-pop FRA6-C1 age 1246643 etag "4fa-60447eb789000" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 1274 x-amz-cf-id rd7-TmUSEyFbUSoVROENMwzWcML2Ze5ufwV5kefYmdu_M8VorM_ZBw== expires Thu, 12 Sep 2024 13:50:48 GMT
GET H2	200	3.png mywallpaper.co/img/	4 KB 5 KB	29ms 28ms	Image image/png	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mywallpaper.co/img/3.png Requested by Host: mywallpaper.co URL: https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 270bd4cb7b1ecc402fab3996a97012a9e39b9c92b2d46b56a7ea7119c9ab9594 Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/lander-2.php?pid=shlm&clickid=6514c3ea2e2f310001635856 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 12 Sep 2023 23:05:06 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) last-modified Fri, 01 Sep 2023 08:26:40 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 x-amz-cf-pop FRA6-C1 age 1299785 etag "1094-60447eb789000" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 4244 x-amz-cf-id _zG0O9bckcBoURKzWh0sE2n2viGKmeZ0-D6jkzab-iCROgam_uTmkg== expires Wed, 11 Sep 2024 23:05:06 GMT
GET H2	200	homeBackgroud1.jpg mywallpaper.co/img/	171 KB 172 KB	29ms 28ms	Image image/jpeg	99.86.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mywallpaper.co/img/homeBackgroud1.jpg Requested by Host: mywallpaper.co URL: https://mywallpaper.co/css/lander-2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-34.fra6.r.cloudfront.net Software Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 6b341a8bf25bd3b5a90a1bba0ab96684db41bfb56f1c06ab51aa368fdc3ea49a Request headers accept-language de-DE,de;q=0.9 Referer https://mywallpaper.co/css/lander-2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 09:04:48 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) last-modified Fri, 29 Sep 2017 06:18:37 GMT server Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 x-amz-cf-pop FRA6-C1 age 1955003 etag "2ad18-55a4dfec72940" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 175384 x-amz-cf-id 7S33_l5DtSOUjdjkniRDCrWpKAGAvZE7QcYHEM3UtHnaa9eNh6rvsQ== expires Wed, 04 Sep 2024 09:04:48 GMT

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| clickid string| distributor_id object| d

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ak.itponytaa.com/	1970-01-20 23:49:55	Name: OAID Value: ba22078f72e5416687583338f7785219
			ak.itponytaa.com/	1970-01-20 23:49:55	Name: oaidts Value: 1695859689
			my.rtmark.net/	1970-01-20 23:49:55	Name: ID Value: ba22078f72e5416687583338f7785219
			wholedailyjournal.com/	1970-01-20 23:49:55	Name: oaidts Value: 1695859689
			wholedailyjournal.com/	1970-01-21 00:40:19	Name: syncedCookie Value: true
			wholedailyjournal.com/	1970-01-20 23:49:55	Name: OAID Value: e7004deee34c800fdd07886ae384c028
			wholedailyjournal.com/	1970-01-20 15:04:19	Name: prefetchAd_4662728 Value: true
			wholedailyjournal.com/	1970-01-20 15:04:23	Name: reverse Value: bim-hJAgTdN6AHW5ogYqX7Yz4S4dDoXSH5CFxvSYnDU
			.topsolutions.rdtk.io/	1970-01-20 15:05:46	Name: redcmps Value: W3siaWQiOiI2NGZiMGQyMmY1ZDRhMjAwMDE5MGU3Y2YiLCJ0IjoiMjAyMy0wOS0yOFQwMDowODoxMC42Njc5MTIzNjlaIn1d
			.topsolutions.rdtk.io/	1970-01-20 23:49:55	Name: redhash Value: NjUxNGMzZWEyZTJmMzEwMDAxNjM1ODU2fDB8NjRmYjBkMjJmNWQ0YTIwMDAxOTBlN2NmfHxhYjI5ZmQwOC05YWFmLTQwZDMtYWFjNy0zMjExYTIwZmQ2YTF8MTY5NTg1OTY5MA==
			mywallpaper.co/	1970-01-20 15:05:46	Name: sub_id_1 Value: 6514c3ea2e2f310001635856
			mywallpaper.co/	1970-01-20 15:05:46	Name: distributor_id Value: shlm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.itponytaa.com
my.rtmark.net
mywallpaper.co
s.go-mpulse.net
topsolutions.rdtk.io
wholedailyjournal.com
139.45.195.8
172.64.200.24
2a02:26f0:480:980::11a6
37.48.87.182
95.101.54.122
99.86.4.34
0902f69ebed38e29e2de16ad44c314d1510fc88b2187dee42c506aae7b67aec3
1ea4dad98133d86d6711297848f9bdc902414e48b3dc88527958a1c8f35d4459
270bd4cb7b1ecc402fab3996a97012a9e39b9c92b2d46b56a7ea7119c9ab9594
30650f5efc8f62761619ff8b102c10acfcc4a1b584405445c2bceae9a56ebeaa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493cc5e72efe3e35a1ff5fb13523003d31b3a6edbbfeb8232cd2f95b6efab891
565d743eb29c7848404296f7a7d6f6fd9ecb1f179331bb7b0a47c89cd466a82c
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
6906928ca828c78ab98fe747b2fe20e1c208bce45d791df4be162ed13de5c12e
6b341a8bf25bd3b5a90a1bba0ab96684db41bfb56f1c06ab51aa368fdc3ea49a
8c67c4d00bb478ed65163040fd8ec48cfa30fe8bf5861954735b4ad5a3d0ef46
9937b5a2fef291fca2440b11884a4620fdc5d7fcd6b59dcbea0a06bf6c48ddeb
9c2c05d81956475bc175cc0a672fd4a11fd7d71d2dbba279243768751afad46b
a0a4229c3be41e7daceccb1d90b3b97919ea54cfe1210de51d3dc31ee025b3f5
be93866df22fcc1604a3c2ff965555b4689efa412f66be253201798127bf38f1
e09c4235a02afe23c6bd15374e47ba040327e0f4da198f018f3c750842d29b44
e275b6e76ec14205f9afbce5d35b92282acc78be58212fbdf3c15bae1d9bbf1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec50a51d6492e629b6466f4ccf3eb5e7ae8b02612125864662c753725f380f1a