playcaliber.com Open in urlscan Pro
45.147.162.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://phoroussouthernsou.com/
Effective URL:
https://playcaliber.com/en/
Submission: On August 14 via api (August 14th 2023, 12:37:50 am UTC) from US — Scanned from US

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 15 domains to perform 69 HTTP transactions. The main IP is 45.147.162.80, located in and belongs to . The main domain is playcaliber.com.
TLS certificate: Issued by R3 on July 12th 2023. Valid for: 3 months.

This is the only time playcaliber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:db2b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:b87a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
6	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
17	172.64.203.26 172.64.203.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	142.132.202.215 142.132.202.215	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	68.169.106.41 68.169.106.41	30602 (ISPRIME) (ISPRIME)
1	68.169.106.76 68.169.106.76	30602 (ISPRIME) (ISPRIME)
1 1	34.147.1.177 34.147.1.177	() ()
2 3	45.147.162.80 45.147.162.80	() ()
69	10

1 2606:4700:3037::ac43:db2b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

phoroussouthernsou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b87a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dandauvn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.244 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

dolatiaschan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.203.26 (United States)

ASN13335 (CLOUDFLARENET, US)

psaugourtauy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.132.202.215 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.215.202.132.142.clients.your-server.de

rr.tracker.mobiletracking.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.169.106.41 (United States)

ASN30602 (ISPRIME, US)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.169.106.76 (United States)

ASN30602 (ISPRIME, US)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.1.177 (None, ) 1 redirects

ASN- ()

tr.admachina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.147.162.80 (None, ) 2 redirects

ASN- ()

playcaliber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	psaugourtauy.com psaugourtauy.com	64 KB
6	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11124	3 KB
4	mobiletracking.ru 1 redirects rr.tracker.mobiletracking.ru — Cisco Umbrella Rank: 533411	8 KB
3	playcaliber.com 2 redirects playcaliber.com	1 KB
2	dolatiaschan.com 1 redirects dolatiaschan.com — Cisco Umbrella Rank: 424183	13 KB
1	admachina.com 1 redirects tr.admachina.com	382 B
1	exosrv.com main.exosrv.com — Cisco Umbrella Rank: 231101	613 B
1	exdynsrv.com main.exdynsrv.com — Cisco Umbrella Rank: 212800	615 B
1	exoclick.com main.exoclick.com — Cisco Umbrella Rank: 92725	615 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 36296	469 B
1	dandauvn.com 1 redirects dandauvn.com	624 B
1	phoroussouthernsou.com 1 redirects phoroussouthernsou.com	444 B
0	gcore.lu Failed caliber-website.s-ed1.cloud.gcore.lu Failed
0	googletagmanager.com Failed www.googletagmanager.com Failed
69	15

	Domain	Requested by
17	psaugourtauy.com	psaugourtauy.com
6	my.rtmark.net	dolatiaschan.com psaugourtauy.com rr.tracker.mobiletracking.ru
4	rr.tracker.mobiletracking.ru	1 redirects psaugourtauy.com
3	playcaliber.com	2 redirects rr.tracker.mobiletracking.ru playcaliber.com
2	dolatiaschan.com	1 redirects
1	tr.admachina.com	1 redirects
1	main.exosrv.com	rr.tracker.mobiletracking.ru
1	main.exdynsrv.com	rr.tracker.mobiletracking.ru
1	main.exoclick.com	rr.tracker.mobiletracking.ru
1	www.facebook.com	rr.tracker.mobiletracking.ru
1	datatechone.com	dolatiaschan.com
1	dandauvn.com	1 redirects
1	phoroussouthernsou.com	1 redirects
0	caliber-website.s-ed1.cloud.gcore.lu Failed	playcaliber.com
0	www.googletagmanager.com Failed	playcaliber.com
69	15

This site contains no links.

Subject Issuer	Validity	Valid
dolatiaschan.com R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
psaugourtauy.com E1	`2023-06-16` - `2023-09-14`	3 months	crt.sh
rr.tracker.mobiletracking.ru R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
exoclick.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
exdynsrv.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
exosrv.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
caliber.game R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://playcaliber.com/en/
Frame ID: 55C7C9F7DE7822C324AE5529E1B73BA3
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://phoroussouthernsou.com/ HTTP 301
https://dandauvn.com/link-8 HTTP 302
https://dolatiaschan.com/4/5737255 Page URL
https://dolatiaschan.com/?z=5737255&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z... Page URL
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z... Page URL
https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_c... Page URL
https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_16qh7fu822ea8_16qh7fu822ea864d9775b859c08.07654585&sub_id... HTTP 302
https://tr.admachina.com/click?pid=53&offer_id=3588&l=1657889464&sub5=16qh7fu822ea8&sub2=PropellerAds... HTTP 302
https://playcaliber.com/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_ter... HTTP 302
https://playcaliber.com/en/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_... HTTP 302
https://playcaliber.com/en/ Page URL

Page Statistics

69
Requests

48 %
HTTPS

25 %
IPv6

15
Domains

15
Subdomains

10
IPs

3
Countries

89 kB
Transfer

232 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://phoroussouthernsou.com/ HTTP 301
https://dandauvn.com/link-8 HTTP 302
https://dolatiaschan.com/4/5737255 Page URL
https://dolatiaschan.com/?z=5737255&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322 Page URL
https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_16qh7fu822ea8_16qh7fu822ea864d9775b859c08.07654585&sub_id_10=1600x1200&sub_id_9=iframe_false&sub_id_11=-1000&sub_id_12=Intel%20Iris%20OpenGL%20Engine&sub_id_13=Win32&sub_id_14=4&sub_id_15=8&extra_param_9=0 HTTP 302
https://tr.admachina.com/click?pid=53&offer_id=3588&l=1657889464&sub5=16qh7fu822ea8&sub2=PropellerAds+Sale-4662728 HTTP 302
https://playcaliber.com/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_term=PropellerAds%20Sale-4662728 HTTP 302
https://playcaliber.com/en/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_term=PropellerAds%20Sale-4662728 HTTP 302
https://playcaliber.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://phoroussouthernsou.com/ HTTP 301
https://dandauvn.com/link-8 HTTP 302
https://dolatiaschan.com/4/5737255

Request Chain 3

https://dolatiaschan.com/?z=5737255&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

5737255 Show response
dolatiaschan.com/4/
Redirect Chain

https://phoroussouthernsou.com/
https://dandauvn.com/link-8
https://dolatiaschan.com/4/5737255

27 KB
12 KB

565ms
271ms

Document
text/html

139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dolatiaschan.com/4/5737255
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d5aa1f1a153ea0f0b6a5a2320939fb20d6deab2ec8144dee607feeca6f596c62

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Mon, 14 Aug 2023 00:37:44 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 14e0bf475dad053a3f6beb3541921778

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: BYPASS
cf-ray: 7f6521868cbad9d9-MIA
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 00:37:44 GMT
location: https://dolatiaschan.com/4/5737255
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvhc2tora3QnQ0%2BQ9GHIbFdpmwN7AEr0rB59R7IJozr8J8TYyKiIROTVxFr3HS3wCP%2B6xUOqdp6gVss0Ovrpn%2Fx5UI9W30gEKHtp%2FhBstfnDZaOMwiz5%2B1Y%2B7UaGkVgb8fX0G%2BsD2zLIouk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
x-ratelimit-limit: 100
x-ratelimit-remaining: 100
x-ratelimit-reset: 1691973480

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
469 B 431ms
138ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/5737255
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dolatiaschan.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 14 Aug 2023 00:37:45 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dolatiaschan.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 418ms
137ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=fb22102d2c424f80ab8486b85c613fc2

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/5737255

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolatiaschan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/ Show response
psaugourtauy.com/
Redirect Chain

https://dolatiaschan.com/?z=5737255&syncedCookie=true&rhd=false
https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

38 KB
13 KB

296ms
203ms

Document
text/html

172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 14655653dc89e493fd6116926f033d4dadba6e2615aac312c8d390500c32aac3

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://dolatiaschan.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f65218f284c0981-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 00:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYxXKRivXaSZ3JGXIq%2FAW%2B89Sr6LRQz%2B3PADP3c5yQeB2jHKOvFe1Iqvme88%2BW2vAro8ky59s0D89fRsIaHlq7O5pERbAu1U2tCcjlrn7EhudQYGEWn%2FOWI9782799kLcpFM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://dolatiaschan.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Mon, 14 Aug 2023 00:37:45 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
location: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: c0346ebca8ecc6150ae49e7ab55b532b

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 137ms
136ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=b70b4b4699adde577c49f55c60fbb322

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2ece6426f4605beb13710aed3c1e94b6d833f627f7d04d72e9efd8c5b0361d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 152ms
151ms Script
application/javascript 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bff789be40b8393590ce6ecf50acd90cb3000b36c75a748d64a05db3f4f84f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 00:37:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 11:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64cce3ad-689b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCEQgD02of1VYef2VuLNodP%2FVAL5%2FsWERCg116jVYB%2Bj81g2FPtGyE0umOdhEo0lSoI0zbeHm6Bjd5rJJxIH%2FHfWB3%2Febr9Q7d9GsBQnf1Z0PHZZm4xxrr3KHdZTKTrxgEkc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7f652190aa700981-MIA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 157ms
156ms XHR
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=5737255&var3=714751118038803295&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55181b1d066dbeb4960c3c5c6be5c83f01e23680f6480efecd51637be369b61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: e5f90712086bc78014b6dba7d15d303f
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRIPHqWtb%2FOV8Yt8Ke9rn0zsoJGVd2I4KDTXIrV246nspJ%2Fp4CXTtyp9LwRzSjunnbUWXgFbbjuE6HCbvPkLnh4fMYUj%2BI4Qefk4CiOxoI6fpsk9IOG%2Bu54kF7lZmikZ737H"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f652190ba910981-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
psaugourtauy.com/ 2 B
399 B 151ms
151ms XHR
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbcnU3P5t68BpenpBJ%2Ff%2BPMGlcCuO%2FFJAjQoG%2BoKNsip0KDx%2B8LmBbFS0VY55cfHkeWCDtxrQquaurZJdcHEGO62eoC%2Bhu37il4xqCxJ959LnkGopw3YMOqE2ybHvfJF%2BsQY"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7f652190ba970981-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
945 B 162ms
162ms Other
application/javascript 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=5737255&ymid=714751118038803295&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U70qHP8YON65wQg9d71eADDWq4WnCO4bS7xY6aXeei2Xe15HzN1h7UDkFWjZ%2BnCnaa9%2FOVt6tvWOJ2NyyBeEPTUjaTVdTV9Y6sMt1HzZd%2BFkv7ozbtjC394vQKqD8geI6Z6C"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7f652191ad2a0345-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
520 B 149ms
149ms Ping
text/plain 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5737255&ymid=714751118038803295&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-trace-id: 0264885617421b8c944a717f757f7320
date: Mon, 14 Aug 2023 00:37:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGROMwfTspmX20lZ5giX3bk7BWFNxSUD1a6yWzBYNTBRjBh9%2Bn4SZwRYUJvuJJlM38P31kqiox0QneRxLgHFK06RT%2BlsukuRek9CY8PB66%2BFQz78f%2BUQE2k4QtBsubGSMcY%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7f652191ad300345-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd
psaugourtauy.com/ 3 KB
3 KB 170ms
169ms Fetch
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/rhd?rb=XlCHfasEr5WRxPuwbEyxFWywzTUQmI27W-msz2-TusRLs3-4e14e74xNhiopR9Okb3554h5Eu0tKyY7xPmt1_TDRaBa4iVP2682Snb8jo1BF_rCYHdUzzfwaGG1aRNDCoE07F6gfCDbe21UQ3QxCEe9kmCdGIVR4SPSD1QjTh0yMIJ1gL9gOpQmEk1yD3_qX3R1zGYxMuvmuaQr02UXOP5RToxXSJojpI1gCN5aClLZGvASnKcqn5NA5LkFSM9qUq6JAQ6tV7c103Jxzv_wKiQSsTv2foDlRYsqmSh-Pe2msGF2zkZMvX9hShc1RpA8Ba57j6iRWl_RoZnxn3brgxZP_l1I4dq7Tg_TpKzwZ6cj-bKqi32f8dkGdbNHsGt3iog0N6vw9udEVw0dLtlw6_U3nbpzrCgu2uIlFF-KYHtrhO2M1JA3wxchGnzXWp83YA6LajeWd7G_DD7lwtM8YFLFRECoMv2SqpOk2h0nJ9oY%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D714751118038803295%26ssk%3D64efa5e1c2e8882fefad24a64a38892d%26svar%3D1691973465%26z%3D5737255%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5737255&var3=714751118038803295&ymid=&rhd=1&m=link

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: b92c6e8872cb42e34ee11abae639ee33
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8yB1OrVQvo%2BV%2FnylnM6TPz01MkvBZAZdeUXvrQqEgcCMXK0QBRQRst8MtoH3TmtZZUrogBcylqXeLPVvc54Jav%2BzP%2FJXOvIncgrBBTM0IOkARDFoHAysn7siTiv4eyqrb2W"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f652191cd640345-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 138ms
137ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=714751118038803295&var=5737255

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2ece6426f4605beb13710aed3c1e94b6d833f627f7d04d72e9efd8c5b0361d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
psaugourtauy.com/ 904 B
1 KB 145ms
144ms Fetch
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5737255&ymid=714751118038803295&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 5b5c55e7fa1d8c8bddc7c04ae3324206
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXwMxu%2BmkNEsyGN29svRnyNdb5jkEOYbQzGJj0wCsK%2FLnfLptc7l6A3KNmUvrwt9dswKZFzQHbbp98AyJ2U1PZqalWl7JODGzsHowpG8CbzQVykjTwDGIFaQpNmZgGyLzwDv"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f652191dd750345-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 / Show response
psaugourtauy.com/ 38 KB
13 KB 191ms
191ms Document
text/html 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 6e98f112aa094f4acb22a727c8df19ea30852915b80193313de3acd8127d66d6

Request headers

Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f652192beb50345-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 00:37:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fakxqZ7P52DrfXCIPISxRc6K0I7nch9MsySShn09qIY4dGMnt2HGEovv0lyFc8Z0o2ALTOHf4nSNW8ZLQ2w7Ji2ZhvAQnOqj2ekb%2FnJhECIFiai7BKE1PmBK1U%2BgBmT9sUKw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

GET
H3 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
11 KB 151ms
151ms Script
application/javascript 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bff789be40b8393590ce6ecf50acd90cb3000b36c75a748d64a05db3f4f84f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 00:37:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 11:40:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64cce3ac-689b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqRFzGQX0hUQAgYxotJ0cIUA4lzTGb%2FoypMF1uHq3JUzBrkZZQAb8xwjKvkPxw7UIZvRdFrEvM61OkYO1yWfanI7GlASovy1w8rXMVMLf3rxB%2FKlRpPZojdXOIRz%2F7zcfGO%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7f652194185f0345-MIA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 148ms
147ms XHR
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=5737255&var3=714751118038803295&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebb60e75575a46138afd33eb745f8f836947ad1a104c5d7de44a300bc61adde

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 491aec5afb648c6664dd5119ef1580b1
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP5KPGtrZ1IJjR60aHYOehhGQK3%2ByRccLAOZfAm%2BAsvaGbzmOIQSVbhSbvXxELEoMEWWVYkn4O08hnxW5oDi32cfls7X7ICTATO8seOmQIdCGdfxsiGEDDNnwV7K7%2Bn7XQLG"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f65219418680345-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
psaugourtauy.com/ 2 B
527 B 161ms
161ms XHR
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.24
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRmRRhh2AyYnrDNwv3aL70ngzLx1oXpTeFU13UCdVNTVamZOkftv1gUpcyRh%2BYEogPu0ROMD3NwRz2CmOOFXEMvwWhPf5qunsjwznA%2BCV8dvpjIy8iL3xVs%2Fn%2BwjMpcyrFia"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7f652194287f0345-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
psaugourtauy.com/ 3 KB
3 KB 156ms
156ms Fetch
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/rhd?rb=ssJjkOvEz7z5pakz6cInW6NN9HvS41uJBS2uVoZuXufwtTuXplZj-CyuNEG4jWkj__COGcAB78DmgL2ZEJ0M2Egsw8BEwTD6vuNUbZJhkxSCK7_V3c36xWtyAhDP7VuqM7BGuqJDWF4GVbovwAq6GXpiNsaybjcFA774g_Ay5pbvYrDov0M1mpYQAoNcsbth1d33qRfZu2yZq7Mxzn1AWYzHMi2doyw_-SgqZQixym7bBoIbRxKTOZ7YJvmFZRD122HhI9yamq1e8zpIa1f2vQscngOaJV5JjcZ49ITE507eDTKoTo7-uSVSc16ZRQbv_OF6tFjvTQjNlzPwX5XQ2ZL1GZDx4hzf6gFAFrYRKhOvMHga29hTu5CkV47rDvO2iuDi3EFjjxuCWlzTiKS4Cy8w8LE52rYXTWSSreMso_NbVMvNjP0-qQFHfBya6vRH41r8EzCG4RpzKYjEAXn-qDGEWGOa8hcrw-wNpTkojUQ3yyCr&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D714751118038803295%26ssk%3D64efa5e1c2e8882fefad24a64a38892d%26svar%3D1691973465%26z%3D5737255%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D714751118038803295%26ssk%3D64efa5e1c2e8882fefad24a64a38892d%26svar%3D1691973465%26z%3D5737255%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5737255&var3=714751118038803295&ymid=&rhd=1&m=link

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014739bb531817fcd4df4b5e2999c26fabf8ed0997dde4c9f760d4ffa879aefa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: b98cffd8d6bef319e9085d78e9c40f24
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKhASJ40D7bR51oYhR5NlPqud3WA8%2B1GF5Hrl8gMHAEq5i8fM9yKu1oAFn1gPTyY8Z4fhYVA%2FVwFZ6s8K7zitA6Sr3EWB6ek8ddS5XS7xgE3izIPP55L7Slq5n7rVjikmCTU"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f652195197a0345-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
945 B 351ms
351ms Other
application/javascript 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=5737255&ymid=714751118038803295&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzMF1CIJb2DTVCBhhc5D%2B4JJYGSlglJjce1RJIxt7hpwymllvMJwtoP4uzRb%2B9bJqidt5ZSifeewcPZh9PR%2BFj7NTLLBEEwpRt2NTbbUKx6s4f%2FS8z8Du12iEjXIiteY06xl"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7f65219519810345-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
481 B 175ms
174ms Ping
text/plain 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5737255&ymid=714751118038803295&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-trace-id: d1e058e4649753289b737d1e223ec4bd
date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NC1%2Bo90z%2FbXjl1o%2BLA0AXPmeiTj2IuUcSRRSVmkykSBmXCaMi1a5e3rTSOHjNhhKZGytuRxFepvUt3x8xYGQ8K%2FhWaltU2HCv%2F23Ucds58uXd6laoVszl2eRxjcrCKGrMFq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7f652195197f0345-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 148ms
147ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=714751118038803295&var=5737255

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2ece6426f4605beb13710aed3c1e94b6d833f627f7d04d72e9efd8c5b0361d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
psaugourtauy.com/ 904 B
1 KB 339ms
338ms Fetch
application/json 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=5737255&ymid=714751118038803295&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=714751118038803295&var=5737255&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: fa6a9cf0b8d0fe0ec8d9cc608b5d8992
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT5fFY%2BXhYxEvmGQlE6dcts3NvziKn1H6dIcp2N6GjkS%2BCYehsf8kiJ5q089TUjxycpfhgQU9KnIHcUUJN5OJ3XWYP0rJ73vPnxcXsDrmDLgeAAQ6oz9frweoYJe5QA3WqxJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f65219529940345-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK mdQrHk
rr.tracker.mobiletracking.ru/ 20 KB
7 KB 500ms
165ms Document
text/html 142.132.202.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.202.132.142.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Aug 2023 00:37:47 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

POST
H3 200 cat.php
psaugourtauy.com/ 0
757 B 150ms
149ms Ping
text/plain 172.64.203.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/cat.php?userId=b70b4b4699adde577c49f55c60fbb322&zoneid=4662728&rb=ssJjkOvEz7z5pakz6cInW6NN9HvS41uJBS2uVoZuXufwtTuXplZj-CyuNEG4jWkj__COGcAB78DmgL2ZEJ0M2Egsw8BEwTD6vuNUbZJhkxSCK7_V3c36xWtyAhDP7VuqM7BGuqJDWF4GVbovwAq6GXpiNsaybjcFA774g_Ay5pbvYrDov0M1mpYQAoNcsbth1d33qRfZu2yZq7Mxzn1AWYzHMi2doyw_-SgqZQixym7bBoIbRxKTOZ7YJvmFZRD122HhI9yamq1e8zpIa1f2vQscngOaJV5JjcZ49ITE507eDTKoTo7-uSVSc16ZRQbv_OF6tFjvTQjNlzPwX5XQ2ZL1GZDx4hzf6gFAFrYRKhOvMHga29hTu5CkV47rDvO2iuDi3EFjjxuCWlzTiKS4Cy8w8LE52rYXTWSSreMso_NbVMvNjP0-qQFHfBya6vRH41r8EzCG4RpzKYjEAXn-qDGEWGOa8hcrw-wNpTkojUQ3yyCr&var=5737255&var3=714751118038803295&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.203.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://psaugourtauy.com/?s=714751118038803295&ssk=64efa5e1c2e8882fefad24a64a38892d&svar=1691973465&z=5737255&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Aug 2023 00:37:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 3d57732dfa3a2817cffe8de1093c6497
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBEKBUYs9xT9zBXoD9b0aNFShrkaug8OTL%2BE7eZJDU8yXEH%2BcqQk0HAEYd2e8e2wi%2F%2BogOlLLE0kKB2%2BgVUTg6rjJaiCvNb4q8KomC6dlxqvw9agapD9rgfPV63B4L3rq9a%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f6521994ebf0345-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 login.php
www.facebook.com/ 0
0 303ms
148ms Image
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
615 B 200ms
63ms Image
text/html 68.169.106.41
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 00:37:47 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ 0
615 B 200ms
65ms Image
text/html 68.169.106.76
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.76 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 00:37:47 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H/1.1 200
OK tag.php
main.exosrv.com/ 0
613 B 206ms
64ms Image
text/html 68.169.106.41
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exosrv.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 00:37:47 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 138ms
137ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=9cbf441efd726fdd8cd1822b42e7e39b37c315370d77c165b00b5dc37973247b

Requested by

Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 gid.js
my.rtmark.net/ 65 B
552 B 136ms
136ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:37:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rr.tracker.mobiletracking.ru
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2

200

Primary Request /
playcaliber.com/en/
Redirect Chain

https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_16qh7fu822ea8_16qh7fu822ea864d9775b859c08.07654585&sub_id_10=1600x1200&sub_id_9=iframe_false&sub_id_11=-1000&sub_id_12=Intel%20Iris%20OpenGL%...
https://tr.admachina.com/click?pid=53&offer_id=3588&l=1657889464&sub5=16qh7fu822ea8&sub2=PropellerAds+Sale-4662728
https://playcaliber.com/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_term=PropellerAds%20Sale-4662728
https://playcaliber.com/en/promo/?utm_source=admachina&sub1=10&clickid=64d9775cdac66c0001a3c164&utm_term=PropellerAds%20Sale-4662728
https://playcaliber.com/en/

42 KB
0

595ms
594ms

Document
text/html

45.147.162.80

General

Check archive.org

Show headers Download Go to

Full URL

https://playcaliber.com/en/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.147.162.80 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://webvisor.com https://webvisor.com; report-uri https://sentry.playcaliber.com/api/6/security/?sentry_key=1a22b33b57244af7b36bd36b87a501a1
X-Content-Type-Options	nosniff

Request headers

Referer: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors 'self' http://webvisor.com https://webvisor.com; report-uri https://sentry.playcaliber.com/api/6/security/?sentry_key=1a22b33b57244af7b36bd36b87a501a1
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
date: Mon, 14 Aug 2023 00:37:49 GMT
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding Cookie
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=0, no-cache, no-store, must-revalidate, private
content-language: en
content-length: 0
content-security-policy: frame-ancestors 'self' http://webvisor.com https://webvisor.com; report-uri https://sentry.playcaliber.com/api/6/security/?sentry_key=1a22b33b57244af7b36bd36b87a501a1
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
date: Mon, 14 Aug 2023 00:37:49 GMT
expires: Mon, 14 Aug 2023 00:37:49 GMT
location: /en/
referrer-policy: same-origin
server: nginx
vary: Cookie
x-content-type-options: nosniff

GET
H/1.1 200
OK mdQrHk
rr.tracker.mobiletracking.ru/ 0
251 B 321ms
156ms Image
text/plain 142.132.202.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rr.tracker.mobiletracking.ru/mdQrHk?sub_id=16qh7fu822ea8&_update_tokens=1&extra_param_8=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.202.132.142.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 00:37:47 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK mdQrHk
rr.tracker.mobiletracking.ru/ 0
251 B 345ms
158ms Image
text/plain 142.132.202.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rr.tracker.mobiletracking.ru/mdQrHk?sub_id=16qh7fu822ea8&_update_tokens=1&sub_id_16=fb22102d2c424f80ab8486b85c613fc2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.202.132.142.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/mdQrHk?cost=0.000077&external_id=714751123948573213&creative_id=4662728&ad_campaign_id=6914077&sub_id_1=new%20york&sub_id_2=17668250&sub_id_3=high&sub_id_4=ny&oaid=b70b4b4699adde577c49f55c60fbb322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 00:37:48 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET js
www.googletagmanager.com/gtag/ 0
0

GET caliber_fonts.min.9b7152a62e80.css
playcaliber.com/s/css/ 0
0

GET caliber.min.ea13c0c1f2e9.css
playcaliber.com/s/css/ 0
0

GET magnific_popup.min.2468a6a9625b.css
playcaliber.com/s/css/ 0
0

GET caliber_main.min.b732f2b46dac.css
playcaliber.com/s/css/ 0
0

GET lightslider.min.919d698e9839.css
playcaliber.com/s/css/ 0
0

GET profile_icon.fcf2638dd2bc.png
playcaliber.com/s/img/ 0
0

GET profile_icon_16.f220a48b3048.png
playcaliber.com/s/img/ 0
0

GET BG_Desktop_site_2_9SOGOuB.jpg
caliber-website.s-ed1.cloud.gcore.lu/media/main/2023/07/ 0
0

GET logo_hor_en.616837fd2ec7.svg
playcaliber.com/s/img/main/ 0
0

GET %D0%9E%D0%B1%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0-%D0%BD%D0%B0-%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E-eng.jpg
caliber-website.s-ed1.cloud.gcore.lu/media/main/2021/10/ 0
0

GET screenshot1t.f59672c55601.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET screenshot2t.ef08aec9be50.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET screenshot3t.216610829a57.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET screenshot4t.d9a40dc53e3b.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET screenshot5t.6d667cfc4251.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET screenshot6t.2ec21bddbf5c.jpg
playcaliber.com/s/img/main/screenshots/en/ 0
0

GET BannerEN.jpg
caliber-website.s-ed1.cloud.gcore.lu/media/main/2023/07/ 0
0

GET class_assault.c715157f4575.png
playcaliber.com/s/img/main/ 0
0

GET class_gunner.b277a7251967.png
playcaliber.com/s/img/main/ 0
0

GET class_medic.36a9e29b4779.png
playcaliber.com/s/img/main/ 0
0

GET class_sniper.bd74e52e61d2.png
playcaliber.com/s/img/main/ 0
0

GET feature_1.c43b536556a4.jpg
playcaliber.com/s/img/main/ 0
0

GET feature_2.1b1b5b6a0e7a.jpg
playcaliber.com/s/img/main/ 0
0

GET feature_3.838a1361d3de.jpg
playcaliber.com/s/img/main/ 0
0

GET caliber_footer.min.3c00b629871e.css
playcaliber.com/s/css/ 0
0

GET 1cgs_logo.fcf691e41b34.png
playcaliber.com/s/img/ 0
0

GET jquery-3.5.1.min.dc5e7f18c8d3.js
playcaliber.com/s/js/ 0
0

GET jquery.magnific-popup.min.ba6cf724c8bb.js
playcaliber.com/s/js/ 0
0

GET simplebar.min.bf2b0f78573e.js
playcaliber.com/s/js/ 0
0

GET jquery.marquee.min.074346565f31.js
playcaliber.com/s/js/ 0
0

GET caliber.e6e45af0103d.js
playcaliber.com/s/js/ 0
0

GET js.cookie.min.4f4a6fe90451.js
playcaliber.com/s/js/ 0
0

GET numeral.min.9a47e71ab1b7.js
playcaliber.com/s/js/ 0
0

GET cart.02b40b954741.js
playcaliber.com/s/js/ 0
0

GET lightslider.min.50f50ebefe7e.js
playcaliber.com/s/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4HB8STKEBV

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/caliber_fonts.min.9b7152a62e80.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/caliber.min.ea13c0c1f2e9.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/magnific_popup.min.2468a6a9625b.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/caliber_main.min.b732f2b46dac.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/lightslider.min.919d698e9839.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/profile_icon.fcf2638dd2bc.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/profile_icon_16.f220a48b3048.png

Domain: caliber-website.s-ed1.cloud.gcore.lu
URL: https://caliber-website.s-ed1.cloud.gcore.lu/media/main/2023/07/BG_Desktop_site_2_9SOGOuB.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/logo_hor_en.616837fd2ec7.svg

Domain: caliber-website.s-ed1.cloud.gcore.lu
URL: https://caliber-website.s-ed1.cloud.gcore.lu/media/main/2021/10/%D0%9E%D0%B1%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0-%D0%BD%D0%B0-%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E-eng.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot1t.f59672c55601.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot2t.ef08aec9be50.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot3t.216610829a57.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot4t.d9a40dc53e3b.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot5t.6d667cfc4251.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/screenshots/en/screenshot6t.2ec21bddbf5c.jpg

Domain: caliber-website.s-ed1.cloud.gcore.lu
URL: https://caliber-website.s-ed1.cloud.gcore.lu/media/main/2023/07/BannerEN.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/class_assault.c715157f4575.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/class_gunner.b277a7251967.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/class_medic.36a9e29b4779.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/class_sniper.bd74e52e61d2.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/feature_1.c43b536556a4.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/feature_2.1b1b5b6a0e7a.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/main/feature_3.838a1361d3de.jpg

Domain: playcaliber.com
URL: https://playcaliber.com/s/css/caliber_footer.min.3c00b629871e.css

Domain: playcaliber.com
URL: https://playcaliber.com/s/img/1cgs_logo.fcf691e41b34.png

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/jquery-3.5.1.min.dc5e7f18c8d3.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/jquery.magnific-popup.min.ba6cf724c8bb.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/simplebar.min.bf2b0f78573e.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/jquery.marquee.min.074346565f31.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/caliber.e6e45af0103d.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/js.cookie.min.4f4a6fe90451.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/numeral.min.9a47e71ab1b7.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/cart.02b40b954741.js

Domain: playcaliber.com
URL: https://playcaliber.com/s/js/lightslider.min.50f50ebefe7e.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dolatiaschan.com/	1970-01-20 22:45:09	Name: OAID Value: fb22102d2c424f80ab8486b85c613fc2
dolatiaschan.com/	1970-01-20 22:45:09	Name: oaidts Value: 1691973464
my.rtmark.net/	1970-01-20 22:45:09	Name: ID Value: fb22102d2c424f80ab8486b85c613fc2
dolatiaschan.com/	1970-01-20 14:09:38	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 22:45:09	Name: oaidts Value: 1691973465
psaugourtauy.com/	1970-01-20 23:35:33	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 22:45:09	Name: OAID Value: b70b4b4699adde577c49f55c60fbb322
psaugourtauy.com/	1970-01-20 13:59:33	Name: prefetchAd_4662728 Value: true
psaugourtauy.com/	1970-01-20 13:59:37	Name: reverse Value: CVXasBxvx30XvlLVRSCl9f43s1PtAs8xFNxw-L3JOEU
rr.tracker.mobiletracking.ru/	1970-01-20 14:44:11	Name: _subid Value: 16qh7fu822ea8
rr.tracker.mobiletracking.ru/	1970-01-20 23:35:33	Name: 4604d Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU4NzRcIjoxNjkxOTczNDY3fSxcImNhbXBhaWduc1wiOntcIjM0MjRcIjoxNjkxOTczNDY3fSxcInRpbWVcIjoxNjkxOTczNDY3fSJ9.hOAwjDtVKvHEvf0tiFbp3P2FwO0iIQP1MLYd_aWLywM
rr.tracker.mobiletracking.ru/	1970-01-20 14:44:11	Name: _token Value: uuid_16qh7fu822ea8_16qh7fu822ea864d9775b859c08.07654585
.exoclick.com/	1970-01-20 22:45:09	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-08-13%22%3B%7D%7D
.exdynsrv.com/	1970-01-20 22:45:09	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-08-13%22%3B%7D%7D
.exosrv.com/	1970-01-20 22:45:09	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-08-13%22%3B%7D%7D
tr.admachina.com/	1970-01-20 22:45:09	Name: afclick Value: 64d9775cdac66c0001a3c164
tr.admachina.com/	1970-01-20 22:45:09	Name: afoffers Value: {"3588":1691973468}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

caliber-website.s-ed1.cloud.gcore.lu
dandauvn.com
datatechone.com
dolatiaschan.com
main.exdynsrv.com
main.exoclick.com
main.exosrv.com
my.rtmark.net
phoroussouthernsou.com
playcaliber.com
psaugourtauy.com
rr.tracker.mobiletracking.ru
tr.admachina.com
www.facebook.com
www.googletagmanager.com
caliber-website.s-ed1.cloud.gcore.lu
playcaliber.com
www.googletagmanager.com
139.45.195.253
139.45.195.8
139.45.197.244
142.132.202.215
172.64.203.26
2606:4700:3033::ac43:b87a
2606:4700:3037::ac43:db2b
2a03:2880:f112:182:face:b00c:0:25de
34.147.1.177
45.147.162.80
68.169.106.41
68.169.106.76
014739bb531817fcd4df4b5e2999c26fabf8ed0997dde4c9f760d4ffa879aefa
14655653dc89e493fd6116926f033d4dadba6e2615aac312c8d390500c32aac3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ece6426f4605beb13710aed3c1e94b6d833f627f7d04d72e9efd8c5b0361d43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55181b1d066dbeb4960c3c5c6be5c83f01e23680f6480efecd51637be369b61d
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
6e98f112aa094f4acb22a727c8df19ea30852915b80193313de3acd8127d66d6
8bff789be40b8393590ce6ecf50acd90cb3000b36c75a748d64a05db3f4f84f6
cebb60e75575a46138afd33eb745f8f836947ad1a104c5d7de44a300bc61adde
d5aa1f1a153ea0f0b6a5a2320939fb20d6deab2ec8144dee607feeca6f596c62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

playcaliber.com Open in urlscan Pro 45.147.162.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

69 Requests

48 %HTTPS

25 %IPv6

15 Domains

15 Subdomains

10 IPs

3 Countries

89 kBTransfer

232 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

playcaliber.com Open in urlscan Pro
45.147.162.80 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

48 %
HTTPS

25 %
IPv6

15
Domains

15
Subdomains

10
IPs

3
Countries

89 kB
Transfer

232 kB
Size

17
Cookies

69 HTTP transactions
2 data transactions