qr-captcha.com Open in urlscan Pro
139.45.197.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a.we-are-anon.com/h/?ysGolb4HU
Effective URL:
https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b
Submission: On August 25 via api (August 25th 2023, 12:38:58 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 33 HTTP transactions. The main IP is 139.45.197.167, located in United Kingdom and belongs to RETN-AS, GB. The main domain is qr-captcha.com. The Cisco Umbrella rank of the primary domain is 361121.
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.

This is the only time qr-captcha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3031::ac43:8dd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
17	172.64.132.20 172.64.132.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.167 139.45.197.167	9002 (RETN-AS) (RETN-AS)
33	7

3 2606:4700:3031::ac43:8dd4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.we-are-anon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.24 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

ak.koogreep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.132.20 (United States)

ASN13335 (CLOUDFLARENET, US)

psaugourtauy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.167 (United Kingdom)

ASN9002 (RETN-AS, GB)

qr-captcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	psaugourtauy.com psaugourtauy.com — Cisco Umbrella Rank: 72523	64 KB
4	qr-captcha.com qr-captcha.com — Cisco Umbrella Rank: 361121	20 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11867	2 KB
3	we-are-anon.com 1 redirects a.we-are-anon.com	8 KB
2	koogreep.com 1 redirects ak.koogreep.com — Cisco Umbrella Rank: 248593	13 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 35759	468 B
33	6

	Domain	Requested by
17	psaugourtauy.com	psaugourtauy.com
4	qr-captcha.com	psaugourtauy.com qr-captcha.com
4	my.rtmark.net	ak.koogreep.com psaugourtauy.com
3	a.we-are-anon.com	1 redirects a.we-are-anon.com
2	ak.koogreep.com	1 redirects
1	datatechone.com	ak.koogreep.com
33	6

This site contains no links.

Subject Issuer	Validity	Valid
we-are-anon.com GTS CA 1P5	`2023-07-17` - `2023-10-15`	3 months	crt.sh
ak.hetaruwg.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
psaugourtauy.com E1	`2023-08-14` - `2023-11-12`	3 months	crt.sh
qr-captcha.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b
Frame ID: DCA0DCE8FF8489D51FCFB1DBBCE9150C
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://a.we-are-anon.com/h/?ysGolb4HU Page URL
https://ak.koogreep.com/4/2661777 Page URL
https://ak.koogreep.com/?z=2661777&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z... Page URL
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z... Page URL
https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b Page URL

Page Statistics

33
Requests

88 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

106 kB
Transfer

322 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a.we-are-anon.com/h/?ysGolb4HU Page URL
https://ak.koogreep.com/4/2661777 Page URL
https://ak.koogreep.com/?z=2661777&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://a.we-are-anon.com/ HTTP 302
https://a.we-are-anon.com/?x9VC3qyi

Request Chain 5

https://ak.koogreep.com/?z=2661777&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

33 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
a.we-are-anon.com/h/ 12 KB
7 KB 177ms
86ms Document
text/html 2606:4700:3031::ac43:8dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.we-are-anon.com/h/?ysGolb4HU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8dd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fc3e500dbc0367b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgr3s8F5qOxUD%2BmCugZxKpwvfoPC2Q%2B4yLmNE5SdrhCv3Aal%2FUTLNwv%2FCd488dFhGfNOQzppDDyBg3ZOxAMfj6G%2BPAKm0hr0tci9LdBu76UHePPV%2FwKp2RlfBgkjK6W6PJ6l9EOgkQM82fpgsP1SVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3

200

/ Show response
a.we-are-anon.com/
Redirect Chain

https://a.we-are-anon.com/
https://a.we-are-anon.com/?x9VC3qyi

0
564 B

91ms
90ms

Document
text/html

2606:4700:3031::ac43:8dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.we-are-anon.com/?x9VC3qyi
Requested by: Host: a.we-are-anon.com
URL: https://a.we-are-anon.com/h/?ysGolb4HU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8dd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a.we-are-anon.com/h/?ysGolb4HU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fc3e50239f868fb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
refresh: 0; url=https://ak.koogreep.com/4/2661777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGv%2Bfzi8RZEk9adTdoHjpkJH0l9CfUe%2BkSBVVSyo2rsgBVOl925h1M3W%2BqF2KFpT5H1yrcw5BDpXtv4Ui99YjDWIrl2Txq4nPCvRA1iLkwygPZRaFhbQwghYZycjR8szV7Ej6PiOPjxcRT7vHTOHWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fc3e501bcdc367b-FRA
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:52 GMT
location: /?x9VC3qyi
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiXnQtpI8woC4QZGPsX67QxT9SSQ%2F8zgCRgHWB3sJXUsTBzfCPHUViv096ZQyCz2rh3MAMJH8%2B8pIb5%2B2l9d2TVKJTGt%2Bcdo%2F2YW6xO6%2F3DoYaR4QUdZ%2F2ldSCeWpmR%2BHYJ86vR9RP%2FnBvpn1EZfjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 2661777 Show response
ak.koogreep.com/4/ 27 KB
12 KB 191ms
42ms Document
text/html 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.koogreep.com/4/2661777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ff061e5c2c556c289d7e8d787e432d9a02891e3e612f409fc550621c5bd5609c

Request headers

Referer: https://a.we-are-anon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 11486
content-type: text/html; charset=utf8
date: Fri, 25 Aug 2023 12:38:52 GMT
expires: Fri, 25 Aug 2023 12:38:52 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 08215a58c9cfbe52ab98e76d9b24e4af

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 156ms
72ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=1280d046fef84bffac56fbf655d05f5b

Requested by

Host: ak.koogreep.com
URL: https://ak.koogreep.com/4/2661777

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ak.koogreep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:52 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
468 B 107ms
31ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: ak.koogreep.com
URL: https://ak.koogreep.com/4/2661777
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ak.koogreep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 25 Aug 2023 12:38:52 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.koogreep.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
psaugourtauy.com/
Redirect Chain

https://ak.koogreep.com/?z=2661777&syncedCookie=true&rhd=false
https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

39 KB
13 KB

166ms
88ms

Document
text/html

172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 84111215ef2adad9ffa13987f1c34fdc344c1e606103a08852ca338341d2d699

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.koogreep.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fc3e5064ee9383a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9SN29lH6GxHcl%2B0roMZvJQD9yYgVnjzePawgJZLwDy6fP94YFp%2Bq3XZCjFmHaM5rYmQw0rB7Yv8xJ8Wy%2BpOQksK1nFyRqR7W%2BWwH%2BY8VWh0VUry7sNEtWAqA3JreHzH7uU%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ak.koogreep.com
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 25 Aug 2023 12:38:53 GMT
expires: Fri, 25 Aug 2023 12:38:53 GMT
link: <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
location: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: aad5ff822befd6913ec63cf6a48420f3

GET gid.js
my.rtmark.net/ 0
0

GET
H2 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 53ms
46ms Script
application/javascript 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414af32e4b8883639a4d227bc7a9a9e6b42e1d22031dc4aaf81fff3c70d7488e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Aug 2023 12:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e5ff9d-68c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU4Pkbv1puIRdjoOpAkoNtOgS2oJIrldxDzsE0LgQumN6oKP8%2FS8kZHvfrXaEKoxL9Jo0QEK9Jh9NivdYrdV%2F9Edbf2jAjBBFMy%2BBaxVfwUectKMwOxj1mSoBdVMzlevGRO2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7fc3e5071fde383a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 50ms
45ms XHR
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=2661777&var3=718918862711829471&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61039af2a193293d76a7807ea2106b29e07374f6178ab258648d145c35d699c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 42fc36a7744fe96145f58ce3d2248d96
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIAd6o5e4mjQgW5%2Bj20I25FDSSXMU4xYaOyDywRZ16rvGx%2FL%2B6rSIqSkast69mO2tXtnPLa5TIVloEhsIW4duUWFKMavzp9h6zXMamXcMlOsQ4pyxJQAnskfdU2CUVgNc22X"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fc3e5071fdc383a-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
psaugourtauy.com/ 2 B
406 B 51ms
51ms XHR
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.24
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeox6nZ3fgUkqTTjCK6TLR%2FI8ffGex253s2JldG1gzmA%2BjFUIi3o0elKY94PcG972NU0H5RjY4adCUZXn9TQliCLHLsyTPYcjjMO%2Fj2KjHQ8A3c8h8zF1r5cdQK248nQkt1f"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7fc3e5072fe4383a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
psaugourtauy.com/ 2 KB
3 KB 54ms
54ms Fetch
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/rhd?rb=dLwR6wiGNC2CH9trm5r98KkeMZ12HZAgVE_dN5qxsnLDqTTzVSg-aiBIG1EhrY2LbC5dbNQFGiVOFyHf2o3Agmjauxst93laRUxvaXvI3HofVJ9tGtD2Qr7bVbGlsI01asOzoVr_LVeCj0GVf59txEJO-QdgjOW0pCWpRQmiIOiwMg6sUP2_wKkB9iEMORkSixEPAGCu7D68-W2XcHJ2DbfmZQlwpXgMUZhZ1VfXqEIzmdaApAaT_kR6AHVYBmLUlDSLgmcm3hyrcnBfe3ffCBYjU9J9JiVivP8S-gYXBGphCamYb1J79W17cn04uulu5kGJeO0qRiwLHV4LFRpAorQzVTL4DcSPNvaYDDQb41A55ioNTgn4S2RTD2yxfRs29yqPFKvnlV5i6FlWXrYj0x1cnxDO382mo8KFuyg3BtBSDOelBER7C7rYFRtt5u0b7uzugm4Dp4HsJWdQxgS_qtLu2x668340vJRP9x9RkkY%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D718918862711829471%26ssk%3Db9425f2878989de8f6b8e805d0bd1a02%26svar%3D1692967133%26z%3D2661777%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=2661777&var3=718918862711829471&ymid=&rhd=1&m=link

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cf66a3932749af5e7354a008f54a0fa16e12902690d810550f3b436b211bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 134df5e13a9df50b31d01d44f28218c7
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwsaKQwYpPbWYIkSu4npAFy%2F7y0FSHn%2B6PdHelPMGSdLDJyH0NzOBfxAbq81EpAic5Iw6gljMLW4p%2FXyZyY6HsnAfDXIDMfoIA79iG16s5I47JMRzH9io%2FRStNEkK5ODXWGE"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fc3e5076ae53608-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
947 B 62ms
59ms Other
application/javascript 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=2661777&ymid=718918862711829471&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZKBFD65y7c%2FcKgdTFKp%2B%2BJZR7USzA8666YQmsKMkFG870Xwi6jwx23lvFAgr%2FT9ovkqwLc26s88ycm3mYiP6s4QGCl%2BPAtG76ZyUfXSmdp6eadoviJUCEKzYvsVuuaMMZru"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7fc3e5077af63608-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
481 B 50ms
49ms Ping
text/plain 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=2661777&ymid=718918862711829471&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-trace-id: 3191ac98e34aaf8308a1de873a6ff0fe
date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V45XqHMsXHWLelb2tEyCArqAUTAeF%2BLKMxfg87lM7s%2FveVKclNORXwtTwzudsc4bhT9SdlT3y5hIXpgm%2BGGrsAtd9gg%2BMYwmPoRigldPJvwSLY1oPTfydZUsKsoXrHoq1wv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7fc3e5077af33608-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 104ms
103ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=718918862711829471&var=2661777

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9c5a1465adb03e30077056ea713defff333f6a7916a0c9b3edf136fdd8ef57e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
psaugourtauy.com/ 905 B
1 KB 46ms
46ms Fetch
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=2661777&ymid=718918862711829471&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979e906184a76d6e35b3fb105fa0941239f372c5d762c13d535b068082efff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: cf8e0ee8dea8710d6065deb760b2c964
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzSU986m7hfuUsBdglKAzAfjZJg8TGJU5KioDQO9uCMcpIql%2FKBROYTuzOfqdq0DQnObXOtoFuF7kA1r8ryLoq%2Bl2j3q2YpAADIgsAbqSKanNdidqQrrHxhdzKSQ9PICygs6"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fc3e5079b143608-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 / Show response
psaugourtauy.com/ 39 KB
13 KB 87ms
86ms Document
text/html 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 708c71ca6224666958a9e6d6e4bc27534c163bbfb7c70b0fd76fdf1ccce2c11e

Request headers

Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fc3e5084bed3608-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6%2FGe%2BbHiJquV4OJ4TE8G%2FhiiF%2Bz%2FWBEWOQ2oP5AZ2TSRPHGEOw99N1WKrjU%2BFb0ZGMB8sCM91Agnsu4rhGEqsCdJOJ5s%2FGObrgmwEWwRA52tTOmUa56grHFdbDmFg0XLQ%2BF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.26

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 38ms
37ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=9eb1f725c7b2a2aaae493df5f3264100

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9c5a1465adb03e30077056ea713defff333f6a7916a0c9b3edf136fdd8ef57e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 62ms
62ms Script
application/javascript 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414af32e4b8883639a4d227bc7a9a9e6b42e1d22031dc4aaf81fff3c70d7488e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Aug 2023 12:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e5ff9d-68c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpPmr2DQUm9cBRcBirCgp4aSo7aNzNlxq2aMPgMQ56pKbWZUsphXzD8sJJ36K9Jio85u79htgVZ7Z5zdY9MpVCZWM5YtCMY4qfYtb8THDFXm7IcepXi849%2B7joyjGb6zqvRX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7fc3e508ecc33608-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 50ms
50ms XHR
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=2661777&var3=718918862711829471&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f5b54da2d5a12352154a6b7ba5ae3154abe90f4010e466807d50fd2b4960f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 00e202706c18d580472750742fb97634
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT3XlotbM9dtbcp4rxsoSv%2B5rwkNvbYEF0xdDG5FoN2iD72kHmBIuc42Z3mDzmg6%2F4zEGrq88%2FQ9LgUM0ix3sPvTGTHjJSekf2H4BHfQjvvZVEZ2uNG%2FXeJD99YI6S4XzOk3"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fc3e508ecc73608-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
psaugourtauy.com/ 2 B
525 B 61ms
60ms XHR
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTBxLNQbDuLtGC1tdWh5%2FdouSwJ52R4sz67cAcXzazoY%2F8oQ7bxSt6ytLmjGSf8p3GVnWWH1f9wqPQIRUgSujDHkMCDfl8sphLdOK78wjqrjUR47%2FfEpdNRWhgN6ZCAWPuyN"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7fc3e5090ce73608-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
psaugourtauy.com/ 2 KB
3 KB 54ms
53ms Fetch
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/rhd?rb=Bh7zZuEPjJKCwi_alTHjkX8rLTlzL2ZokGsHIC03_lNf1_m90v0dT-7t17bZUXsO-4Lap6XUD_GN5SB2UHuNMRz-5Yp7BeD2BoY2L1kyXLUU5jPgSsVBLPcg18uaDcrNFrQQyjc2uHsN6J59bxm-kekEdQR0tostFfT7lXt8VTSJM0e_WV5444vJGgcCeu8faiGey8431EIlBQmGNLssNuymzj4xOsWOPYqb0vP9mC0IpmTRF3gvnR9z2S3FVWAIkD9hVBQ8DvF5bZ_shYHXmUpXhZvmYyw2z3eUe4dJcTgX4p7fmv1Sm1LgF_52tWMlZLn6Wedc_8dhv-UVbkfkObC7OlWCyOU7gzKOk8eWHCcIQttLQYh-qrRMRnto2JEFZTdvuMt3x-Esx-zE5bAv4UlBYtVR5yHQYTNQs1UMxF8nTT0ifMVOFNHJ-E3VhhNaJ0CFcRUuZPy2iAnvggC2JlMNCML4gpWIxDspJQA0Irhk-FaL&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D718918862711829471%26ssk%3Db9425f2878989de8f6b8e805d0bd1a02%26svar%3D1692967133%26z%3D2661777%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D718918862711829471%26ssk%3Db9425f2878989de8f6b8e805d0bd1a02%26svar%3D1692967133%26z%3D2661777%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=2661777&var3=718918862711829471&ymid=&rhd=1&m=link

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52943db10c9b5b652d96b7d209001b3e726f74a44d82a92092e79d0b731c9d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 5704ddec13591798777c36eba012ffab
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHZarNowEse%2F1gZV4WX%2F1mk3rM6bNyJCjLVFkIWnFJbxyv3qSkMOu8S7lfdbYPP8Tn3%2FYGDmOys0qkX0wStQiOAKIxDER7jZXW6ZiZSeImAcY3g%2FkObdrsBjU2cb%2FIc%2FdbTv"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fc3e5094d283608-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
948 B 54ms
53ms Other
application/javascript 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=2661777&ymid=718918862711829471&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24qpobaZT9RKe%2F2pWxFzlhoEZGkKugmsGN%2BB65kXHpXKOdhXopAPGnm8esAbH5tftoUqrir%2FMTVIdHLMvpwGO%2BSZ38YPu%2BYyasz3YSulgZ2X7NQjI4fTCtMU3rNSawayRIcf"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7fc3e5095d473608-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
479 B 48ms
47ms Ping
text/plain 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=2661777&ymid=718918862711829471&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-trace-id: c4b4bf31150193bd93ea718bc0865eaf
date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh670jpTqMFB4Is59slphTp6INxIWPZb7v3WG0JWa%2FA8iSzAJmF1YG6Xu3sdFR5t%2FFGNy7pwoDRc5ApR7xmLgftkmuGrCNUd1WnWXVt3qvDmEHRajgg4IgCr7EpbmUMwTP9B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7fc3e5095d4a3608-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 38ms
38ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=718918862711829471&var=2661777

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9c5a1465adb03e30077056ea713defff333f6a7916a0c9b3edf136fdd8ef57e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
psaugourtauy.com/ 905 B
1 KB 51ms
51ms Fetch
application/json 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=2661777&ymid=718918862711829471&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=718918862711829471&var=2661777&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979e906184a76d6e35b3fb105fa0941239f372c5d762c13d535b068082efff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 3fa54acd240c5340f77b62cdd641b3b9
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJtoo2rSI0dfe6228Jz90BkinCQnymL12RcMh4XKSzuzrerUVYP5zVvvFcbHU7FNaIXgTfwyA1G9Jz8c5NXx%2BZhHQNqIGkiAW4z0w2rLflDDsWd4MzvcnLDDf3aA1LsyMuA7"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fc3e5096d5a3608-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Primary Request / Show response
qr-captcha.com/ 20 KB
5 KB 141ms
41ms Document
text/html 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 12:38:54 GMT
etag: W/"50f6-188c4485de8"
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H3 200 cat.php
psaugourtauy.com/ 0
753 B 49ms
48ms Ping
text/plain 172.64.132.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/cat.php?userId=9eb1f725c7b2a2aaae493df5f3264100&zoneid=4662728&rb=Bh7zZuEPjJKCwi_alTHjkX8rLTlzL2ZokGsHIC03_lNf1_m90v0dT-7t17bZUXsO-4Lap6XUD_GN5SB2UHuNMRz-5Yp7BeD2BoY2L1kyXLUU5jPgSsVBLPcg18uaDcrNFrQQyjc2uHsN6J59bxm-kekEdQR0tostFfT7lXt8VTSJM0e_WV5444vJGgcCeu8faiGey8431EIlBQmGNLssNuymzj4xOsWOPYqb0vP9mC0IpmTRF3gvnR9z2S3FVWAIkD9hVBQ8DvF5bZ_shYHXmUpXhZvmYyw2z3eUe4dJcTgX4p7fmv1Sm1LgF_52tWMlZLn6Wedc_8dhv-UVbkfkObC7OlWCyOU7gzKOk8eWHCcIQttLQYh-qrRMRnto2JEFZTdvuMt3x-Esx-zE5bAv4UlBYtVR5yHQYTNQs1UMxF8nTT0ifMVOFNHJ-E3VhhNaJ0CFcRUuZPy2iAnvggC2JlMNCML4gpWIxDspJQA0Irhk-FaL&var=2661777&var3=718918862711829471&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.132.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://psaugourtauy.com/?s=718918862711829471&ssk=b9425f2878989de8f6b8e805d0bd1a02&svar=1692967133&z=2661777&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 12:38:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 96e1063ceff5a24ae4187b19c1e118da
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbMAQOqEZf0olnUlwmAnayJ6wNrL8kVBVPVt443AtpcKX29cgXngdJBhLHfEqV%2FvrIFuxb2q5QM0tvLx5g%2BVv3QFrO6ZMIW6Dpz1sdVk9UcQCD4pgI%2BaySBeTrbT0Hj3%2FahS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fc3e50cc9fd3608-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 animate.css
qr-captcha.com/Attention_files/ 78 KB
4 KB 4032ms
4032ms Stylesheet
text/css 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/Attention_files/animate.css

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:57 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
content-encoding: br
etag: W/"1361f-188c4485de8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 qrcode.js Show response
qr-captcha.com/ 32 KB
9 KB 41ms
41ms Script
application/javascript 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/qrcode.js

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
content-encoding: br
etag: W/"80f0-188c4485de8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 new_free.svg
qr-captcha.com/Attention_files/ 2 KB
2 KB 3270ms
3270ms Image
image/svg+xml 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qr-captcha.com/Attention_files/new_free.svg

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=718918866478309955&oaid=1280d046fef84bffac56fbf655d05f5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:38:57 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
etag: W/"609-188c4485de8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1545

GET loading.svg
qr-captcha.com/Attention_files/ 0
0

GET 16emjgn0cev
qr-captcha.com/w/ 0
0

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET bg.gif
qr-captcha.com/assets/ 0
0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76c2b7b4dbaa65b1ea83c8d5cb3db6ab9c2ec792f811f044bf26a85d5f3aad2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: my.rtmark.net
URL: https://my.rtmark.net/gid.js?userId=9eb1f725c7b2a2aaae493df5f3264100

Domain: qr-captcha.com
URL: https://qr-captcha.com/Attention_files/loading.svg

Domain: qr-captcha.com
URL: https://qr-captcha.com/w/16emjgn0cev

Domain: qr-captcha.com
URL: https://qr-captcha.com/assets/bg.gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
a.we-are-anon.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8t9r2nbk57jn4p5jb10iv9r94e
ak.koogreep.com/	1970-01-20 23:01:43	Name: OAID Value: 1280d046fef84bffac56fbf655d05f5b
ak.koogreep.com/	1970-01-20 23:01:43	Name: oaidts Value: 1692967132
my.rtmark.net/	1970-01-20 23:01:43	Name: ID Value: 1280d046fef84bffac56fbf655d05f5b
ak.koogreep.com/	1970-01-20 14:26:11	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 23:01:43	Name: oaidts Value: 1692967133
psaugourtauy.com/	1970-01-20 14:16:07	Name: prefetchAd_4662728 Value: true
psaugourtauy.com/	1970-01-20 14:16:10	Name: reverse Value: NFIhsYbslqJwUKjqXXnORYvBDbWGU67gUaIaN2bM63o
psaugourtauy.com/	1970-01-20 23:03:09	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 23:01:43	Name: OAID Value: 9eb1f725c7b2a2aaae493df5f3264100

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.we-are-anon.com
ak.koogreep.com
datatechone.com
my.rtmark.net
psaugourtauy.com
qr-captcha.com
my.rtmark.net
qr-captcha.com
139.45.195.8
139.45.197.167
172.64.132.20
193.108.153.24
2606:4700:3031::ac43:8dd4
37.48.68.71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
414af32e4b8883639a4d227bc7a9a9e6b42e1d22031dc4aaf81fff3c70d7488e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52943db10c9b5b652d96b7d209001b3e726f74a44d82a92092e79d0b731c9d0e
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
61039af2a193293d76a7807ea2106b29e07374f6178ab258648d145c35d699c6
62f5b54da2d5a12352154a6b7ba5ae3154abe90f4010e466807d50fd2b4960f7
708c71ca6224666958a9e6d6e4bc27534c163bbfb7c70b0fd76fdf1ccce2c11e
84111215ef2adad9ffa13987f1c34fdc344c1e606103a08852ca338341d2d699
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
979e906184a76d6e35b3fb105fa0941239f372c5d762c13d535b068082efff72
9c5a1465adb03e30077056ea713defff333f6a7916a0c9b3edf136fdd8ef57e7
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0cf66a3932749af5e7354a008f54a0fa16e12902690d810550f3b436b211bb4
f76c2b7b4dbaa65b1ea83c8d5cb3db6ab9c2ec792f811f044bf26a85d5f3aad2
ff061e5c2c556c289d7e8d787e432d9a02891e3e612f409fc550621c5bd5609c

qr-captcha.com Open in urlscan Pro 139.45.197.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

33 Requests

88 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

7 IPs

4 Countries

106 kBTransfer

322 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qr-captcha.com Open in urlscan Pro
139.45.197.167 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

88 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

106 kB
Transfer

322 kB
Size

10
Cookies

33 HTTP transactions
4 data transactions