urlscan.io logo urlscan.io
SecurityTrails logo

quernscliff.com Open in urlscan Pro
2606:4700:3032::ac43:92b5  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mi.lp.org/gywi.xx?gAAAAABkqulh1K_ZCeu4ajj321JSQD7Wb2pUzUxCzb3SvVNTYnTdP_TJ3B2eInzopPVjRVOP2R58ILrU2DGS4_So...
Effective URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Submission: On July 10 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3032::ac43:92b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is quernscliff.com.
TLS certificate: Issued by GTS CA 1P5 on June 30th 2023. Valid for: 3 months.
This is the only time quernscliff.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 45.86.10.129 35913 (DEDIPATH-LLC)
1 141.98.5.2 8100 (ASN-QUADR...)
28 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
38 7
1    45.86.10.129 (Secaucus, United States)

ASN35913 (DEDIPATH-LLC, US)
www.mi.lp.org
1    141.98.5.2 (Bulgaria)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
upstartwings.com
28    2606:4700:3032::ac43:92b5 (United States)

ASN13335 (CLOUDFLARENET, US)
quernscliff.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-essursta.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-essursta.com
Apex Domain
Subdomains		 Transfer
28 quernscliff.com
quernscliff.com
1 MB
5 trk-essursta.com
trk-essursta.com — Cisco Umbrella Rank: 207772
event.trk-essursta.com — Cisco Umbrella Rank: 258027
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
125 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1623
254 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
1 upstartwings.com
upstartwings.com
433 B
1 lp.org
www.mi.lp.org
320 B
38 7
Domain Requested by
28 quernscliff.com upstartwings.com
quernscliff.com
4 event.trk-essursta.com trk-essursta.com
2 www.googletagmanager.com upstartwings.com
www.googletagmanager.com
1 trk-essursta.com quernscliff.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com quernscliff.com
1 upstartwings.com
1 www.mi.lp.org 1 redirects
38 8

This site contains no links.

Subject Issuer Validity Valid
upstartwings.com
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
quernscliff.com
GTS CA 1P5		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
trk-essursta.com
GTS CA 1P5		 2023-06-23 -
2023-09-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Frame ID: 4359BEA3BD21CD166C205E7F7FE529FF
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Recompensa Pendiente - Lidl - ¡Queremos vuestra opinión!

Page URL History Show full URLs

  1. http://www.mi.lp.org/gywi.xx?gAAAAABkqulh1K_ZCeu4ajj321JSQD7Wb2pUzUxCzb3SvVNTYnTdP_TJ3B2eInzopPVj... HTTP 302
    https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ... Page URL
  2. https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

1423 kB
Transfer

2252 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mi.lp.org/gywi.xx?gAAAAABkqulh1K_ZCeu4ajj321JSQD7Wb2pUzUxCzb3SvVNTYnTdP_TJ3B2eInzopPVjRVOP2R58ILrU2DGS4_SoZtJeU6rJ6oQGJLNYdkmhjJAzGKmt9GPTz9AiHwwUR6jWVvfD2KhgC-jKTS42l-d2_Y0NMHHuYA== HTTP 302
    https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK Page URL
  2. https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.mi.lp.org/gywi.xx?gAAAAABkqulh1K_ZCeu4ajj321JSQD7Wb2pUzUxCzb3SvVNTYnTdP_TJ3B2eInzopPVjRVOP2R58ILrU2DGS4_SoZtJeU6rJ6oQGJLNYdkmhjJAzGKmt9GPTz9AiHwwUR6jWVvfD2KhgC-jKTS42l-d2_Y0NMHHuYA== HTTP 302
  • https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
NrwjDqmy3VLSK
upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/
Redirect Chain
  • http://www.mi.lp.org/gywi.xx?gAAAAABkqulh1K_ZCeu4ajj321JSQD7Wb2pUzUxCzb3SvVNTYnTdP_TJ3B2eInzopPVjRVOP2R58ILrU2DGS4_SoZtJeU6rJ6oQGJLNYdkmhjJAzGKmt9GPTz9AiHwwUR6jWVvfD2KhgC-jKTS42l-d2_Y0NMHHuYA==
  • https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK
136 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.98.5.2 , Bulgaria, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-length
136
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 06:19:43 GMT
server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jul 2023 06:19:42 GMT
Location
https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp%7EE3kyFq08LUyw/NrwjDqmy3VLSK
Server
Apache
Primary Request /
quernscliff.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Requested by
Host: upstartwings.com
URL: https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9407d7c692be16dbb7e90ade5f1761414e7db0d5565cfe7e91931416bced691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upstartwings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7e46b260ec73664d-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 06:19:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXqik5aUtuweKnDV00vCGSilVujibSXtbm7Khds%2BRHNGRSKp0G9RYtegnJhK93c7aa187Jv8yJvMz2NNjalau%2B62YbliraL6sp1ZlsNsQBCUBj%2FUEzx7yP0rAAxVxGnZse2eLbR8h0zkF5rAnXo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
fb004cc32af3d9a9f57b4ad036180de0
quernscliff.com/ 		244 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0?_ax=w
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5899414b31aa88d907d29e9d7439642a66216547fddcaa9934ce8b735f796362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2Bw%2FTxcsIF%2F%2F8hyj6I1%2BNNm%2FKtPBxyDc%2BBTkq%2FsyrftpY2XXgO4XWTBf2%2FtWAnWk%2B3arr3ANIptH%2B2yIvCmoK8TC2tRL7vhDtzi9d1lcHPIi1UcU3RY46t%2FytMxjMAGPrwVx7Pa3WptAAQGSH4g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7e46b264afe2664d-MAD
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
quernscliff.com/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445620
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVncR4IS5IgRSozWf5et6xWuYaV5GhO3GEzVZLdHysnPvxcjn8HL6HPftM2wCYbr2qpV%2BDILdSW5D%2FZ8eh9yghk7v4KT0OGJ74nRZSJVsoJVVlB5UP68unK3JM%2BL3%2Bb50YhrQa8avJKfccvT1dY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bac870412-MAD
expires
Wed, 12 Jul 2023 02:32:45 GMT
all.css
quernscliff.com/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445620
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3U09GRXnJRHgFmfZ16e%2FZ1ymjox5gQanHMvQju%2BjyO4v18piMtVwkA5twB3o1Onel5dsEDurLilxiKTBkDHpSkjiK34yfjq40oVIHxNFnfZ5%2F0QwloeD0xfgMikSyZqWlYVQcxpQsM5lFJLLsc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bac890412-MAD
expires
Wed, 12 Jul 2023 02:32:45 GMT
common-hybrid.css
quernscliff.com/assets/css/dublin/dist/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/css/dublin/dist/common-hybrid.css?v=653579a3a82fa4cd4547ed0499814451
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd9d477a94181d0819a89f799a23698c057dd08c5e2c0bab014ae83a0195ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jul 2023 13:58:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sylVSMHWU8WXU2Gpkb49JpnyUwSlsLMlGKgc7qPIyzDeEJmIn6PD70tW61UQcPyWOQWSR7xNmDoA6g0jBI8ym7K2buhalQRmfRtEG7CQ9PFqr3fY5xn15TN5zcCAumxY2rBdAayDLMjDh8b5hV4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc8c0412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
msg.js
quernscliff.com/inc/ 		942 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/inc/msg.js
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85390f4f84363b5c487ae2431e19bda3bc47953dcb2dc4b84b17e8265222394a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445620
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 May 2023 19:41:10 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpG6WDnWoZeIvsraMlFSOZfVczFI%2B8pVB6ff%2FGYn9x5RsvQDwZ%2Fmc52BB9lDxmt1mjW7IFBM%2FtD%2FUtmvrUjqxLwEZ01mV%2FrodvhnardapO%2Ffwv7d9eda5qQpRDmfO2neDl6Lqmey0bVrlfnrzI0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc900412-MAD
expires
Wed, 12 Jul 2023 02:32:45 GMT
jquery-3.4.1.min.js
quernscliff.com/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445620
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meOao9HNJq1TQK879oEpvUd0b6Dwx5d2D3uUyRKT44vqu3Wl7CKPTYAZrlkDgGW6bqenIZUtpuj7LrL%2FqRDNhEHbNU%2FdftlMpAK7mtkACTYsSy2NMXFWkxLGvKHbmQrTgnGKgZCuT0zyB6hP8mc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc910412-MAD
expires
Wed, 12 Jul 2023 02:32:45 GMT
bootstrap.min.js
quernscliff.com/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445620
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHct2N7lxM2s%2BhaVqOqtfSPNe9Rsocf%2FCI4d9QTwMJDAurSUDX0%2BGXW7RlpgOkwgzR1qQOsxnwQOYEZ%2BmkTJZG3wIqFeQTBOGB3%2F0UAyeFuBFxj8PyzLl%2FwePX20ggoNNpedR48iTJ2ucvZQhvg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc930412-MAD
expires
Wed, 12 Jul 2023 02:32:45 GMT
functions.js
quernscliff.com/assets/js/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/js/functions.js?v=653579a3a82fa4cd4547ed0499814451
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Sep 2022 14:55:28 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPbbX4PjfprMEBeA7ueWMNsaLNgq10pTrRWJumhJHwEAK%2FSCPyw8q1btQGT0bAyOBwZBY7qrzauRFvXClFTadjq0F0LqbBGTP79VRf62GmVmnxeo1G0UXdYr7iAfAS12yf1AvPcgQ7%2Bh1lCgl5A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc940412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
intl_functions.js
quernscliff.com/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/js/intl_functions.js?v=653579a3a82fa4cd4547ed0499814451
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaed2c1c9dcd86691c52bc273367417461d427822fd45c0ac67b8bd2e1fbbda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 19 Apr 2023 14:41:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qARngKKm8rhs37MhwxO8Kn3jAtWWNuAPOczEXhFyF7iTpCe6i4KUVhnzl0XnirnaLyrniolBD9KrjeP4nHXUV0R53nttdPwAD0AY1mT8zdA5OpiHLKU4%2BlPK8JSvM2AvdfLoLBky3eSlecIAl6s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc950412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
common-hybrid.js
quernscliff.com/assets/js/dublin/dist/ 		96 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/js/dublin/dist/common-hybrid.js?v=653579a3a82fa4cd4547ed0499814451
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/?s1=350617&s2=1018317902&s3=5379&s4=2857&s10=2808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4deb6c3928210454b9c38cd2ed01ab6317283f0db1b6d7eb3676e3635721905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 May 2023 16:52:14 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7lIoe5v5QIm%2FglmFXgys1U5wKa3HTbOrf%2B%2BoqcUz%2BOJcc5C52eAnni5SzvwrF9a6c4Kk0EY0dsjXljtN20HE4E8VbkybIh%2BZdlFGjfGNDHif4q2fWHF2m5P9%2B6r4k4sZs89b4DVeDArprEdqRw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7e46b26bbc960412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: upstartwings.com
URL: https://upstartwings.com/0/0/0/137961742c593c36b2f9fccf874b34e1/HBJqty7umVyp407Z8SDWqCbFhN6FbYu7S9hMQ5Q/xGcc58JpuagJbOtBGUbmcp~E3kyFq08LUyw/NrwjDqmy3VLSK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec81b926d74eba250ce6fd70f64b59067b01871b883a4cc0156230e34ec51c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46388
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jul 2023 06:19:46 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/assets/css/dublin/dist/common-hybrid.css?v=653579a3a82fa4cd4547ed0499814451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f436075f0a6abd34dafeb7489ff439f470051d146e1e48484d97d7f4628069b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 06:11:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jul 2023 06:19:46 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eaadd20c80382d7af33908c661c7f38ca371381972a4c2d84a2e82f914717808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81146
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jul 2023 06:19:46 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=45je3750&_p=1178655853&cid=733966469.1688969986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688969986&sct=1&seg=0&dl=https%3A%2F%2Fquernscliff.com%2Ffb004cc32af3d9a9f57b4ad036180de0&dr=https%3A%2F%2Fupstartwings.com%2F&dt=%5B1%5D%20Recompensa%20Pendiente%20-%20Lidl%20-%20%C2%A1Queremos%20vuestra%20opini%C3%B3n!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jul 2023 06:19:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quernscliff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
trk-essursta.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-essursta.com/scripts/push/v9e118mez8
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHxBz1hVGjIo40W0OSfMnqzJZamV%2FoPpbCH0oqe4kLR1UOTf31eHYNw9OeiO7TFIxGJbVZufk4c7GnmccF2%2FJQdKh1ARodYiV%2Fy%2B1IchpNw1r71gnfBAU1cfR%2FPXYQt8ZlG2xoscNTZAteqWpx7z"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7e46b2701bf16653-MAD
expires
0
ldllogon.png
quernscliff.com/uploads/archive/company/43/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/uploads/archive/company/43/images/ldllogon.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dc2abd46c07b20f11d6509a007933af8db04e6db4f4c69156e4b8f9ed3a51a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437944
alt-svc
h3=":443"; ma=86400
content-length
39595
x-xss-protection
1; mode=block
last-modified
Wed, 01 Sep 2021 17:46:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPFiuGe1sdZQJC%2FrHqdODrBSQtBtiFnyP8gmXlQ3kelDpFK2QaeVf%2F7%2Bh4%2B5xuUO%2BhinzAC23XGiLS1VJ5zc372RyfGtkgxCQho95LOS4Yt9Kprj0d7pUE0dMnV8oUhpQi49%2FooCagM5J3qDldA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9600412-MAD
expires
Wed, 12 Jul 2023 04:40:42 GMT
90219bbadadc240cf042250475b83515.png
quernscliff.com/fim/2808-ES/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/90219bbadadc240cf042250475b83515.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fabdd1f5a6314701f3d045b425a8375408896a1c32cf09c3624e511604d496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7949
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:04:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyAR%2B%2BqVbvZvGkLc1K1W59u3C7MI6m5EcbUYl%2FiiVdmLL4GCeqptxHfQc58mEAeMYPMtYVIgCYmib%2B2KCsXdE7SJ4knmBGbmd%2BbcbfBMUgok%2Bx29Hc5MiERCzTCJznLcDR1jytPS49MxtJJTWC8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a96c0412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
ninja-5.png
quernscliff.com/uploads/archive/product/399/images/ 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/uploads/archive/product/399/images/ninja-5.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a59a1d6c827706c17fed473b82ca1606bb0ba26fdfa21c8c589d7e8e513b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437944
alt-svc
h3=":443"; ma=86400
content-length
296659
x-xss-protection
1; mode=block
last-modified
Thu, 15 Dec 2022 20:42:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9FB3ynR%2F7RfO7See0yxiRiNvdktU6oQdk4OdGUGDJTufQrGUZMs7Ya0oHrdQ%2BRP6Qk1Rx4AjKonNGSVDKMKj3LfUOXhJ57NQcaWyCF7hzwBm7A027mjAbEzSvGuoh1D1LgbR%2FwN6JlhuLPubZo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a96d0412-MAD
expires
Wed, 12 Jul 2023 04:40:42 GMT
62e67eb66e171b7baad71ff72fee6639.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/62e67eb66e171b7baad71ff72fee6639.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2040
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:33:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVBVOmA0MYrOqNBoq1xvSJgTRwOiox49ZxSDolmbAOomNdqGq8NBUYlV%2F6Eisyrw0SBjyYEydAdTZTe0JzFSU%2BUK1EHhkr%2Fv4j%2BWmloYCc%2FxHSWtxgzaSiKRPDjd1gecj443WV7wnmqSoGZKfZM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a96f0412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
9ffdb52608bacda3bef050eec92d7e2a.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/9ffdb52608bacda3bef050eec92d7e2a.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1993
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 06:08:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAfwJ9fvUBzKDJtqyoz3VvLDm3c%2BrtJ92FX0cDidJG2HndTPFpTPy671ql5doynwZ0j6G%2FBIIduLzD7gBbl30KqNbDpwY4UxyhzcDHFNHyiNhXcpTFvCirGDq9KAFinl6EzzOkDvJDJO41WXrCc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9700412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
4f1f169dbbcb95d85b06c8b8cde2a536.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/4f1f169dbbcb95d85b06c8b8cde2a536.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1784
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:04:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YluHRMOXr%2FavuuJoP0IaCCd3JNve2i19rZ2zmPat98PlG%2B3PTBh2DSGNaBYMbnsvE8HAdtVude087cNBRp3FEykpU282R18saucZCxyqhK5xrsk8NHkWGWYz51pg%2ByV%2BqCSP6Emu6iLqS%2FKEqsE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9710412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
8ca4a5add4bfcd42805c751615312c9f.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/8ca4a5add4bfcd42805c751615312c9f.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1925
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 06:19:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Woffu7i8J8syMlX%2Fp53IglRw%2Frr%2BjLYCwSnANA0FYVvOgU6tyNbAEvVfTvnIQuRqKtIT3PhDltHuMRJNKSwXCprEoX5cwbdwiReNH7IdWB%2BDCr4SmJly4Cu%2FikqsobJ6JozIh5H56lJJYCqrpz0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9730412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
c2.jpg
quernscliff.com/uploads/archive/product/399/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/uploads/archive/product/399/images/c2.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa086b7308cea90c0658fdf30aa4d30969af3a053f7ebf5a18c8495a67a9d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437944
alt-svc
h3=":443"; ma=86400
content-length
38938
x-xss-protection
1; mode=block
last-modified
Tue, 18 Apr 2023 21:02:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BvI12gyE1z3fUZSDC3R5a%2BeYcYc70KFSf0szAnOCr%2Bh6TaUReMquXt96I5tB29Hr47anfwzmFPiSn%2BVkiDmZRfVvwbruyMfeG8kJFwo7f2%2Bft%2Bflhm3DPrrAQH%2BxtIG3Q16grQwPjyyYlBevDM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9750412-MAD
expires
Wed, 12 Jul 2023 04:40:42 GMT
7363a6eae0b585b44d780b60d226c427.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/7363a6eae0b585b44d780b60d226c427.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1971
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:04:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tizTGRkFzmwHqtSeOS6Q%2Ft4hb8V6yaLWYZyUOYGtxz8lUfRm%2FmYiY4SMi9wlJj3oX0hrrIyfZzZQpS7bPxgszKY%2BNoylVOCaQhx725zji%2FyAWPmmDuoVYfnwLlYr7l%2BW2eZFLzJtEZxmpw0VRC0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9760412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
c4.png
quernscliff.com/uploads/archive/product/399/images/ 		307 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/uploads/archive/product/399/images/c4.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b754dfe6c7248a8dbdef3b7bd3ee1f43ce844f4d4e092207ae8ffdbe5c6bca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437944
alt-svc
h3=":443"; ma=86400
content-length
314845
x-xss-protection
1; mode=block
last-modified
Tue, 18 Apr 2023 21:02:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hOycsLtFyBCEZfQU11WyC3nCBjYpsUDY0DtQvKKSiOrjMZzdM5uBjo8TEaTRpi%2F0pahR4QgrTVnWpOeTjh%2BsPSeE0uogqaeG7VfF3NCzrns6JBeUUbUPI%2B2E2bxQxzSc%2B5dL%2FqAqq2QIEKBHVs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9780412-MAD
expires
Wed, 12 Jul 2023 04:40:42 GMT
e201be538cc6de6fc3aba5272ef81cba.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/e201be538cc6de6fc3aba5272ef81cba.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1855
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:34:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8miOhR7i4d8gUeXEr7baUEbmyf1UHvYcll61wb6bjlLKRxn6gfmdLbdcCtF9dwAogpzKHJAbIRdcvB5vpHa44ls%2B%2BHX5%2FQhaKj1tlYuvHnpKk9U%2BnpSDiUzk0bK0f9lR3kmnsde0PuYmu1ssKXs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a97b0412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
9ba4ff454d3009e1df133dc8fbdb9d1e.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/9ba4ff454d3009e1df133dc8fbdb9d1e.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1878
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 06:19:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXAWpXlLXhgjWEB5jFykddHB5wf%2BC5x3jQ7G%2BVFaRgTcrS1i7%2F6ZHt3b5SRGzhJuOrfggvQCZGWkx05pVWHmIfyvmzXWbVyJFeDlCoNVzkdHuTKwlI214ZKCo2ghHBMdkf4SYOFAsZGYVd5kF4U%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a97e0412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
9bfab9de29f37d800646d7789ec357a2.jpg
quernscliff.com/fim/2808-ES/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/9bfab9de29f37d800646d7789ec357a2.jpg
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2069
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:33:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbq4%2BMJN3iwr%2FU9TqGdnV2jARffaDpbzJaHrcrficpovaBFR6CbmM6K8xLJJbzFSD6VVgGlOPB97i7bRCJAaacxSYjlnVIeEWZoTEDRzyKZ2E59Wwemq5ekLENgqkgRN4n%2FrdM%2Fs5a1C43lV%2BGc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9800412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
s-l500.png
quernscliff.com/uploads/archive/product/399/images/ 		345 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/uploads/archive/product/399/images/s-l500.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d421d6298ed8525ca21e05722b5b34c873b45fb26da194daf967ccee773834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437944
alt-svc
h3=":443"; ma=86400
content-length
352895
x-xss-protection
1; mode=block
last-modified
Tue, 18 Apr 2023 21:02:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHx%2FJWBQHsMMBvbau54HEWkbjLfkIzwLe3CS6LSxA%2BeVW57T5f%2FuDkqNpT2nl5W0wtFxgoGyRlP8mxpomzqdW7vddCR3PfwojivY%2FGKURHGIQtIggUErE1cW%2F8RvxbUS0ECxmasdH2r3%2FptcrcQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9820412-MAD
expires
Wed, 12 Jul 2023 04:40:42 GMT
7dc062b10fe429c0e65d25949cb62203.png
quernscliff.com/fim/2808-ES/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fim/2808-ES/7dc062b10fe429c0e65d25949cb62203.png
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 05:04:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQUd3ve4XLl%2BE4gdOdo2MZGN2WysgmICsL2ZunJT%2B%2Bb2cMxHsOu5%2BPYse455c6TZddR68ZYQ8KNMJ78M7PJgYrgAwSpnZt6ymzOc%2FgyXY4lzII1iPxY3R%2Flsg9NPzWNEAKg1N3pVfMLbH3M%2FnQo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270a9840412-MAD
expires
Mon, 17 Jul 2023 06:19:46 GMT
fb004cc32af3d9a9f57b4ad036180de0
quernscliff.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQCDNvjpwn3WphAbDISZ6KL8we9dnZ%2BEb7NOBa4V%2BGNk6Qjrteda7cJcyGS%2FMXsJS5%2BDLtMJIxeo49HUmA6J3VyTO1bSXtIV1fm2tFuN69ZSRyX1pZ0Py4VSbhNbpVWeTc3%2Ftbr844A4TDaVFDE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7e46b270c9ae0412-MAD
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-solid-900.woff2
quernscliff.com/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://quernscliff.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: quernscliff.com
URL: https://quernscliff.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:92b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quernscliff.com/assets/vendors/fontawesome/css/all.css
Origin
https://quernscliff.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 06:19:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445619
alt-svc
h3=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQdH0EqRkxZ7tSfjar2N9Cf%2FeyRRuGLucdBAzUKEFtdEbqWtbJ7nY0Z4qN0Zr9jdpAIaLAx%2BcnOXIB2Mow%2F49RSjz28yWe39WkNT5ImW78JXGpiET%2FAyGDEhXmdTNvHAv9ErrpSu0%2FLqIii0hx8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e46b270d9b20412-MAD
expires
Wed, 12 Jul 2023 02:32:46 GMT
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quernscliff.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 10 Jul 2023 06:19:47 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwktztRgM4jmDFF%2BbH%2BSJx7L06M7Scm6w9IVWCrXROjOYZ%2FQDOZDgqfNAbYQZEA%2FEQIHk3elW3XPr%2Bu1WQk%2BMBQWYT7qjSDOiIgKvW9eb%2BU5HJb8w2PqRSbYODN4FSojoGlU8cCoULTqqZ%2BVc5NfzKwn7Vgt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://quernscliff.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7e46b2776d0b2195-MAD
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://quernscliff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://quernscliff.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e46b274ca6d2195-MAD
content-length
0
date
Mon, 10 Jul 2023 06:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4rS6nCUc8R%2FqliPW3eiWt%2BKZ%2Fm4i6c%2F95xPxCRz%2BXVCP9NZwvGECb%2B0jgYTmNSZeUr9vPftn0%2BqcnlkJbA3Dmf2YpZMA0WZEuTieLXimHJlhM%2F17OQHxF4K6T8oviJ9kxR9p8VPmR5wC8MLHJPmzQKpITYS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quernscliff.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 10 Jul 2023 06:19:47 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjjFlFO6RARwkTd3ZbTWwHDqlS97gDLpITrbeOTPjf%2F5m0gmJlyKC6ZM7PtEzFACVNiBxK9Y3xFYXz4SA9yUgGyyHE%2BEraIQ4WFvGct1vHa7rbbKPn%2FcDO6y%2BCs2FVQ3CUk35LQ6v%2BCrgDbcIJs%2Fx63JUZKn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://quernscliff.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7e46b2774ce62195-MAD
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://quernscliff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://quernscliff.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e46b274ca6e2195-MAD
content-length
0
date
Mon, 10 Jul 2023 06:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvqL9vWSLKlnrLHs1sZtT5ggEzocN0tUT%2BGb98xnCbd5tbLBgesRKVW0aLhrTbPeXhY8gwg4WM1dzZlgenT9Ee%2B94V0ixClnGVZta2QrBV0Y%2FtBO6DYMAYbwdMqej9eMrfvOYzPcmQzRCuuj81278fvZi0iB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| _0x4eba function| _0x3ccf object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain object| _0xc23e function| _0xe92c function| $ function| jQuery object| bootstrap function| datehax function| startTimer number| duration object| _0xc79e function| _0xe0c string| rightnow string| imageSquare object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub object| _0xc61e function| _0xe28c string| LNG string| CMP string| CNT string| BID string| API_URL function| a0_0x2b1747 string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| a0_0xbc35 function| replaceUrlParam function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| a0_0x4789 function| showOfferWallU string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl string| questiontx string| of function| putVarCommon function| count_p function| mfq_tags object| _0xc62e function| _0xe67c object| _0xc70e function| _0xe34c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Domain/Path Name / Value
upstartwings.com/ Name: uid5379
Value: 1018317902-20230710021943-b5ca16ae309bca8b21b2276a3a367b43-2857
quernscliff.com/ Name: PHPSESSID
Value: 95face70da4fbe97ab29835b3c45921d
.quernscliff.com/ Name: _ga_JMJ044GLKX
Value: GS1.1.1688969986.1.0.1688969986.0.0.0
.quernscliff.com/ Name: _ga
Value: GA1.1.733966469.1688969986

1 Console Messages

Source Level URL
Text
other error URL: https://quernscliff.com/fb004cc32af3d9a9f57b4ad036180de0
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-essursta.com
fonts.googleapis.com
quernscliff.com
region1.google-analytics.com
trk-essursta.com
upstartwings.com
www.googletagmanager.com
www.mi.lp.org
141.98.5.2
2001:4860:4802:34::36
2606:4700:3032::ac43:92b5
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
45.86.10.129
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
2b754dfe6c7248a8dbdef3b7bd3ee1f43ce844f4d4e092207ae8ffdbe5c6bca1
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
3bd9d477a94181d0819a89f799a23698c057dd08c5e2c0bab014ae83a0195ec2
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
47d421d6298ed8525ca21e05722b5b34c873b45fb26da194daf967ccee773834
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5899414b31aa88d907d29e9d7439642a66216547fddcaa9934ce8b735f796362
5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
7f436075f0a6abd34dafeb7489ff439f470051d146e1e48484d97d7f4628069b
83fabdd1f5a6314701f3d045b425a8375408896a1c32cf09c3624e511604d496
85390f4f84363b5c487ae2431e19bda3bc47953dcb2dc4b84b17e8265222394a
95a59a1d6c827706c17fed473b82ca1606bb0ba26fdfa21c8c589d7e8e513b7b
a9407d7c692be16dbb7e90ade5f1761414e7db0d5565cfe7e91931416bced691
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
baa086b7308cea90c0658fdf30aa4d30969af3a053f7ebf5a18c8495a67a9d47
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bfaed2c1c9dcd86691c52bc273367417461d427822fd45c0ac67b8bd2e1fbbda
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
d4deb6c3928210454b9c38cd2ed01ab6317283f0db1b6d7eb3676e3635721905
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaadd20c80382d7af33908c661c7f38ca371381972a4c2d84a2e82f914717808
ec81b926d74eba250ce6fd70f64b59067b01871b883a4cc0156230e34ec51c92
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7dc2abd46c07b20f11d6509a007933af8db04e6db4f4c69156e4b8f9ed3a51a