kauwouraig.com Open in urlscan Pro
172.67.205.44 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba...
Submission: On October 12 via api (October 12th 2024, 8:43:33 am UTC) from CA — Scanned from CA

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 172.67.205.44, located in United States and belongs to CLOUDFLARENET, US. The main domain is kauwouraig.com.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.

This is the only time kauwouraig.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
21	172.67.205.44 172.67.205.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.244 104.18.10.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	88.214.195.101 88.214.195.101	46636 (NATCOWEB) (NATCOWEB)
1	88.214.195.112 88.214.195.112	46636 (NATCOWEB) (NATCOWEB)
26	4

21 172.67.205.44 (United States)

ASN13335 (CLOUDFLARENET, US)

kauwouraig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.kauwouraig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.244 (None, )

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.195.101 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

track-us.r2drtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.195.112 (United Kingdom)

ASN46636 (NATCOWEB, US)

ads-us.r2drtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	kauwouraig.com kauwouraig.com static.kauwouraig.com	168 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10912	2 KB
2	r2drtb.com 1 redirects track-us.r2drtb.com — Cisco Umbrella Rank: 573472 ads-us.r2drtb.com — Cisco Umbrella Rank: 955909	98 KB
1	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 26547	2 KB
26	4

	Domain	Requested by
20	kauwouraig.com	kauwouraig.com
3	my.rtmark.net	kauwouraig.com
1	ads-us.r2drtb.com
1	track-us.r2drtb.com	1 redirects
1	static.kauwouraig.com	kauwouraig.com
1	littlecdn.com	kauwouraig.com
26	6

This site contains links to these domains. Also see Links.

Domain
oophaiwhemt.net
glugreez.com

Subject Issuer	Validity	Valid
kauwouraig.com WE1	`2024-09-14` - `2024-12-13`	3 months	crt.sh
littlecdn.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Frame ID: 6FB85EB8969568A9BA9788DADB70E490
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure X

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

269 kB
Transfer

325 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://oophaiwhemt.net/4/7612088/?var=7661112&ymid=12_E5FEEG4M7W&var_3=miss_868888071803507275&land_state=marker_success&land_id=a3nQoMzllWU8Bfl&land_generation_time=2024-10-12_03:43:28&land_error_code=&ruid=8a35442f-5466-4fd7-a9d3-94b2a2c4e9cc&mgeo=ca&oaid=1af1019f9efe202ba6e9796fce0d73e0&land_type=rtr&isPushSubscribed=false&isPushAlreadySubscribed=false&land_tracker=marker&land_purchase_method=apk
Title: Install

Search URL Search Domain Scan URL

URL: https://glugreez.com/submenu/1128934?var=6708ba042fa86d00011d796f
Title: Go to site

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://track-us.r2drtb.com/push/ic?auth=5xms58&c=81-uw5cSJ2yO_qEK6UPrEkAvkji6BN1gAk-0LJr9Z02N2vf_0IoR6rh0HCn5ZcbwXXxXD5EhsdlerYyHWMlN3HEUqCBMTf-FT8N6kEyKUePF9jormMURYZdPw2F8a4imtmtiCTB0hPtD-WY621ULjtIa1W38V080TQulpEhmw5lKiVdH-z7zFYMCscLsdwoeC9W9sO3R9i5tGbwWMDlcEV9TUfrY3m_BU3ifnYsNK0G1qg3vg4YPkSeKYmW8GJiSCJdpjQNwZ17O0oV_UOWwBOgJQsjNhKTP4f6l2IFCScwcpvK5Wj2sdhF901coMoilMQt6QtpuLkyGM4ezcLIEAd_L-9UaEeKPzTVJy2L7NbjTOtRkLdvSpeUgFOlIEWXVrwTYQPnoU1e8lFu6Fo0AsZb8OR55MMDlqbxTnYgFBumccVOP_S0FJF0LhVfTux_IFcHRQ-Ley-3qCdouDYq4DSBMHhxOBE4tv-MUBkxJ4FZCv7C9flLY9IgbzJ8 HTTP 302
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1722423256708-DLUMzyj2ELJy.png

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
kauwouraig.com/ 54 KB
16 KB 303ms
235ms Document
text/html 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b604f0891ccfa751e041dfbc484bcf5d4b9c7773a62f5c284954e14ba4f43441

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d15cd6c5cb8ab16-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 12 Oct 2024 08:43:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4hyow1oDuw6lhyNHXbvZ98g8ZJ7zrsqrEyFz4C0EZKQL0DzZ8NtjH15xua5%2FswEOuK0bBoB4pQTKlEXYpVwwf0u4YK7KASwczRLW%2FjHVque6DBS5IBR3HXPWi27fhc%2B%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 speculation
kauwouraig.com/cdn-cgi/ 128 B
565 B 24ms
24ms Other
application/speculationrules+json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kauwouraig.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://kauwouraig.com
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDAYd3%2BIO%2Bvi51kP1PReuNczIgf9goUanwNJf3UIaBPS%2Fmuiq6rU2iS9SPhZEBXC43%2FcmTW5kAYsaPtt%2FbODcCfMBwSni3NmrS9Q2A0Z85DM%2FZXB%2BgHDGVqvfXuNGe%2Bn4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d15cd6ddd3bab16-YYZ
access-control-allow-origin: https://kauwouraig.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 style.css
littlecdn.com/apps/templates/android-instructions/ios-system-message-custom/css/ 6 KB
2 KB 64ms
28ms Stylesheet
text/css 104.18.10.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/android-instructions/ios-system-message-custom/css/style.css?v=3.6
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.10.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35b879d3f69df36396cda29c06301141ebf47dd3b5e4b70512b82147d0b38600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/

Response headers

access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: zstd
cf-cache-status: HIT
etag: W/"6707dd12-187b"
age: 1098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUk%2B1b83UEAAqwUe420gR78QF%2B4SzinjZaCOQ6fnto1xIEOE4llw677c75k1hghRC%2Bxx%2FPDT%2FjQAAQHxCznxmXVGP%2FJ6DUU%2FBzQjySxZ1FiYwCBHbzZbmeOrPOfjyxEQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, HEAD
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 13:56:34 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d15cd6e8f85abe2-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 316ms
104ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=1af1019f9efe202ba6e9796fce0d73e0

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3e4664a625ba3e6b0c160554c578d5bf7170cb83bd5682d20a74720d1b27ec45

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://kauwouraig.com
content-length: 65
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H3 200 micro.tag.min.js Show response
kauwouraig.com/pfe/current/ 45 KB
18 KB 208ms
207ms Script
application/javascript 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e99677f36e1163af4e3b7131bb735ec43d9658d8e3784bd468e0b5ab5d1ed04a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"6706a6c6-b233"
pragma: no-cache
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATa8Q2DBX303zqaBWENm3nYPgeKSrXyMA7QGisRZWFRojk2BZJ%2Fu3iQ37snn5UWdJC3NNS%2F5WgI7Obwy1e2JOHRAcSjLz0jZikU%2BsY0QvxfqBCMFIcwsBhzqeiLOXYcMPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d15cd6e5d6bab16-YYZ
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 15:52:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 206 default.mp3
static.kauwouraig.com/templates/_assets/sounds/blip1/ 7 KB
7 KB 47ms
30ms Media
audio/mpeg 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kauwouraig.com/templates/_assets/sounds/blip1/default.mp3
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8

Request headers

Referer: https://kauwouraig.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: HIT
etag: "6707dd12-1a38"
age: 1063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaerxZjVt7OxzXmjx%2FkpfJfI%2FIdIjDyb07iipYi%2F9CINA0p8dhF%2BPT%2BedbfwmaGATP68%2BqSDX2euylV1PVPk%2Fa4p93SAnE8RIP41nqrOi%2BMz61yGg8uXmGFPu7BMnoE4IEMZoofWwOY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, HEAD
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: audio/mpeg
last-modified: Thu, 10 Oct 2024 13:56:34 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-6711/6712
cf-ray: 8d15cd6e7d76ab16-YYZ
access-control-allow-origin: *
Content-Length: 6712
server: cloudflare

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 253ms
103ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4d425c31112cd5508aa73f0bdfd36c201578a60469cec66a9b832bcf58827745

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://kauwouraig.com
content-length: 65
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H3 200 0142981268088.jpeg
kauwouraig.com/contents/s/5b/3e/3b/77a7a98d257d9aada41b33ebef/ 113 KB
113 KB 30ms
30ms Image
image/jpeg 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kauwouraig.com/contents/s/5b/3e/3b/77a7a98d257d9aada41b33ebef/0142981268088.jpeg
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01735d39af28d715f03c61991ebc08058e8f3f3b2737309ff28093d1463cbd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: HIT
etag: "63887927-1c20e"
age: 1098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRcQjl3N3jXjWpDL35FlkqWmpHXY7UIyxUGC%2Fm0gjEHV2b1WRQUJbi4eRzGMMspModSRDX0h7rBjZO7a8399KiNq94FLx67ARJciGpoCASrGRkSzYpCo%2FUp1gwrJpBBVPA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, HEAD
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: image/jpeg
last-modified: Thu, 01 Dec 2022 09:51:35 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d15cd6ebd89ab16-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115214
server: cloudflare

POST
H3 200 / Show response
kauwouraig.com/ 2 B
544 B 119ms
118ms XHR
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f&mprtr=1
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JK5YZNJKbYmKn%2FzkzXbZxsahCovzgPEjtlv89SjOIy6Wbz2qBGUU7u0TYQ7in9QlApwIooNuvq9FXQasi%2Bsox4lfw43e4J9Shbxot6QX8TBddXGQGOMUVDjgi94KlhenkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d15cd6edd8fab16-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
server: cloudflare
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 204 favicon.ico
kauwouraig.com/ 0
419 B 30ms
30ms Other
text/plain 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

strict-transport-security: max-age=1
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 6391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NU9OBXA4Im%2FZOAgh2Y3cZvIFhOkdKMuyKLmzumlxK819%2Fom%2FkJTDxqkyG3UAKzQmXmhZBi7mk3luonJCaQ7PFFHcmzE4YTevkB5fqy5F7ZfzlpwpQJ9QLY7ZUyGV%2BmaeIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d15cd6fcdd1ab16-YYZ
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7608761
kauwouraig.com/sw-check-permissions/ 0
1 KB 116ms
116ms Other
application/javascript 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kauwouraig.com/sw-check-permissions/7608761?var=7661112&var_3=21377962_&ymid=%7Brequest_var%7D&uhd=1&zoneId=7608761
Requested by: Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytfK9zm7838ykc5y%2B2FGwV3%2FsU5JJNWPjs6dGaPE8Hty4A1KAQjHxc1WS2fQi5fAqQ6hdsZctdWSwydGwdMQBpZg8oRrfFEO6e3SMEHsyGxSe3Npmf03jUBMvc%2FI%2BrP20w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, HEAD
cf-ray: 8d15cd6fcdd4ab16-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
server: cloudflare
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H3 200 zone
kauwouraig.com/ 0
578 B 211ms
210ms Ping
text/plain 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/zone?pub=0&zone_id=7608761&is_mobile=false&domain=kauwouraig.com&var=7661112&ymid=%7Brequest_var%7D&var_3=21377962_&var_4=&dsig=&tg=1&sw=3.1.562&trace_id=bd071d42-723d-4751-b01e-ffebaad35c3c&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTkVb9KKSpW%2BqL%2Bm5f0WDww1Jn14XWRDWqN%2FNDN%2F%2B%2Btt6CWKVopoH%2FjAdAHDQagNWJPRw4lDcJEDZnTOk%2FkAAc4W%2Bys4o4eyT0EnXbqtBjlWBVp5J4%2FV20LQRoPk%2B%2BtY7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d15cd6fcdd6ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 12 Oct 2024 08:43:28 GMT
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H3 200 event
kauwouraig.com/ 26 B
658 B 204ms
203ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7y1OVhefAq6v12lHBx48linbaERhaBYRHOhJ83%2BEWhOSzWcCXsNqTvVlSfUJ73Qhis6y0BBfzbbK%2FhvUa9OjSQSTwtXcYzIxO0r%2B1sBjEBjmC0lmoi50yUn%2F%2FOT0CYNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6fcdd7ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 104ms
102ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7608761&checkDuplicate=true&ymid={request_var}&var=7661112&source=pusher

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0dae032d7b70b96c98adf6bffd9592c84db4f97538125b1e9230041919eac29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://kauwouraig.com
content-length: 65
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

POST
H3 200 event
kauwouraig.com/ 26 B
657 B 203ms
202ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85Rbnj%2F7tc1etGMKs%2FBAhus5ti9x5weROctyjMKJj2niEHGktfHkUB%2FQrcp5FqqFvD0GUlQkmZTSirh89MVHbxF7M40bqzcUCutILQCrBkNQ9NI571okN9gX31KCX%2BCLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6fdddbab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
654 B 203ms
201ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zclOioGvHf1%2BFLed0y7M6khoEOBqb26pGt7lOqw9Ib5YmtKSknbR0PDuT0ZhZEpEGX8uxiCHXCaM0c73%2BVi5rc9Mgzk9oAJrkU8VHD4jaHnbn1Rxfb1sTvKRqQfe7xZ6bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6fdddcab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
658 B 197ms
195ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cy98C%2BwV3VQiSHmSVIXxfmk1gL1k%2BY1ah7g%2FXKEco6rFt3fmuH7aUqmLSyliXdNdohqOWdtSgQboHLW%2FWGvjjxBA91yDuDzVZ51pp%2BOWEqoaTyarPc1tU17RDcD54c9CYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6fddddab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
658 B 197ms
195ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4zEFR1%2BgES2M9uN5Su9Xlit8shhxW2HgRd3x%2BC%2Bd4%2BmRkkLa2gf8nI6qREfzZeCFt8LuPXB9FhTna1sZc1iIAPLQYlVE1z99Wv3%2B3L9rPgblV2lDpfiQMNSvjVS4ZI7Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6fdddfab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

GET
H3 200 zone Show response
kauwouraig.com/ 561 B
975 B 196ms
196ms Fetch
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/zone?pub=0&zone_id=7608761&is_mobile=false&domain=kauwouraig.com&var=7661112&ymid=%7Brequest_var%7D&var_3=21377962_&var_4=&dsig=&tg=1&sw=3.1.562&trace_id=bd071d42-723d-4751-b01e-ffebaad35c3c&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aacf7f3f2f1c7f5374623fc9c615f8240d4bde7bc839048a58701a42180f13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWupHbS5ZD2WLajp6LPfH5Etbj1mUaIz28OfIYoN1qM7WGzWjLYRxn%2FSG%2BftfqKY1iFeRE8hDvt6spSS5twWYYS6SmVGyKUUqVpWVWX6gWp5Cn3jGpngpVfUMY%2FNC%2BI8pg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6ffde6ab16-YYZ
access-control-allow-origin: *
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
651 B 195ms
193ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ky8CCqGG2wBB2MYMCbdjstFZ3NMVelj1SoFNjGQMHVY7Wnaapkc319fnLO25c7Ysc2jYLZeLeEOxNFcL9JtYoNooBhkfDYvreTNGm8ktlr2OftI9OcCZESGFLgqirBhOMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd6ffde8ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

GET
H3 200 rotate Show response
kauwouraig.com/ 2 KB
2 KB 308ms
307ms Fetch
application/javascript 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/rotate?zz=7708145&var=7661112&ymid=12_E5FEEG4M7W&uid=0800f393811c4c7afea32ddc38d99a5e&var_4=6708ba042fa86d00011d796f&=

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280d59488d2d4a81c736c03ee7d24b60a9f484aecf20d666df7598297923ea1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

access-control-expose-headers: Link
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suriLVfpIOp4jpZpIPgWsCsuqXL5th%2BOxBeiEtYWzUph0zz3LC5AGbZEtyvix%2BUuIBEWzRe1pB3ECZwjXWxz%2BXOhj%2FIXU%2BYwQyshuxqMu%2B%2BKJ5rNSQ9xVgxWObJHHlxeuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 2b4c8d639ba6bddb8dc0197197bb7dd0
cf-ray: 8d15cd705e03ab16-YYZ
access-control-allow-origin: https://kauwouraig.com/
server: cloudflare

GET
H3 200 track-impression-applab Show response
kauwouraig.com/ 746 B
1 KB 119ms
118ms Fetch
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/track-impression-applab?z=7661112&b=21377962&ymid=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&var_3=21377962_&redirect=false&redirectUrl=https%3A%2F%2Foophaiwhemt.net%2F4%2F7612088%2F%3Fvar%3D7661112%26ymid%3D12_E5FEEG4M7W%26var_3%3D%24%7BSUBID%7D%26land_state%3Dbefore_render%26land_id%3Da3nQoMzllWU8Bfl%26land_generation_time%3D2024-10-12_03%3A43%3A28%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1af1019f9efe202ba6e9796fce0d73e0%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b7ff9b7ba21c92e9a280c3bdace590adad78291402a09fb20b4e7e11e9b7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCqG2Z0S1DBWxsRVlddAUigxKDXJHem2HqlsFypYTcwoYsm%2Fxoj5EjxdrYdIGmuKiC6J%2BivjppV%2BsKyNrkLnR4zYG0peFqkFv8qLyp7teDijvcq3nYOwqXngmQifgELoww%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 29e1f2ffb0eebe49b225f1ffe508b4b7
cf-ray: 8d15cd705e04ab16-YYZ
access-control-allow-origin: *
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
661 B 206ms
205ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVo9%2F%2FpmAa3OTTQQpWTMhMDdAWbT8yCaE%2F7pjXah%2B1n%2FixwHqm2XVBwJLqEFTIzYToj2lmkV6EApi%2FsPmSndd3KVj2slg1AqmW9LxMUOhqXU9J6jRb8xodwP06xHuSptWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd708e11ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

POST
H3 200 event
kauwouraig.com/ 26 B
653 B 110ms
110ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70uZArapQekpxt4o2QMhq3oQloe5KY0Dhhmv4EoCWPWa3gK1gRenI9WnKAvo%2FnAiICB6bDURg%2Bc0yyigDlmMiZPPjtGZFh705tL9Cek8bk43si%2Fil6WVSOKoadsiE5E1Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd713e46ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

GET
H/1.1

200
OK

1722423256708-DLUMzyj2ELJy.png
ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/
Redirect Chain

https://track-us.r2drtb.com/push/ic?auth=5xms58&c=81-uw5cSJ2yO_qEK6UPrEkAvkji6BN1gAk-0LJr9Z02N2vf_0IoR6rh0HCn5ZcbwXXxXD5EhsdlerYyHWMlN3HEUqCBMTf-FT8N6kEyKUePF9jormMURYZdPw2F8a4imtmtiCTB0hPtD-WY621U...
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1722423256708-DLUMzyj2ELJy.png

98 KB
98 KB

174ms
69ms

Image
image/png

88.214.195.112
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1722423256708-DLUMzyj2ELJy.png
Protocol: HTTP/1.1
Server: 88.214.195.112 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f5b8982a4023fbb3952dfd89da9edd2cdf2a2440872adeed2692dc1ab12d0cab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kauwouraig.com/

Response headers

ETag: "66aa17d8-18642"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99906
Date: Sat, 12 Oct 2024 08:43:29 GMT
Content-Type: image/png
Last-Modified: Wed, 31 Jul 2024 10:54:16 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1722423256708-DLUMzyj2ELJy.png
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Date: Sat, 12 Oct 2024 08:43:29 GMT
Server: nginx/1.14.0 (Ubuntu)

POST
H3 200 event
kauwouraig.com/ 26 B
653 B 112ms
111ms Ping
application/json 172.67.205.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kauwouraig.com/event

Requested by

Host: kauwouraig.com
URL: https://kauwouraig.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7661112&sw=/sw-check-permissions/7608761&var_3=21377962_

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kauwouraig.com/?l=a3nQoMzllWU8Bfl&b=21377962&z=7661112&s=6708ba042fa86d00011d796f&var=12_E5FEEG4M7W&ymid=6708ba042fa86d00011d796f

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MYLensTrc7356iXET1YsnjBATDwWpLHjTBtwVadpt6gY6pG%2BXc7ItCMcxETeW4btsp6YaBjVKyQ9ZYotWMMVQioKZ4ko5Q4eXgLEJnkjsZkDsb7t1fLhvNSGR2ZlJsYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:43:30 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
cf-ray: 8d15cd7998d7ab16-YYZ
access-control-allow-origin: https://kauwouraig.com
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kauwouraig.com/	1970-01-21 00:12:06	Name: reverse Value: WAVitFQERTOsGCUlCJIILp0SoFFHjaz5Zg5llwHLnKw
kauwouraig.com/	1970-01-21 09:48:02	Name: oaidts Value: 1728722608
kauwouraig.com/	1970-01-21 00:22:07	Name: syncedCookie Value: true
my.rtmark.net/	1970-01-21 08:57:38	Name: ID Value: 0180f379b1ea44a3eea175658cc5329a
kauwouraig.com/	1970-01-21 08:57:38	Name: OAID Value: 0800f393811c4c7afea32ddc38d99a5e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-us.r2drtb.com
kauwouraig.com
littlecdn.com
my.rtmark.net
static.kauwouraig.com
track-us.r2drtb.com
104.18.10.244
139.45.195.8
172.67.205.44
88.214.195.101
88.214.195.112
0dae032d7b70b96c98adf6bffd9592c84db4f97538125b1e9230041919eac29a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1aacf7f3f2f1c7f5374623fc9c615f8240d4bde7bc839048a58701a42180f13a
235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9
280d59488d2d4a81c736c03ee7d24b60a9f484aecf20d666df7598297923ea1b
35b879d3f69df36396cda29c06301141ebf47dd3b5e4b70512b82147d0b38600
3e4664a625ba3e6b0c160554c578d5bf7170cb83bd5682d20a74720d1b27ec45
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d425c31112cd5508aa73f0bdfd36c201578a60469cec66a9b832bcf58827745
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
b604f0891ccfa751e041dfbc484bcf5d4b9c7773a62f5c284954e14ba4f43441
d01735d39af28d715f03c61991ebc08058e8f3f3b2737309ff28093d1463cbd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7ff9b7ba21c92e9a280c3bdace590adad78291402a09fb20b4e7e11e9b7de
e99677f36e1163af4e3b7131bb735ec43d9658d8e3784bd468e0b5ab5d1ed04a
f5b8982a4023fbb3952dfd89da9edd2cdf2a2440872adeed2692dc1ab12d0cab

kauwouraig.com Open in urlscan Pro 172.67.205.44 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

26 Requests

96 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

3 Countries

269 kBTransfer

325 kBSize

5 Cookies

2 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

5 Cookies

Indicators

kauwouraig.com Open in urlscan Pro
172.67.205.44 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

269 kB
Transfer

325 kB
Size

5
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!