urlscan.io logo urlscan.io
SecurityTrails logo

app.partnerboost.com Open in urlscan Pro
47.243.241.30  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dukingdraon.com/4/6107119
Effective URL: https://app.partnerboost.com/track/a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhHg_c?url=https%3A%2F%...
Submission: On August 28 via manual from NG — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 26 HTTP transactions. The main IP is 47.243.241.30, located in and belongs to . The main domain is app.partnerboost.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on April 4th 2023. Valid for: a year.
This is the only time app.partnerboost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 139.45.197.242 9002 (RETN-AS)
1 20 172.64.133.20 13335 (CLOUDFLAR...)
3 139.45.195.8 9002 (RETN-AS)
1 1 3.69.133.112 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 198.11.181.248 45102 (ALIBABA-C...)
1 47.243.241.30 ()
26 6
1    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
dukingdraon.com
20    172.64.133.20 (United States)

ASN13335 (CLOUDFLARENET, US)
psaugourtauy.com
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    3.69.133.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-133-112.eu-central-1.compute.amazonaws.com
trackvol.com
1    2606:4700:3031::6815:18bc (United States)

ASN13335 (CLOUDFLARENET, US)
thetrendytales.ignitrona.live
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kootistrack.com
1    198.11.181.248 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
www.linkbux.com
1    47.243.241.30 (None, )

ASN- ()
app.partnerboost.com
Apex Domain
Subdomains		 Transfer
20 psaugourtauy.com
psaugourtauy.com — Cisco Umbrella Rank: 72523
71 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11867 Failed
2 KB
1 partnerboost.com
app.partnerboost.com
1 linkbux.com
www.linkbux.com — Cisco Umbrella Rank: 155652
820 B
1 kootistrack.com
kootistrack.com
565 B
1 ignitrona.live
thetrendytales.ignitrona.live
664 B
1 trackvol.com
trackvol.com — Cisco Umbrella Rank: 960080
691 B
1 dukingdraon.com
dukingdraon.com — Cisco Umbrella Rank: 366269
2 KB
26 8
Domain Requested by
20 psaugourtauy.com 1 redirects dukingdraon.com
psaugourtauy.com
3 my.rtmark.net dukingdraon.com
psaugourtauy.com
1 app.partnerboost.com www.linkbux.com
1 www.linkbux.com psaugourtauy.com
1 kootistrack.com 1 redirects
1 thetrendytales.ignitrona.live 1 redirects
1 trackvol.com 1 redirects
1 dukingdraon.com
26 8

This site contains no links.

Subject Issuer Validity Valid
psaugourtauy.com
E1		 2023-08-14 -
2023-11-12		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.linkbux.com
RapidSSL TLS RSA CA G1		 2023-07-26 -
2024-08-08		 a year crt.sh
*.partnerboost.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-04-04 -
2024-04-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.partnerboost.com/track/a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhHg_c?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66&uid=lb_o7dxvc&uid2=https%3A%2F%2Fthetrendytales.com%2F
Frame ID: 70BBDD0D7382B3DDA76A441F3F41587B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dukingdraon.com/4/6107119 Page URL
  2. https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z... Page URL
  3. https://psaugourtauy.com/cdn-cgi/phish-bypass?atok=9owZo1O7fcpYSLW2o_Yvt2sUOm5xlvPH7aNVYbcGlbE-169326... HTTP 301
    https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z... Page URL
  4. https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z... Page URL
  5. https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6107119&var3=720161760283468603&oaid=0133f8fb30c4... Page URL
  6. https://trackvol.com/84a864a4-df5b-4e49-9a1f-942f91c3dc19?zoneid=4662728&campaignid=7179899&carri... HTTP 302
    https://thetrendytales.ignitrona.live/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPS... HTTP 302
    https://kootistrack.com/link/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY... HTTP 302
    https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=... Page URL
  7. https://app.partnerboost.com/track/a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhH... Page URL

Page Statistics

26
Requests

92 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

75 kB
Transfer

177 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dukingdraon.com/4/6107119 Page URL
  2. https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  3. https://psaugourtauy.com/cdn-cgi/phish-bypass?atok=9owZo1O7fcpYSLW2o_Yvt2sUOm5xlvPH7aNVYbcGlbE-1693263463-0-%2F%3Fs%3D720161760283468603%26ssk%3D69f23a3756576bb5bcc585589f00b2f2%26svar%3D1693263463%26z%3D6107119%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb HTTP 301
    https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  4. https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
  5. https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6107119&var3=720161760283468603&oaid=0133f8fb30c418a79154700439e06664 Page URL
  6. https://trackvol.com/84a864a4-df5b-4e49-9a1f-942f91c3dc19?zoneid=4662728&campaignid=7179899&carrier=?&connection_type=broadband&isp=venus%20business%20communications%20limited&os=windows&ctrl_fetch_dest=ctrl_fetch_dest&ctrl_ts=ctrl_ts&ctrl_ab=ctrl_ab&ctrl_id=ctrl_id&cost=0.000250&visitor_id=720161786342683237 HTTP 302
    https://thetrendytales.ignitrona.live/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66 HTTP 302
    https://kootistrack.com/link/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66 HTTP 302
    https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66 Page URL
  7. https://app.partnerboost.com/track/a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhHg_c?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66&uid=lb_o7dxvc&uid2=https%3A%2F%2Fthetrendytales.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://psaugourtauy.com/cdn-cgi/phish-bypass?atok=9owZo1O7fcpYSLW2o_Yvt2sUOm5xlvPH7aNVYbcGlbE-1693263463-0-%2F%3Fs%3D720161760283468603%26ssk%3D69f23a3756576bb5bcc585589f00b2f2%26svar%3D1693263463%26z%3D6107119%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb HTTP 301
  • https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Request Chain 26
  • https://trackvol.com/84a864a4-df5b-4e49-9a1f-942f91c3dc19?zoneid=4662728&campaignid=7179899&carrier=?&connection_type=broadband&isp=venus%20business%20communications%20limited&os=windows&ctrl_fetch_dest=ctrl_fetch_dest&ctrl_ts=ctrl_ts&ctrl_ab=ctrl_ab&ctrl_id=ctrl_id&cost=0.000250&visitor_id=720161786342683237 HTTP 302
  • https://thetrendytales.ignitrona.live/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66 HTTP 302
  • https://kootistrack.com/link/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66 HTTP 302
  • https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
6107119
dukingdraon.com/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dukingdraon.com/4/6107119
Protocol
HTTP/1.1
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf8
Date
Mon, 28 Aug 2023 22:57:43 GMT
Expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
Pragma
no-cache no-cache
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
X-Trace-Id
2e94f5aca13c8e4900274598e948d79e
img.gif
my.rtmark.net/ 		0
0
/
psaugourtauy.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by
Host: dukingdraon.com
URL: http://dukingdraon.com/4/6107119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab07fa85a623b2f989795366f55e14ba518f86666507ae50aea24f1762364074
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
7fe027a58e897474-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 22:57:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfufP40tWzgVHdlWv4TPXipg8f3JsGaYDH5kMAU6WEOMOM8mLm0iOxkA3BPH1lHPskzt72Z9sUDOXE4oToSP5SlxJUDH5t8An9exWMY0z5NbZM90zfX6cuQjGSCM%2BOWWLK%2Fk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
psaugourtauy.com/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
server
cloudflare
etag
W/"64e60500-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7fe027a5deb47474-LHR
expires
Tue, 29 Aug 2023 00:57:43 GMT
icon-exclamation.png
psaugourtauy.com/cdn-cgi/images/ 		452 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://psaugourtauy.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
server
cloudflare
etag
"64e60500-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7fe027a628a123eb-LHR
content-length
452
expires
Tue, 29 Aug 2023 00:57:43 GMT
/
psaugourtauy.com/
Redirect Chain
  • https://psaugourtauy.com/cdn-cgi/phish-bypass?atok=9owZo1O7fcpYSLW2o_Yvt2sUOm5xlvPH7aNVYbcGlbE-1693263463-0-%2F%3Fs%3D720161760283468603%26ssk%3D69f23a3756576bb5bcc585589f00b2f2%26svar%3D1693263463...
  • https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
45a147056b59401cde900ade0c303c519024c5aed0a7f00ce34df08f3fe8f5f9

Request headers

Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe027c3cada23eb-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 22:57:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKVHHOjOUGb5x6elsiFBhJ2vUveTcqauMP56I6jImASMQwGEeT74QvbWjC24m09KmXhDxfgr4SNWnKpTO5mvxSAmXZOT5j3f07oDRQ5qx2r5w0sNptz7wuwvRQ6HPJKqb%2Feo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24

Redirect headers

cache-control
private, no-cache
cf-ray
7fe027c37a5323eb-LHR
content-length
167
content-type
text/html
date
Mon, 28 Aug 2023 22:57:48 GMT
location
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=0133f8fb30c418a79154700439e06664
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff7d38522c384b452fb87af049c31cb22ac038be45e97adfd2940b7d28beb101
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
psaugourtauy.com/pfe/current/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414af32e4b8883639a4d227bc7a9a9e6b42e1d22031dc4aaf81fff3c70d7488e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 23 Aug 2023 12:46:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e5ff9d-68c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHNJ9Ki59wQVjKmK9Z0ffpTIwyPI%2BLzcIHO6daxrn3EO7PdVQNrFXdZ4XlBXYY7arL9BuU4fS1g%2F6GWuRGM5DkVyP%2FZx%2Fpf%2B2q2nRjRtEqZQK7C%2B9YYKCc4witXIMhttA54%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7fe027c4abf823eb-LHR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
psaugourtauy.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6107119&var3=720161760283468603&ymid=&rhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf07a8fd03c4d91521aa1fd64bceec207cef6383e5bff25750765ef7ee27918e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
788c5f37731ab5901712b5d6841b55a0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIgdpV1gHxEaPEVimsisiPHp6nHo3SAyzXvaQpJE%2FUpoBISXEKdp0kWTXs7o91rdXsGiawpAq57fi1oPIRpZAcGp07LtDJF9iLE908CMIQBqUhmBo%2BfU6XIQEzjwKv0T42l3"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7fe027c4abfe23eb-LHR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
psaugourtauy.com/ 		2 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjilZp6RUO08Cl%2B%2Fj7l34gFpT%2Fh%2F%2FrVb3DblQG27UPNO2KflBLwo38RAXr55nhskS5kU6NAS%2BslVPZZmMnEbYF%2B17gOM17fQz4XIbnT3V0lQRb8oHnIrDRsWLiE%2Bd5zzF6FB"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7fe027c4dc2923eb-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
psaugourtauy.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/rhd?rb=7br5l7DwFFZyhtZuZteYyf57turtpXIYdx3KH99uHR1Z64IhOCGmmlF17t3G6JOxLx3P93Vt3qiRuFTs8Cf_UJp-4XGt9kJN9r9qkVPwI7BTl4_US6JKwmtgzgSqPStq-pN7v5parng30p-JJsMmWQlDvqVMmk_ouLQgy_LXNa4d-Y6aaKgweDsgkF282PTDTOeS_20Z0O-Nj642E8SzkFYt9AlB_-Bn7I_fOOT3e9t4XYNHFQfYt_Hxy4onr2RJgYazxAS_0XON4F0QGafAtwFfJAMpl3pZsasHnYvdJY5LK12p2y2Aba2k-dRthGu1pGQbMfKXFT1dNK4zQLLUq9sP8ng7Zms15gGyoF5vSHUfQzMW18OSXkjkc3iZNS5A1kMgEgaPOs7ssCvwF3N2WF9wrdaYUEcajqCbbkHSRmTorYiuzRB_UTnEi7bzg5JFVp4uzh9At3PnxT1EuOZYco35kw8rrSI3QoG2Crh8DCxQCwW3&request_ab2=150003&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D720161760283468603%26ssk%3D69f23a3756576bb5bcc585589f00b2f2%26svar%3D1693263463%26z%3D6107119%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D720161760283468603%26ssk%3D69f23a3756576bb5bcc585589f00b2f2%26svar%3D1693263463%26z%3D6107119%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6107119&var3=720161760283468603&ymid=&rhd=1&m=link
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd84e62d09bb9d3fe7186cd3b70286e80770666f8fcf34b59efa8d8aeb8852ad
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
30c6355271216febe900a010f3f53ae5
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOcAsR9aojzuJaeU1hAz%2B9b15XtpukGzoArq1yan5bBJZyQ5Sv4r3SIpKbifS0CvB9q6NWOOFjt6WJ2ca0SqMR8ur5%2F74Eo2T4rveSswWQMYKOflgIYj75XGtxkM85v63gIm"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7fe027c51c8e23eb-LHR
expires
Tue, 11 Jan 1994 10:00:00 GMT
4662709
psaugourtauy.com/sw-check-permissions/ 		0
948 B 		Other
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/sw-check-permissions/4662709?var=6107119&ymid=720161760283468603&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QVPglg3gwoR3nGCBQhTWMyP%2FZNwcyRlF%2BUa8%2BFG3gqpJYu9LxCJQK8J1nUNPcSJUcCXclHats%2F9pJWmpnNZvfHmoL5K2zk01XEfJdM94kf6trxXUz2XEUGtMUZr0y4AMWmX"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
7fe027c52c9e23eb-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
psaugourtauy.com/ 		0
481 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6107119&ymid=720161760283468603&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-trace-id
c6f52dc0c039612a9274b4a073d4f5c8
date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9zRAqJrgrdi3vO3m%2BVrEB9VWRIqaOrIQV%2BJELgeFxQvQz2CxYPqCkhQCfgZthrbAWF6I7neBlbsWhwXZ6vUJgNzCZwYqpyWBUYejFSeHcSJlc5jvyqz5gsVDCwdOOHgzmJ5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://psaugourtauy.com
access-control-allow-credentials
true
cf-ray
7fe027c53ca823eb-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=720161760283468603&var=6107119
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff7d38522c384b452fb87af049c31cb22ac038be45e97adfd2940b7d28beb101
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
psaugourtauy.com/ 		906 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6107119&ymid=720161760283468603&var_3=&var_4=&dsig=&action=settings
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
2c9c961fc5d787a5f3c4c7601d045785
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRRhKZLdtBCEW8nqwwgX34MNCO2EyG386XOVsogztto%2B5Nrla7rlcWm0Jb9paY6HCUOQ4q1MXHF3y6MNr9RxUiJRnfal7UHCa%2BoPOeFE8miu3cqb2bY3X%2BBFNEfTPSsyyl6m"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7fe027c55cd723eb-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
psaugourtauy.com/ 		39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
177fc2a8178722bb64d7afe24119418033078ac55146397e7390bfe4971bede1

Request headers

Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe027c5bd6e23eb-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 22:57:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzFqoNFyJTInj0MSvd4m8EhncDHEFDAIUPww3iuSL%2Bw6ElVnYe%2B8cVOZ9MjJ%2FDPalyl4BuhGsI6U1nSXNAmjDRsV9lQfb4l3qByN8crgldxfVVOJF73yfKto4CIzEv5RTiB2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24
micro.tag.min.js
psaugourtauy.com/pfe/current/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414af32e4b8883639a4d227bc7a9a9e6b42e1d22031dc4aaf81fff3c70d7488e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 23 Aug 2023 12:46:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e5ff9d-68c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgHhje5wddmH6T9P4pEGUh69UcA8wcV1tfnMB2qndNRIuXFtTOm982Cz40WMFZDtuzKNgBJ4dMlwyFUDCbC%2FcIAl3mmv2PiPaDYumEw3hXtMyMGG56vgIkXDfSVi30mACvkf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7fe027c67e7323eb-LHR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
psaugourtauy.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6107119&var3=720161760283468603&ymid=&rhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1328dbba5610f4c3b6f392724bf8643495453838815aeec2b2356a6825b00df0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
48b1253d6560e9f32b1f182159f5bbc6
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQouggQebQx6gO0qZSnHvcW7e9MKyQ5E0%2By%2FGB6MJRj1p79pNWpEFu9CsH2URikMDuFpfKWNv474e78a716fcdttFMHY97LwSZz4oayV3BRX1B%2BrFwAGa5uFVomp4hYuqrtn"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7fe027c68e7823eb-LHR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
psaugourtauy.com/ 		2 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brat0RIO7fN405HQDwgmccxo9afnFwCc06l0dSzPK191Wwt408WuQ2gvtr71pVhPh%2BsJ5Ow%2BfsHG891neVZsul2j3TmkhJsrgT1mhw%2BqgHt9VoLDwRrYIQhpBW5bEiFMMvbB"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7fe027c68e8023eb-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
psaugourtauy.com/sw-check-permissions/ 		0
947 B 		Other
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/sw-check-permissions/4662709?var=6107119&ymid=720161760283468603&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFuEP4wUuA21cOpn5%2Bx1dPljN1%2F4uUiA8SmozwLkbUCxC7edvm17DExLH0hH2OLd3GvPGQtxNZZcZOE%2BbYXIctlx1lv1OLykJcwbdJ0xFz%2BJkhwBtfZR9PcBYraTgZFYQ5hN"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
7fe027c6ef0e23eb-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
psaugourtauy.com/ 		0
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6107119&ymid=720161760283468603&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-trace-id
66648bac823ceb1f35838c196c5cd4c3
date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHKd52uZbQ3iLRPakfeJ5Kqn1W9FeibiOqeATlsC5bxcZVOr0XfxcKNrcSC8BrHhX9LvQHt7aKAAaevASP0Gjuxd4aODcC8jHQSkYZ%2FqiBySMYaRtBJimNH8%2FlTSWGOva6F0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://psaugourtauy.com
access-control-allow-credentials
true
cf-ray
7fe027c6ef1323eb-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=720161760283468603&var=6107119
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff7d38522c384b452fb87af049c31cb22ac038be45e97adfd2940b7d28beb101
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
psaugourtauy.com/ 		906 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6107119&ymid=720161760283468603&var_3=&var_4=&dsig=&action=settings
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=720161760283468603&var=6107119&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa127c8c7d2da6c49c0369553af70e767845564dd23e252d1f170444f5b3592
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:57:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
a122d54a17f51e77e05df63303be4b83
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzx5vg3KcNdcuZDdU%2FAK0RVqsLB1dKDBtPTPbxr%2BmXee7k8uyeYZU774U%2FgoHy9ruFfEehPMGlGJAnqdRUPkUedlPcXc3S1LCfmgec947V2IxUoiYWPjuXun1pB0QV2qz64F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7fe027c70f3223eb-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
psaugourtauy.com/submenu/4662728/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6107119&var3=720161760283468603&oaid=0133f8fb30c418a79154700439e06664
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7fe027caac4923eb-LHR
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 28 Aug 2023 22:57:49 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://trackvol.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVnVayepC4QP3GEmNM2Hkl76HtnNCepU%2BT9ke4xAeY%2FWLK1RmMeeAcX7S56%2B15D4tKnrcvlFdP7vN7mPvkJUCR180WFUoZu4sP5gnonQ78SuKjj%2FVPXCp5PcHydUu7%2FmfKVn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
7d4fa61938dfbe34869ae2b76d6a8c71
610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw
www.linkbux.com/track/
Redirect Chain
  • https://trackvol.com/84a864a4-df5b-4e49-9a1f-942f91c3dc19?zoneid=4662728&campaignid=7179899&carrier=?&connection_type=broadband&isp=venus%20business%20communications%20limited&os=windows&ctrl_fetch...
  • https://thetrendytales.ignitrona.live/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
  • https://kootistrack.com/link/?link=https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
  • https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
1 KB
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6107119&var3=720161760283468603&oaid=0133f8fb30c418a79154700439e06664
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.11.181.248 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
c100ce60e220885ec7ee2a2e03808c78277eefcf2e11ec6dd3a5a8c406cc4b2e

Request headers

Referer
https://psaugourtauy.com/partitial/3735488/?var=4662728&ab2r=0&prfrev=false&rhd=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 22:57:51 GMT
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe027d04dd10672-LHR
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 22:57:50 GMT
location
https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFG%2FmWsJYOJFurqVlAvrzAPBPt73Dz5zh9n0cGgo9b%2FsI8k0ffg1GhNIZH6ZJ82LUsCLKERevdwRqMMsQIX2mzZcHAnYG%2FV5acLjMlXjOpeMr36BX4SptS3rks7Er%2Bsf%2FOW5JyuhW3oDL71k%2BSc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhHg_c
app.partnerboost.com/track/ 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.partnerboost.com/track/a524zpZ46FHCobMJsI9qI7FDrxR9w2a8KhpftfEZbk7w2v4MLAwxr6emX4XNKKKk24adhHg_c?url=https%3A%2F%2Fwww.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66&uid=lb_o7dxvc&uid2=https%3A%2F%2Fthetrendytales.com%2F
Requested by
Host: www.linkbux.com
URL: https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.241.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.linkbux.com/track/610eNGb0an46RAZqWmAU6XZcU_bipHVj2XY2VtPSCbmv7TLEWCs6houm1nEvIJIKw?url=https://www.aliexpress.comw11f5jnbu6cv1u6ri2pu5s66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 22:57:52 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=0b9d6f344b9745dda990a34460d5e512

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

13 Cookies

Domain/Path Name / Value
dukingdraon.com/ Name: OAID
Value: 0b9d6f344b9745dda990a34460d5e512
dukingdraon.com/ Name: oaidts
Value: 1693263463
my.rtmark.net/ Name: ID
Value: 0b9d6f344b9745dda990a34460d5e512
.psaugourtauy.com/ Name: __cf_mw_byp
Value: 9owZo1O7fcpYSLW2o_Yvt2sUOm5xlvPH7aNVYbcGlbE-1693263463-0-/?s=720161760283468603&ssk=69f23a3756576bb5bcc585589f00b2f2&svar=1693263463&z=6107119&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
psaugourtauy.com/ Name: syncedCookie
Value: true
psaugourtauy.com/ Name: OAID
Value: 0133f8fb30c418a79154700439e06664
psaugourtauy.com/ Name: prefetchAd_4662728
Value: true
psaugourtauy.com/ Name: reverse
Value: no53bEhexCboI9aiQkYN8q5_2xEThc-7wYaTVPid00o
psaugourtauy.com/ Name: oaidts
Value: 1693263469
.trackvol.com/ Name: 84a864a4-df5b-4e49-9a1f-942f91c3dc19-v4
Value: Tc1Ir3_DTFpECIrM6hTrde9belMbDb_OV0VgoKLXpNI
.trackvol.com/ Name: cc-v4
Value: bfCeuzzIg4su8PWtiE2sUXHdtKnBfVKO2bZv7%2FA1ikA0gAU8JV38LFGN7edOJmXuZKua3XQmf7JybcxK4yATQ9OZ0K%2BQzcfq%2F1Kkkz49b0j%2BgAAczNTZffC4pXxpzMkCnP3f0n1tB1tN9igJmsSO3g%3D%3D
www.linkbux.com/ Name: discuz_2132_saltkey
Value: xWdU6tTl
www.linkbux.com/ Name: discuz_2132_lang
Value: en