mallowzama.online Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Submitted URL: https://t.co/sbTQEQmnuC
Effective URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source...
Submission: On November 05 via manual from GB — Scanned from GB

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mallowzama.online.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time mallowzama.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 172.66.0.227 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 23 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
27 4
Apex Domain
Subdomains
Transfer
22 mallowzama.online
mallowzama.online
2 MB
4 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 157217
event.trk-consulatu.com — Cisco Umbrella Rank: 275323
4 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
429 KB
1 red1rectback.com
www.red1rectback.com
1 KB
1 woularch.com
www.woularch.com
960 B
1 t.co
t.co — Cisco Umbrella Rank: 859
863 B
27 6
Domain Requested by
22 mallowzama.online 1 redirects t.co
mallowzama.online
3 event.trk-consulatu.com trk-consulatu.com
1 trk-consulatu.com mallowzama.online
1 use.fontawesome.com mallowzama.online
1 www.red1rectback.com 1 redirects
1 www.woularch.com 1 redirects
1 t.co
27 7

This site contains no links.

Subject Issuer Validity Valid
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
mallowzama.online
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
use.fontawesome.com
WE1
2024-09-09 -
2024-12-09
3 months crt.sh
trk-consulatu.com
WE1
2024-10-16 -
2025-01-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Frame ID: 2169576AC1DCFA8B0C813B3BB61B59A5
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

RAC - Survey Rewards

Page URL History Show full URLs

  1. https://t.co/sbTQEQmnuC Page URL
  2. https://www.woularch.com/25XHKMPK/7D7TTFDS/?sub1=620_07&sub2=02&sub3=04_11_01 HTTP 302
    https://www.red1rectback.com/2W1Q1KK/2DPZMZTW/?sub1=2530bb9ae0e94237901292fb73b9e00c&source_id=20320&sub5... HTTP 302
    https://mallowzama.online/oqtSGEYH0ZhZR3UL0DNwXr66Z/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292... HTTP 302
    http://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub... HTTP 307
    https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

27
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

4
IPs

1
Countries

2497 kB
Transfer

4375 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/sbTQEQmnuC Page URL
  2. https://www.woularch.com/25XHKMPK/7D7TTFDS/?sub1=620_07&sub2=02&sub3=04_11_01 HTTP 302
    https://www.red1rectback.com/2W1Q1KK/2DPZMZTW/?sub1=2530bb9ae0e94237901292fb73b9e00c&source_id=20320&sub5=101195 HTTP 302
    https://mallowzama.online/oqtSGEYH0ZhZR3UL0DNwXr66Z/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com HTTP 302
    http://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com HTTP 307
    https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sbTQEQmnuC
t.co/
404 B
863 B
Document
General
Full URL
https://t.co/sbTQEQmnuC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private,max-age=300
cf-cache-status
DYNAMIC
cf-ray
8ddbe88ea9d46371-LHR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 09:45:00 GMT
expires
Tue, 05 Nov 2024 09:50:00 GMT
perf
7402827104
server
cloudflare tsa_f
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ba67cb49b49b9221e8736d6236379ffcca0083bef485c9d13d0133c4238ecbe7
x-response-time
121
x-transaction-id
d66294630480c7c7
x-xss-protection
0
Primary Request /
mallowzama.online/
Redirect Chain
  • https://www.woularch.com/25XHKMPK/7D7TTFDS/?sub1=620_07&sub2=02&sub3=04_11_01
  • https://www.red1rectback.com/2W1Q1KK/2DPZMZTW/?sub1=2530bb9ae0e94237901292fb73b9e00c&source_id=20320&sub5=101195
  • https://mallowzama.online/oqtSGEYH0ZhZR3UL0DNwXr66Z/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&doma...
  • http://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
  • https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
28 KB
5 KB
Document
General
Full URL
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Requested by
Host: t.co
URL: https://t.co/sbTQEQmnuC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26cca18f04e54da46d2c56bc74db2c3824fa3bf8a07d014e000e0e6d81d347a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://t.co/sbTQEQmnuC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8ddbe8987f9e63c0-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Nov 2024 09:45:01 GMT
expires
Tue, 05 Nov 2024 17:45:39 GMT
last-modified
Fri, 25 Oct 2024 05:34:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyFAiYq7BVDtSm8htcG7gmO6je9AG2VkSEXV%2Fd0LDOZmCtlB5jWbzcDmgGu%2Bf%2BFN5OVo%2FtMxC0Lrzeh0NIoypaFeArLiGBapyK0UeYTZ9UxEZXQy5NWnseRoW0cvEpmbluVa1VqwQMsQ4U4vt8K8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=35301&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5300&recv_bytes=5201&delivery_rate=532&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=502&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Non-Authoritative-Reason
HSTS
style.css
mallowzama.online/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://mallowzama.online/css/style.css
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ad96b74d962eb5735006f415a00d26e5be5989871a5a99446b4bf8c15f019e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"671b2df5-3ee2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcU4SEm5HIaB2lf1uYBVM3c5%2BIkInqlbdzBzaWZFPuAvKD8FgqLYP%2BTGMBCUIQ%2FrdleRc2HTcvKlRjZYXIDscUzZsm6BM8ylLxYhFepzlgJcwoJQ0C7IjqXDMrAstr0QgoU%2BRRK3cPRNwvpbL92%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33924&sent=21&recv=21&lost=0&retrans=0&sent_bytes=10598&recv_bytes=7731&delivery_rate=33052&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=741&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:01 GMT
content-type
text/css
last-modified
Fri, 25 Oct 2024 05:34:45 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89a1a1163c0-LHR
permissions-policy
interest-cohort=()
server
cloudflare
animate.min.css
mallowzama.online/css/
70 KB
6 KB
Stylesheet
General
Full URL
https://mallowzama.online/css/animate.min.css
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"671b2df4-11846"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTUHpb%2FGH%2FTVRrFl%2B3WNeJU4i%2Fkjl8y06cDdb2x%2BvJ%2F3cwUUfbF2xEGBZWm5MzbMwWPdrGl5C6FC40lGdcNHWvlTMmSI%2FZiuUWgjCOXqa%2F4GJY%2BWiP6odpAG0Dfb7GjPSzf2Wg2T6U%2BI011XxsRCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35502&sent=29&recv=27&lost=0&retrans=0&sent_bytes=17346&recv_bytes=7993&delivery_rate=76244&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1063&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
text/css
last-modified
Fri, 25 Oct 2024 05:34:44 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89a1a1963c0-LHR
permissions-policy
interest-cohort=()
server
cloudflare
all.js
use.fontawesome.com/releases/v5.15.4/js/
1 MB
429 KB
Script
General
Full URL
https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mallowzama.online
Referer
https://mallowzama.online/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5e29440867fdb02a48dffded02338c31"
age
994125
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TM6%2FHOPE6yc9%2BqV4JrTcF33oenyHKan9KgHLDhVGAOMMWfxranNDwTOtC4umVrBV2khsG8bAxXk8SnH5yEngWm4nU%2FtJpfwi0vi8euPn6tTcu69eyTjOV9qIr6twgm2KS22HFbv1ahygof8wdiMP7j4o"}],"group":"cf-nel","max_age":604800}
expires
Wed, 05 Nov 2025 15:33:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=4946&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2242&delivery_rate=1111413&cwnd=254&unsent_bytes=0&cid=c2ba695ef5cf7e34&ts=94&x=0"
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
application/javascript
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
vary
Origin, Accept-Encoding
cache-control
public, max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89f4bb79478-LHR
access-control-allow-origin
*
server
cloudflare
datehead.js
mallowzama.online/js/
2 KB
2 KB
Script
General
Full URL
https://mallowzama.online/js/datehead.js
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"671b2df2-999"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxAY4OqU2TyCL8oQpUWPoLo%2BmQBbq5ibX4Bz13p%2B6ymI62n5qyjy255k%2BZtsc9yvt054sF6HDZtU5NGF5%2BTRvVEHvQCqIWOQRm%2F1oKZ61YONawUfAJriRzfpF9DoScLmcxtwNjbufyZd7u5NhUj8Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33924&sent=22&recv=21&lost=0&retrans=0&sent_bytes=11362&recv_bytes=7731&delivery_rate=33052&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=746&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:01 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 05:34:42 GMT
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89a1a1c63c0-LHR
permissions-policy
interest-cohort=()
server
cloudflare
logo.png
mallowzama.online/images/
10 KB
10 KB
Image
General
Full URL
https://mallowzama.online/images/logo.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff69860c9620303eed4896fd74a5e6235eb9de8364ef5984eb4474bed35b833b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfa-268d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjN4KTUA90TMH7URUjL6rjzASXe0ZqHg4TorEMt502k%2FFiTGXC42Y8pM13ccTVg6OuYatAAx2zY5Rb7WngFrnAWifdIYNSe4tARG8XRY%2F%2Bf0QlZ%2B6zD%2B%2BY9oLxrA1WXdrDGqd3rYs3mK0y6yflgAFA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34152&sent=24&recv=22&lost=0&retrans=0&sent_bytes=12961&recv_bytes=7774&delivery_rate=54701&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=800&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:50 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89a1a2463c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
9869
server
cloudflare
flaglogo.png
mallowzama.online/images/
4 KB
5 KB
Image
General
Full URL
https://mallowzama.online/images/flaglogo.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7efe3233a8511d2101e189628413af3f29eaa8ac39bb75dcff1c9ccaa18905c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfe-f7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BCV38ntnyDL5F0JINdif%2FzldlahlQmQzQ4SCS4coegVwbDw8LH8zDF%2BMeiVkEHIhnjjcwqBeQHuUbsw2gL75nN8LZctXisXTNTMzx88WEosCGkyteu6X1jmn9Huyw7hijRHcqCbQ8jxkqMqo1ZPxA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35502&sent=42&recv=27&lost=0&retrans=0&sent_bytes=29346&recv_bytes=7993&delivery_rate=76244&cwnd=12000&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1078&x=1", cfExtPri, cfHdrFlush;dur=16
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:54 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89a1a2663c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
3964
server
cloudflare
product.png
mallowzama.online/images/
1 MB
0
Image
General
Full URL
https://mallowzama.online/images/product.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df9-11e30b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLDxPAdw84l%2B54J26pJbNmcFngq3UfIxToDh6KdBw4S6VA7cfZEczS1nWRhpC9ERiHmdlPoYTQk0ghxQSALlXgu3ywVYEJSsI2H0B7gVgFKI30Kbh3SL6c6tyjyOWcpYjzR6ZAXRo4LNx%2Bq%2F5snvYA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37796&sent=65&recv=59&lost=0&retrans=0&sent_bytes=52882&recv_bytes=16089&delivery_rate=229962&cwnd=22800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1491&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:49 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae8163c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1172235
server
cloudflare
loadingBL.gif
mallowzama.online/images/
122 KB
122 KB
Image
General
Full URL
https://mallowzama.online/images/loadingBL.gif
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df8-1e6f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGT36jtcJ1NFBy%2FX0B6WncfGNNFNq6acU5FnFJrT0cPVaQZGDUQRuGNYNrrX8Q18H631mkQP0XM1A1t8Dfx0zehrRyroQy5TLgK6wGjhT4dRYOJ14MeTzrLHszaI6SyLi9vjbyxlkyFVzBqnJsauyA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43708&sent=51&recv=53&lost=0&retrans=0&sent_bytes=38658&recv_bytes=15830&delivery_rate=19457&cwnd=22800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1313&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/gif
last-modified
Fri, 25 Oct 2024 05:34:48 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae8363c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
124659
server
cloudflare
prize1.png
mallowzama.online/images/
1 MB
1 MB
Image
General
Full URL
https://mallowzama.online/images/prize1.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0acefaab37732f6979096afcc259d00ed81235bab3b723e592db986a98d1b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df8-11e319"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvpBzB4uuPj%2BxxRhbDfi7H2P1Fy%2BbP9y17gWSwDitlAhF%2BKKihhgVqEeWzKB0FgA%2FdEtkA3rJB9ZXNT%2FGM2KPdoJZHiE1CA1aagm9beGWOAzWvLE61RCl5enRXSSvRQGrmLuKLiLM9kBCVFB%2BRCYYw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32245&sent=363&recv=100&lost=0&retrans=0&sent_bytes=396483&recv_bytes=18369&delivery_rate=1669826&cwnd=106800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1977&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:48 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae8863c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1172249
server
cloudflare
1.jpg
mallowzama.online/images/
44 KB
45 KB
Image
General
Full URL
https://mallowzama.online/images/1.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49daeee75a844be2792d54e31e60eb3a37d1b97f16f9d9fbca9cc676c7ec0cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfd-b0ff"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3xv45tUdi4I4g5BLG%2B4xhVBQYB%2FCecW2j1KvYdZfN%2FbpxNipzsxFy49RpqgIs7rmkJBfJMp1G5PkPizPVoEyBBARkql%2BiEmZEG3pFXGK0xPmqQTkUi7l%2BdaFyVXVUIh3J25%2FGWkF9bAS%2BvnQVemKg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43708&sent=52&recv=53&lost=0&retrans=0&sent_bytes=39415&recv_bytes=15830&delivery_rate=19457&cwnd=22800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1329&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:53 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae8e63c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
45311
server
cloudflare
2.jpg
mallowzama.online/images/
37 KB
37 KB
Image
General
Full URL
https://mallowzama.online/images/2.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f08b72a8979b3faed73629ede662e40c80f4d22b6d9b807368d02387e82b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfc-9250"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lU49xjuaA%2FEXuiHwt%2Bn%2BlxU3tPVWBtUr9Q5rtMFINX%2Bb0FeTkAR03TILfDOkP%2FYHzQs%2Bf2J8sYWQsXEJwlxrBctKWqmWqV2sphYz%2BuE0RSZPDqxJayKyPHZ%2FR1%2FCEt9fYEW6D1EuszSyNH9OGDCRDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32245&sent=291&recv=100&lost=0&retrans=0&sent_bytes=311900&recv_bytes=18369&delivery_rate=1669826&cwnd=106800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1966&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:52 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae9163c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
37456
server
cloudflare
comm_pic_1.jpg
mallowzama.online/images/
117 KB
118 KB
Image
General
Full URL
https://mallowzama.online/images/comm_pic_1.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624a7a5d76af17f419dc83d2d76da7169984a8c0aab3e6dcca44d65f1a3bda9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfd-1d326"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auvqd4NUBvc16vS8jG44kt130R45a%2BCy6sUCHaRxj%2BUTqFGLVT%2FAE0ClKuXGrDmGlt11HNhtkQbEkx2Atdv5HW0ao6x2WjGeUbUf2e%2BADlD7egl%2BCo01LP1ngQv53Kw2ZlbJo3G2W2GhoC3iYgy4Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38075&sent=111&recv=72&lost=0&retrans=0&sent_bytes=103734&recv_bytes=16664&delivery_rate=26200&cwnd=26400&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1652&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:53 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae9763c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
119590
server
cloudflare
3.jpg
mallowzama.online/images/
43 KB
43 KB
Image
General
Full URL
https://mallowzama.online/images/3.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e5d12238df11751984a474ffc6e3120985605e4070d4db757995a36abdb7f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfc-aa40"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4W7wK55ElXVfSBUObxIJseGcoIAnVgKPIMy%2BDVSYKBODvr1qjMtKG5n3k1msnI7ylWF2%2Fjf10mv9GRMMYyAFKemo%2Brhd%2F6NXRLpHQYa6F7yE6%2FUk3MIDTFRPEEdnf2YjQ7mPdzA%2BcFk4he4qVwM%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32245&sent=325&recv=100&lost=0&retrans=0&sent_bytes=351185&recv_bytes=18369&delivery_rate=1669826&cwnd=106800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1972&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:52 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae9963c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
43584
server
cloudflare
4.jpg
mallowzama.online/images/
29 KB
29 KB
Image
General
Full URL
https://mallowzama.online/images/4.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62dcdb3449970f612971eb8e27a20fc132fa439ebfafae9d1e969c70359ab32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df9-723f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9%2FR0eo3DuK%2B9jE%2FTKSV%2FCL41DQZFgHYExyKkSGOPnRYrBb0DRkX%2BxLKQXTuPpb5Fr4Wy91Hk9tauUfJspvJfqIY8TaYGwWRc20dTJHOL7GV0344%2FmX4owZ31kY3Vfw8nIjGJf4xF9MZGCcfFdaO8g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36490&sent=797&recv=155&lost=5&retrans=6&sent_bytes=901995&recv_bytes=20890&delivery_rate=550054&cwnd=108360&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=2926&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:04 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:49 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae9a63c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
29247
server
cloudflare
comm_pic_2.jpg
mallowzama.online/images/
101 KB
102 KB
Image
General
Full URL
https://mallowzama.online/images/comm_pic_2.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fceb0d068af15a9a7f7e1164b97f543a1755fcadfe95ca71dea2eb8dbd07be1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2e01-19383"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmZqNOdlayGUZ4wRvbLK67jYqxJ5pzbX%2FCbZ5ev83KJaPIS2xdO0qf1OuE0t47qofGkeKLmQ%2FLit2mt1%2BgSRmxwyZcoXKUELT0YvvgY9f9OLF2borUZLG7WBCCL56eWrp8LrYlw5%2B0r0FqhBfsorFA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32245&sent=304&recv=100&lost=0&retrans=0&sent_bytes=326731&recv_bytes=18369&delivery_rate=1669826&cwnd=106800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1969&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:57 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae9e63c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
103299
server
cloudflare
5.jpg
mallowzama.online/images/
60 KB
60 KB
Image
General
Full URL
https://mallowzama.online/images/5.jpg
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd5297abee4b6b5ba2a06d2e654c9daa71ec632de8de03a8eec76ce7bfb603d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df7-ee66"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf3R4yc9GwkPvCuKyOJ1UHOT3dPUd1svn2STzEQwrYsWUOckqI2RGCGGVeyvGherF9mSLx4WCfBZal9KtUusMOQUySvsaKv8WncE25apEQcoHE266ZSyjhulyrAnIy%2BnQIGZqpFDnPxHn8RbX3IJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32245&sent=303&recv=100&lost=0&retrans=0&sent_bytes=325970&recv_bytes=18369&delivery_rate=1669826&cwnd=106800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1969&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:34:47 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89daea263c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
61030
server
cloudflare
f_guarantee.png
mallowzama.online/images/
6 KB
7 KB
Image
General
Full URL
https://mallowzama.online/images/f_guarantee.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2df7-18d0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrgNHX8fdEhO4prKIODjMv39Xli6ctem6SKrGsHJb4l1ZFfa%2BIMHVHS8qINZH7J71tNz4RLxhpGUtpFf%2BA%2BgXQqDOCrRhtaEu0RaXRctg33tyDyKShIqdREw%2F%2Bay%2B%2BGymYZzBZAxSPQLhUh70k3zvg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44988&sent=750&recv=147&lost=5&retrans=6&sent_bytes=846719&recv_bytes=20535&delivery_rate=2646230&cwnd=108360&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=2776&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:47 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89daea563c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
6352
server
cloudflare
f_secure_1.png
mallowzama.online/images/
10 KB
10 KB
Image
General
Full URL
https://mallowzama.online/images/f_secure_1.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfb-2686"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5uRYm%2Fwkl3IGg4Cp44JzXksxaKnF0Sj31ZWbwcVviqa1gURizXP434pClbkfH8JbDCEYAXslfYUWDnITLWD%2BR5AFXGGTwlll%2BiNS6q8OVhdz6QGJSfTButCiW3DW2m%2BfI0TGVgeYfgqA17Lw0BOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44988&sent=687&recv=147&lost=5&retrans=6&sent_bytes=773336&recv_bytes=20535&delivery_rate=2646230&cwnd=108360&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=2764&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:51 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89daea663c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
9862
server
cloudflare
logo2.png
mallowzama.online/images/
9 KB
9 KB
Image
General
Full URL
https://mallowzama.online/images/logo2.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd4752d6984d393fdc5367f7e9de201e13d6529977b8856bee14d92ce7127ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

cf-cache-status
DYNAMIC
etag
"671b2dfa-22a2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76Tl0GWxsc8RPNE%2B%2BJj6yxZyuIQum5g2cIghYGEYRXMP2HWKqzPXA0hl27LhefNMUIqp4DQjyw4C%2Ful3JQTy8xIqpkkDKP1MRYnmVW8ub37NU7z5zjqynmHQNa6mKVP5AQXrKkk5TliZ55jT9tky9g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43708&sent=53&recv=53&lost=0&retrans=0&sent_bytes=40180&recv_bytes=15830&delivery_rate=19457&cwnd=22800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1333&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:50 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89daea763c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
8866
server
cloudflare
script.js
mallowzama.online/js/
10 KB
3 KB
Script
General
Full URL
https://mallowzama.online/js/script.js
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062986fbe6c922fbc3e7993bcd582d96c58eb1132d19058a0b2e2cb5a53a9a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"671b2df3-2842"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCMgSXltOVc8sBqYioz4zoFBlBK%2FSsbH097rF3ZW7BePyPXLhCqAOQNbpZSSyOKtPKRSQBySiitEkzPXfaM4t9s8f73kgA7Cm8%2B5qlsAdIIBCtA%2BPA8zHz%2FQEk%2F21KjDvMwPV2UfN76tgDE2wh0fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37796&sent=62&recv=59&lost=0&retrans=0&sent_bytes=50011&recv_bytes=16089&delivery_rate=229962&cwnd=22800&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=1481&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 05:34:43 GMT
priority
u=2,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89dae8c63c0-LHR
permissions-policy
interest-cohort=()
server
cloudflare
bg.png
mallowzama.online/images/
300 KB
301 KB
Image
General
Full URL
https://mallowzama.online/images/bg.png
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801a107aba7446bde1e48d63a2b066014a1a310cb2d9d884545d77ff6e89a31f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/css/style.css

Response headers

cf-cache-status
DYNAMIC
etag
"671b2e00-4af06"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ourn2XI85ogE1tnGex5DpeE4ktjQL73Rv8dUpiPejVm3I3Szbr4FGzdUe7B6cRMgzqSSAZPD%2BqFPPAF5vX9%2Fy9uPtulR5n5Dkssza93WNZWfRm4vt%2Bd2F7SI7l5ee7qowHZUgwAmFvvZYH210n5klw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 17:45:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44988&sent=697&recv=147&lost=5&retrans=6&sent_bytes=784193&recv_bytes=20535&delivery_rate=2646230&cwnd=108360&unsent_bytes=0&cid=fe8c0a57dfb4a2d9&ts=2767&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:03 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:34:56 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddbe89daeaa63c0-LHR
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
306950
server
cloudflare
64d5p99gj0
trk-consulatu.com/scripts/push/script/
8 KB
4 KB
Script
General
Full URL
https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=mallowzama.online
Requested by
Host: mallowzama.online
URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668ede796290bf07168d2a1bd1a2bb204c0309168b461cb56d20a06b20926e67
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mallowzama.online/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
3352
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgA95xFacAE6%2BuzkWa%2BY9DOq4vi6n1Y%2BX7SHAE9G%2FFaeLj%2Fa%2BqwBPl5szOx%2FNFXPDlO8DiQmMBrjLvpJrzua6OY2eCV3gxiLBGtr%2FNx%2FE8lTmRpMwK83IH5PgJBKk3oXbVlzkWZhNPKrFKN52DzNvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30275&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4207&delivery_rate=98412&cwnd=12000&unsent_bytes=0&cid=1566df37398aac99&ts=54&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:02 GMT
content-type
application/javascript;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Tue, 05 Nov 2024 08:49:10 GMT
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ddbe8a10ebdcdb2-LHR
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
content-length
2519
x-xss-protection
1; mode=block
server
cloudflare
q5ej23ryg0
event.trk-consulatu.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-consulatu.com/register/event_log/q5ej23ryg0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mallowzama.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ddbe8ac6dc6cd70-LHR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 05 Nov 2024 09:45:04 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfoZFbdnjLLRZb87cstA9Uakx8YiByfqKe%2FxdCM6cP9ROQY7dVdgNjoqEKFaq7WIEb9EakRsu2x8bG4HLRYpywVT0pliVYLvSMZwzNcQVjwj1TAbZ7vlPhMHWhroAqUBwJ12FiGi5ohfSAbBEQzzGkgDydht5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31438&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4385&delivery_rate=475&cwnd=12000&unsent_bytes=0&cid=ac3cf91f17dea086&ts=156&x=1" cfHdrFlush;dur=0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
q5ej23ryg0
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/q5ej23ryg0
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=mallowzama.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://mallowzama.online/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdcFxZffR9NYbF5pdmc0L%2FD56aZ53SBCnEY6tBUe6T%2BPwCvKZopSHQnHidq8wZUmInYzerIoOT3vJG9K07%2FFOOgSt78wdqFrutipHNIdvheEf1IBrOVfmUHOr%2F%2FtC5lDks%2BQAxxOV47FpAIj02eEccxSHpD1Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31480&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5427&recv_bytes=4928&delivery_rate=39464&cwnd=12000&unsent_bytes=0&cid=ac3cf91f17dea086&ts=293&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:04 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ddbe8ad5f25cd70-LHR
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
q5ej23ryg0
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/q5ej23ryg0
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=mallowzama.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://mallowzama.online/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1ARN9tGFN35LZHmQgnPGKnvVfk%2Furr6lh24Yj3zRUNtagokKsXCcK0s7rzKrIbtWo3X9jkmgKirb1nOz9tZdqAJ%2FdiMwTPJOhGR2HxdNwfQox91vRduE9cchnl7gpjard2Algh2LnMoQrjapVHEgLwsw9Mi2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31225&sent=17&recv=16&lost=0&retrans=0&sent_bytes=6720&recv_bytes=5504&delivery_rate=9711&cwnd=12000&unsent_bytes=0&cid=ac3cf91f17dea086&ts=1425&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 09:45:06 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ddbe8b47834cd70-LHR
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| datehax function| datenhax function| datenhay function| startTimer object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes

7 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 3bcc41ef-829c-496f-b610-e55660d5b728
.t.co/ Name: __cf_bm
Value: PWjTs82zdFZRg7kDKMwLWJobWTzUl6WDBDz5I9TYTkM-1730799900-1.0.1.1-pvjllAIxSkSMuusNp9WG_HztJ3xCh0nmYcFq2YGPbxk3JZlxl.uTjjbswF.XhYAdtRRcYw995IPg3JQA1WkhjQ
www.woularch.com/ Name: uniqueClick_7D7TTFDS
Value: 53ddead2-93fb-4fa5-933c-fca621cffaae:1730799900
www.woularch.com/ Name: transaction_id
Value: 2530bb9ae0e94237901292fb73b9e00c
www.red1rectback.com/ Name: uniqueClick_2DPZMZTW
Value: 79c2f64f-756d-4d63-93ad-82132a938f41:1730799901
www.red1rectback.com/ Name: transaction_id
Value: b8076e538db14843ad6def7efa0d27ef
mallowzama.online/ Name: SESSIONIDS
Value: oqtSGEYH0ZhZR3UL0DNwXr66Z

1 Console Messages

Source Level URL
Text
other error URL: https://mallowzama.online/?encoded_value=223GDT1&sub1=2530bb9ae0e94237901292fb73b9e00c&sub2=&sub3=&sub4=&sub5=22441&source_id=20320&ip=2a00%3A2381%3A5374%3A1b%3A%3A99&domain=www.red1rectback.com
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
mallowzama.online
t.co
trk-consulatu.com
use.fontawesome.com
www.red1rectback.com
www.woularch.com
172.66.0.227
2606:4700:3034::6815:4327
2606:4700:3037::ac43:8ef5
2606:4700:3037::ac43:c378
2a06:98c1:3120::3
2a06:98c1:3121::3
062986fbe6c922fbc3e7993bcd582d96c58eb1132d19058a0b2e2cb5a53a9a51
37e5d12238df11751984a474ffc6e3120985605e4070d4db757995a36abdb7f7
37f08b72a8979b3faed73629ede662e40c80f4d22b6d9b807368d02387e82b2b
49daeee75a844be2792d54e31e60eb3a37d1b97f16f9d9fbca9cc676c7ec0cfd
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
624a7a5d76af17f419dc83d2d76da7169984a8c0aab3e6dcca44d65f1a3bda9c
668ede796290bf07168d2a1bd1a2bb204c0309168b461cb56d20a06b20926e67
7efe3233a8511d2101e189628413af3f29eaa8ac39bb75dcff1c9ccaa18905c8
801a107aba7446bde1e48d63a2b066014a1a310cb2d9d884545d77ff6e89a31f
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
a26cca18f04e54da46d2c56bc74db2c3824fa3bf8a07d014e000e0e6d81d347a
acd5297abee4b6b5ba2a06d2e654c9daa71ec632de8de03a8eec76ce7bfb603d
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0acefaab37732f6979096afcc259d00ed81235bab3b723e592db986a98d1b75
c6ad96b74d962eb5735006f415a00d26e5be5989871a5a99446b4bf8c15f019e
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d62dcdb3449970f612971eb8e27a20fc132fa439ebfafae9d1e969c70359ab32
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
fcd4752d6984d393fdc5367f7e9de201e13d6529977b8856bee14d92ce7127ec
fceb0d068af15a9a7f7e1164b97f543a1755fcadfe95ca71dea2eb8dbd07be1d
ff69860c9620303eed4896fd74a5e6235eb9de8364ef5984eb4474bed35b833b