urlscan.io logo urlscan.io
SecurityTrails logo

qr-captcha.com Open in urlscan Pro
139.45.197.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://today.empower-online.xyz/
Effective URL: https://qr-captcha.com/?t=0&ymid=714350399968260347
Submission: On August 12 via manual from GH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 11 domains to perform 42 HTTP transactions. The main IP is 139.45.197.167, located in and belongs to . The main domain is qr-captcha.com.
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.
This is the only time qr-captcha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 88.198.22.18 24940 (HETZNER-AS)
1 1 174.138.183.242 19318 (IS-AS-1)
1 139.45.197.237 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
16 172.64.203.26 13335 (CLOUDFLAR...)
1 139.45.197.167 ()
42 6
2    88.198.22.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: rs6b.rcnoc.com
today.empower-online.xyz
1    174.138.183.242 (United States)

ASN19318 (IS-AS-1, US)
jiforo.com
1    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
thaudray.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
16    172.64.203.26 (United States)

ASN13335 (CLOUDFLARENET, US)
psaugourtauy.com
1    139.45.197.167 (None, )

ASN- ()
qr-captcha.com
Apex Domain
Subdomains		 Transfer
16 psaugourtauy.com
psaugourtauy.com
63 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11124
2 KB
2 empower-online.xyz
today.empower-online.xyz
8 KB
1 qr-captcha.com
qr-captcha.com
1 thaudray.com
thaudray.com — Cisco Umbrella Rank: 144680
2 KB
1 jiforo.com
jiforo.com
363 B
0 baidu.com Failed
hm.baidu.com Failed
0 supercounters.com Failed
widget.supercounters.com Failed
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 googleapis.com Failed
ajax.googleapis.com Failed
0 bootstrapcdn.com Failed
maxcdn.bootstrapcdn.com Failed
42 11
Domain Requested by
16 psaugourtauy.com thaudray.com
psaugourtauy.com
4 my.rtmark.net thaudray.com
psaugourtauy.com
2 today.empower-online.xyz today.empower-online.xyz
1 qr-captcha.com psaugourtauy.com
qr-captcha.com
1 thaudray.com today.empower-online.xyz
1 jiforo.com 1 redirects
0 hm.baidu.com Failed today.empower-online.xyz
0 widget.supercounters.com Failed today.empower-online.xyz
0 cdnjs.cloudflare.com Failed today.empower-online.xyz
0 ajax.googleapis.com Failed today.empower-online.xyz
0 maxcdn.bootstrapcdn.com Failed today.empower-online.xyz
42 11

This site contains no links.

Subject Issuer Validity Valid
today.empower-online.xyz
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
thaudray.com
R3		 2023-06-10 -
2023-09-08		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
psaugourtauy.com
E1		 2023-06-16 -
2023-09-14		 3 months crt.sh
qr-captcha.com
R3		 2023-06-16 -
2023-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qr-captcha.com/?t=0&ymid=714350399968260347
Frame ID: 5BEAF3E86E5CCE825812431C584C9954
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://today.empower-online.xyz/ Page URL
  2. https://today.empower-online.xyz/go.php Page URL
  3. https://jiforo.com/activate HTTP 302
    https://thaudray.com/4/5186603 Page URL
  4. https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z... Page URL
  5. https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z... Page URL
  6. https://psaugourtauy.com/submenu/4662728/?rhd=1&var=5186603&var3=714350396323409966&oaid=c7edb0f29d38... Page URL
  7. https://qr-captcha.com/?t=0&ymid=714350399968260347 Page URL

Page Statistics

42
Requests

57 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

6
IPs

3
Countries

75 kB
Transfer

203 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://today.empower-online.xyz/ Page URL
  2. https://today.empower-online.xyz/go.php Page URL
  3. https://jiforo.com/activate HTTP 302
    https://thaudray.com/4/5186603 Page URL
  4. https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  5. https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
  6. https://psaugourtauy.com/submenu/4662728/?rhd=1&var=5186603&var3=714350396323409966&oaid=c7edb0f29d38b8260bdfe69a462fc7a4 Page URL
  7. https://qr-captcha.com/?t=0&ymid=714350399968260347 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://jiforo.com/activate HTTP 302
  • https://thaudray.com/4/5186603

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
today.empower-online.xyz/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
7584
content-type
text/html
date
Sat, 12 Aug 2023 22:05:24 GMT
last-modified
Wed, 17 May 2023 22:14:15 GMT
server
LiteSpeed
vary
Accept-Encoding
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		0
0
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		0
0
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 		0
0
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		0
0
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		0
0
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		0
0
pyes1.png
today.empower-online.xyz/ 		0
0
p.jpg
today.empower-online.xyz/ 		0
0
pyes2.png
today.empower-online.xyz/ 		0
0
rxz.png
today.empower-online.xyz/ 		0
0
online_i.js
widget.supercounters.com/ssl/ 		0
0
go.php
today.empower-online.xyz/ 		614 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://today.empower-online.xyz/go.php
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://today.empower-online.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
292
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 22:05:24 GMT
server
LiteSpeed
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		0
0
5186603
thaudray.com/4/
Redirect Chain
  • https://jiforo.com/activate
  • https://thaudray.com/4/5186603
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thaudray.com/4/5186603
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/go.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 12 Aug 2023 22:05:25 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
694a0bd5c043f813ba1b007c5fd5a932

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 22:05:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://thaudray.com/4/5186603
pragma
no-cache
server
LiteSpeed
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=4c2485336c5742a889c94c2a08ccec31
Requested by
Host: thaudray.com
URL: https://thaudray.com/4/5186603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://thaudray.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
psaugourtauy.com/ 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by
Host: thaudray.com
URL: https://thaudray.com/4/5186603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
bae38909e1be1c0adf65de138e7e25ec08bca8391fe216bf7b31ebf8c5fff09e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f5c0508efc03672-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 22:05:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQ0o4AnUxSfvJG4gT8nQXPIA7n1PNIFTEA0qY%2Fj9aWYZTHznFKUunizlP5LageqBxAGNZoS7xbk6Bk9XuBwvgeLLoDbdnZBngIRLkYV1hLw4qV80ccHErKr%2FyNascvth6Vvp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=c7edb0f29d38b8260bdfe69a462fc7a4
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0fd6841390018a3d013fb2d8073b21aa16ac55b2d166a52c050976ffe7000d66
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
psaugourtauy.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bff789be40b8393590ce6ecf50acd90cb3000b36c75a748d64a05db3f4f84f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 11:40:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64cce3ac-689b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej%2Bu0bQgY2V7bBlTvjL0lH%2BD%2FrXVCU7iRJGPtaaunzbtnVV7nB%2BcVPSfAr%2F2vP%2BezmP4fy6cYNG8%2BVPpTlFOZksisDdBLvh2T5C%2BQtJvleIAL3OUp4MxjpL%2FIR65hmFunL3p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7f5c0509a8873672-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
psaugourtauy.com/ 		2 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOhkl%2B4eJJpPtd7QASsrI0qjWbSkf3EjDELpo%2BTANLPWWpYrJXor7g6192SGDW1yM9JZopNJQYFtuO3Cz1FejwH1J0omkBzA%2FpvQafjECnlSly96tI0SQd5%2FmdEo%2FHLSxY3O"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7f5c0509b88c3672-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
psaugourtauy.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/19/4662728/?abt_opts=1&var=5186603&var3=714350396323409966&ymid=&rhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82ccafeed794c37dd10ea1656feb431a08d5af2caf9b619ce51d7587274b171
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
7061ea6cbb2c8bcf62e45fad9be24d52
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hXlMaSBRag%2Bny3XKmEiJNFcfXggqTnbrtWIUkBHbsSpfiD%2FkNR7myjbtRdjoynnNNmH6UkUDfCOaFrH4%2BvG6QHD8T4dd8rYPtJAsz%2BlaWKaD72P%2FFB6fvR%2BCnALUob%2FL8fT"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7f5c0509b8943672-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
4662709
psaugourtauy.com/sw-check-permissions/ 		0
947 B 		Other
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/sw-check-permissions/4662709?var=5186603&ymid=714350396323409966&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2iYDNgslXYzQHCsmJ8VFNf7XpyLhgLhz3Fex6h4FHpEaNp51AwSPpN4X%2B156m71QVXl7F2eCfJWW0T9%2B88QAbuR17SKDOuz%2FWCLdRW33SgkWi5c46cZpjqY%2BqCQhTxJxD0o"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
7f5c050a0cd14d32-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
psaugourtauy.com/ 		0
519 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5186603&ymid=714350396323409966&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-trace-id
fab2cec696dc371357d5b25f70212c6a
date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi9E6%2Fz3Nh8%2FU0kbSPZY9CBJ%2FlhhuPWLFLbVXRBKwXdANSNL7JYi813xh4z3qFO%2ByhcjThuu18j6mPjjebA6eWtj8Iwbs31tXEZa4nKW9g2M2OU%2BoDb60S1fzYkflqBpAAvC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://psaugourtauy.com
access-control-allow-credentials
true
cf-ray
7f5c050a0cce4d32-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
rhd
psaugourtauy.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/rhd?rb=qUuk2bu2nhxZflF5M4qrvz8AJQJmNP0xjfTQ7M1HHdqi_8SbrpAw2cQKPfcMlqiKbB6UMPO3bwAciedu6ZUzpZP0Lcwua4rGOUjVqiwbpFVZMoMgRNEad_KlIeDuh2nkknNPahf89G9O0F3-av4GkbK0592vVllsomUJ3VhifL04cWkBhnrSqG76YCcBD5HXRxpj3v0BB0b-DJZCRy0gzE2j85vjltx4556hAvtQ6QkVsoCIKvRBEoWhG8UkByLRpD_ydrWiTKsXaYc_-Ps0DRqQEAOkdYUx08PyxubMJezloC8QtHCUv0JODw135djm_JsVqabeUoA_ny9Gdkfqmu_CgjWLjBT3d8t4a7RdaCx9Vh93mCG4CXGJvl06gJUr14zFboZTdMi-6dvavoC9Jx7FcMkLsleVWMbNSUgneBCny9vgHUE5AmkmUqT2bRXUxIm2dErUQvSXfUnpsUFZf1Fj2fAm-vFcAA9XmAoVHRA%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D714350396323409966%26ssk%3Dd1a06e98f942403826aada9f87beb2a2%26svar%3D1691877925%26z%3D5186603%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5186603&var3=714350396323409966&ymid=&rhd=1&m=link
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
811cc36add3f2f0d2e88d2f578353cb8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08jp9D%2FVLRId9BKscv6iQ7qkU0IrMaqAA6QU6HSCBt4UgNMnxQ6lViGO%2FzbiuBTLUGNAcJk7DMeQcfXFHgDXA0qn3F353OuFC15v%2F0Q9VaXqoKKgajPu5gqqxTbRkoA9Yc9B"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7f5c050a1ce34d32-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=714350396323409966&var=5186603
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
psaugourtauy.com/ 		905 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5186603&ymid=714350396323409966&var_3=&var_4=&dsig=&action=settings
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
110c48538088e66e9fb6ce581167cf64
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DbeDhAIF%2BstS8xq2%2B9yKkBiPYaZpNFskN0TNM0dKC7CbG%2FxGQcATlBQqGQV9a0BeR%2FllzOug0LJp8Ad6M3iqdNC7O%2FqH1%2Ftygy3p1njJXNMNzUa4pO7RtmbNQG0qvY7Es84"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7f5c050a1ceb4d32-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
psaugourtauy.com/ 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
9e0f7f58319cb02c891800507b469f1a9f5769ecdb7d3d9a594c2999cae291ab

Request headers

Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f5c050a4d1d4d32-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 22:05:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3nPXLk0Lw66S%2FBmFLVDjVsHNBKQG8tBeKAX%2BPXRDPSBvoAMSdB8%2BIjSUFyfwwDPtLPui22UDVk2HGbKGHdyWlpJVf97cMqLmN3GAPrVrwHnHFKwXYP4AYMzALCiHIw%2F9Ma8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24
micro.tag.min.js
psaugourtauy.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bff789be40b8393590ce6ecf50acd90cb3000b36c75a748d64a05db3f4f84f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Aug 2023 11:40:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64cce3ac-689b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I7m7IFJdKRB6WXn7n0HCx3ZyUpAT07s6zKPZuyLZdq5SJv3nWWaew76TiwqNuwAorvSt%2FB2vHWvW3%2BLkPzfhkhFjO5DBKl0kRmpM8Hk2P%2BEBi4FsUXse5klVM5hiFIjVZgg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7f5c050afddc4d32-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
psaugourtauy.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/19/4662728/?abt_opts=1&var=5186603&var3=714350396323409966&ymid=&rhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80e178a6e539bd1168457856c5c4279a1d5bba561e7b26fdf37cc06b9a21deb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
6d87316b3479e81afa670dd2861d0a33
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tnl4Bdn5ixJOd6ihj0A2RgsmPPDnEp%2B0QTGcN51F%2FtAnJneQ9xrcKdTs87MRcAVcZMtXV4IhGsoZ3IjZJqRmiNze4JxCJQPpSOzvLolH4sC45OjcwXMq%2F%2B%2F8eoz597J4Og2k"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
7f5c050b0de24d32-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
psaugourtauy.com/ 		2 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFxNvXgwRSQG6BYVcB6f7ZtBgjZWFnscabUiMbEGA2Dd9KpunAvwecDUKSa2xsYnpIKmC070iZevgJ%2FA4wwnfxkUyIgw3A5IZqDG6pMrbCyyDq6h29Wqfi5KF0bN2JmWE36k"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7f5c050b1df64d32-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
psaugourtauy.com/sw-check-permissions/ 		0
950 B 		Other
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/sw-check-permissions/4662709?var=5186603&ymid=714350396323409966&uhd=1
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q6NZgIuaEXStWqL6mBxcO6uSWGkPXvOJt72zjGTLu9hJC%2F2nCrMEUdzNedrSWzGYqj1jrm2ZS1JF%2FyZ9SVfsEy8PvK%2FJUez41RQbajWWHMBSGE%2B%2FldnUgosGT7tuEkrExjJ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
7f5c050b5e364d32-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
psaugourtauy.com/ 		0
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5186603&ymid=714350396323409966&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-trace-id
e9af2c6f7e9b86a01af2901b5f1a2b4d
date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuWwuVM6XjpS3g4C5crpYqUTok1NB0Zh5npgHtAqHLjSuJLPg5pNoRJ6gPoSKu3KC7SphYdX3eGVumc3QKYfQ%2F5rVs1b8dv60hMZFC8fphBCvIJh0mdUX12vCOct%2FW9vnwnA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://psaugourtauy.com
access-control-allow-credentials
true
cf-ray
7f5c050b5e384d32-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=714350396323409966&var=5186603
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0fd6841390018a3d013fb2d8073b21aa16ac55b2d166a52c050976ffe7000d66
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psaugourtauy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
psaugourtauy.com/ 		905 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5186603&ymid=714350396323409966&var_3=&var_4=&dsig=&action=settings
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714350396323409966&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d97a0a591725b9ac7488b0fc6d078cfd609d2818463accd11018b49a4572fa4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 22:05:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
eb32f6c992c4369f6cf80db3957359f4
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8kcy%2F3JStAyxcXhJlgC0Rm0lozou2TQMnUWxOxGylHXDHVYO3hiERlMnUQc%2FvIK49Uxw8wm1cSAp5vZiuFt3AlQGhQSiitOEkcCRiS%2F04T0dDxgssy5O5h7hxGLf3YqgQHF"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7f5c050b6e434d32-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
psaugourtauy.com/submenu/4662728/ 		910 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psaugourtauy.com/submenu/4662728/?rhd=1&var=5186603&var3=714350396323409966&oaid=c7edb0f29d38b8260bdfe69a462fc7a4
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714350396323409966&ssk=d1a06e98f942403826aada9f87beb2a2&svar=1691877925&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7f5c050eb9774d32-FRA
content-length
910
content-type
text/html; charset=utf8
date
Sat, 12 Aug 2023 22:05:26 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://qr-captcha.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc%2BIy1RQlCN9OPR3J6CjYX%2B7Z%2BzmpQW5KbMGmvmikfYhnT5d9p%2BQYdof2BdCVf2c1%2BvQ6gabnqqwDlfobFKVRA%2FXMp8Xl7gxalmJ5BdcPGJWDrSrqYRJUl5ZSlathO3rVmP2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
0ea27b399ce84b4da593887c12288c71
Primary Request /
qr-captcha.com/ 		20 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://qr-captcha.com/?t=0&ymid=714350399968260347
Requested by
Host: psaugourtauy.com
URL: https://psaugourtauy.com/submenu/4662728/?rhd=1&var=5186603&var3=714350396323409966&oaid=c7edb0f29d38b8260bdfe69a462fc7a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.167 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 22:05:30 GMT
etag
W/"50f6-188c4485de8"
last-modified
Fri, 16 Jun 2023 12:57:37 GMT
server
nginx
strict-transport-security
max-age=1
vary
Accept-Encoding
x-content-type-options
nosniff
animate.css
qr-captcha.com/Attention_files/ 		0
0
qrcode.js
qr-captcha.com/ 		0
0
new_free.svg
qr-captcha.com/Attention_files/ 		0
0
loading.svg
qr-captcha.com/Attention_files/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Domain
today.empower-online.xyz
URL
https://today.empower-online.xyz/pyes1.png
Domain
today.empower-online.xyz
URL
https://today.empower-online.xyz/p.jpg
Domain
today.empower-online.xyz
URL
https://today.empower-online.xyz/pyes2.png
Domain
today.empower-online.xyz
URL
https://today.empower-online.xyz/rxz.png
Domain
widget.supercounters.com
URL
https://widget.supercounters.com/ssl/online_i.js
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446
Domain
qr-captcha.com
URL
https://qr-captcha.com/Attention_files/animate.css
Domain
qr-captcha.com
URL
https://qr-captcha.com/qrcode.js
Domain
qr-captcha.com
URL
https://qr-captcha.com/Attention_files/new_free.svg
Domain
qr-captcha.com
URL
https://qr-captcha.com/Attention_files/loading.svg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Domain/Path Name / Value
jiforo.com/ Name: PHPSESSID
Value: 335c8564fb6ea050feff490ade09954b
thaudray.com/ Name: OAID
Value: 4c2485336c5742a889c94c2a08ccec31
thaudray.com/ Name: oaidts
Value: 1691877925
my.rtmark.net/ Name: ID
Value: 4c2485336c5742a889c94c2a08ccec31
psaugourtauy.com/ Name: syncedCookie
Value: true
psaugourtauy.com/ Name: OAID
Value: c7edb0f29d38b8260bdfe69a462fc7a4
psaugourtauy.com/ Name: prefetchAd_4662728
Value: true
psaugourtauy.com/ Name: reverse
Value: Y-9IsAj6zi6sfrxcAcDgxDztGslryZaXEndDHg-w2V4
psaugourtauy.com/ Name: oaidts
Value: 1691877926