qutzeldumy.com Open in urlscan Pro
104.21.60.92  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://storage.googleapis.com/trap4ou01/t01trxin.html Page URL
2. http://185.80.128.14//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Page URL
3. http://185.80.128.14/t//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Page URL
4. https://loungelander.com/0/0/0/4c3c98774b406fa66f8c770a2b35d134/13/37-11037/1028-178915-2398 Page URL
5. https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	t01trxin.html storage.googleapis.com/trap4ou01/	243 B 933 B	65ms 46ms	Document text/html	142.250.72.112 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://storage.googleapis.com/trap4ou01/t01trxin.html Protocol HTTP/1.1 Server 142.250.72.112 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f16.1e100.net Software UploadServer / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Age 111 Cache-Control public, max-age=3600 Content-Length 243 Content-Type text/html Date Wed, 23 Aug 2023 14:43:30 GMT ETag "229b917f62c46b83b00af6b9788457ab" Expires Wed, 23 Aug 2023 15:43:30 GMT Last-Modified Thu, 04 May 2023 23:29:31 GMT Server UploadServer X-GUploader-UploadID ADPycdtwvhLu2bw5CPRSMxPRNED8EFTRpL_ggqTpuwWmkc5vfDOPEdjLxUiWO_1bPLlDL7YD355Z8Z3zLP5baf_SwW2ySAnaeHUk x-goog-generation 1683242971421846 x-goog-hash crc32c=gsGi+g== md5=IpuRf2LEa4OwCva5eIRXqw== x-goog-metageneration 2 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 243
GET H/1.1	200 OK	/ Show response 185.80.128.14//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/	458 B 575 B	279ms 256ms	Document text/html	185.80.128.14 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL http://185.80.128.14//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Requested by Host: storage.googleapis.com URL: http://storage.googleapis.com/trap4ou01/t01trxin.html Protocol HTTP/1.1 Server 185.80.128.14 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS sequinrzfi.entasrum.com Software / Resource Hash 0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a Request headers Referer http://storage.googleapis.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Content-Length 458 Content-Type text/html; charset=utf-8 Date Wed, 23 Aug 2023 14:45:21 GMT
GET H/1.1	200 OK	/ Show response 185.80.128.14/t//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/	310 B 427 B	174ms 174ms	Document text/html	185.80.128.14 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL http://185.80.128.14/t//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Requested by Host: 185.80.128.14 URL: http://185.80.128.14//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Protocol HTTP/1.1 Server 185.80.128.14 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS sequinrzfi.entasrum.com Software / Resource Hash 0d179464152961488fd1f0915ed1738ee410dabbe6a8fc3161f916f0fa12cdee Request headers Referer http://185.80.128.14//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Content-Length 310 Content-Type text/html; charset=utf-8 Date Wed, 23 Aug 2023 14:45:22 GMT
GET H/1.1	200 OK	1028-178915-2398 loungelander.com/0/0/0/4c3c98774b406fa66f8c770a2b35d134/13/37-11037/	138 B 432 B	985ms 580ms	Document text/html	81.16.141.158 BITWEB-AS
General Check archive.org Show headers Download Go to Full URL https://loungelander.com/0/0/0/4c3c98774b406fa66f8c770a2b35d134/13/37-11037/1028-178915-2398 Requested by Host: 185.80.128.14 URL: http://185.80.128.14/t//4vTlzY11037SwKA37psoqaqhnrs1028HSPLLHIADCYQZCQ178915/2398b13/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 81.16.141.158 , United Arab Emirates, ASN57271 (BITWEB-AS, RU), Reverse DNS 235019.bitweb.ru Software Apache / Resource Hash Request headers Referer http://185.80.128.14/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-length 138 content-type text/html; charset=UTF-8 date Wed, 23 Aug 2023 14:45:24 GMT server Apache
GET H2	200	Primary Request / Show response qutzeldumy.com/	2 KB 1 KB	280ms 226ms	Document text/html	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Requested by Host: loungelander.com URL: https://loungelander.com/0/0/0/4c3c98774b406fa66f8c770a2b35d134/13/37-11037/1028-178915-2398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93ec45808ec58a11e0de668e985c98438361d3e35e1531ef74a2ad233ab283c2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://loungelander.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7fb4239d9b5b36a0-YYZ content-encoding br content-type text/html; charset=UTF-8 date Wed, 23 Aug 2023 14:45:24 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdmFdiHtmEDmv%2BbzB3R5hJXlhs0YnBDDnKOO1xqa%2BWY2%2FIs0J2J0W%2FQn1XlKm8WbrCtBYHcZgOpu7%2BZCTxkCHMCwqRRCcPGT7QmnkoTtL0G7c5iCM4f1wu9l1QcuHtPLCA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	aff30ab3af2ea56e7716d7933f4c1003 Show response qutzeldumy.com/	163 KB 26 KB	465ms 461ms	XHR text/html	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003?_ax=w Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc41e713e57d50bc6dd7f28b233a7f911b82e591e847e793007831dba2fc5910 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppOyX%2BrOwKZFrMPosbq%2BkoBwoRHoVVxhTx5%2Bxb4DqaYcHTS9MOAdjHVxWjUE1QfyubjaIW4tsiTnLuQtDid5rOmHnhSmB5pbxAPrGYxW4AhC7lUFghKpmUmAfGX7tCbFxQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate cf-ray 7fb4239f3d0536a0-YYZ expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	bootstrap.min.css qutzeldumy.com/assets/js/vendor/bootstrap/css/	141 KB 22 KB	46ms 45ms	Stylesheet text/css	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/vendor/bootstrap/css/bootstrap.min.css Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 179712 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 23 Mar 2021 22:52:06 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzsREDv0st7ZlAJoHKSbLTL7xiawSYCDfDgJ57ld332rLV4womUEZE4Ui5Xah1x%2FB%2BOOE906yxa2TlQQ87vtVK1t%2BDHRSpRIzFnY241RKX9UAfC%2B2F6E%2B4N%2Fsjz5BivIUg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e773981-YYZ expires Mon, 28 Aug 2023 12:50:13 GMT
GET H3	200	all.css qutzeldumy.com/assets/vendors/fontawesome/css/	72 KB 13 KB	26ms 25ms	Stylesheet text/css	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/vendors/fontawesome/css/all.css Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 179712 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 19 Jul 2021 19:00:02 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inpvdKwgKZQ%2BP67Oh5UBcbCYhlbh99Olz9FXjqE7aIHkKnuJByl03n6dnP3R3saWD1ZP3VwwSUHMuo8woDEyjU8u4SJQ4dJ6fIHrrz0rVkwVQSfZUDDhD71LT%2BbRkFNizA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e783981-YYZ expires Mon, 28 Aug 2023 12:50:13 GMT
GET H3	200	common-hybrid.css qutzeldumy.com/assets/css/legacy/dist/	26 KB 7 KB	186ms 185ms	Stylesheet text/css	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/css/legacy/dist/common-hybrid.css?v=baad39c42f7c7550b525b7186ccb9fcf Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Feb 2023 19:29:20 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaSvWHK1RrTAArau%2FKzjlT4T8N1CdEhjVhOvpRXPbgs8dFdF2Zd5SayzRkFwwPNNKWnjp3WJkE2RT3Ubclw2HZPH8pbsdAXhLTGsAoHNDWxVFGQMT8F%2FNzdPqQcLlWWDpg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e7b3981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H3	200	1.4.css qutzeldumy.com/assets/css/legacy/	7 KB 2 KB	193ms 192ms	Stylesheet text/css	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/css/legacy/1.4.css?v=baad39c42f7c7550b525b7186ccb9fcf Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 09 Feb 2023 19:04:36 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GT46tMptsOtBTqXjvDYYvuMTZCJp%2BSU%2FS7Phoe0LG9aNAK6sHui73WqCBUfOa8aASZURLhb6iQelS5zmtSmJOkT8aK7OS8kcNyXtDP%2Bb6A%2Fjraw155Lr6l8n1CEPP2%2FiA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e7c3981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H3	200	msg.v3.js qutzeldumy.com/inc/	2 KB 1 KB	158ms 158ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/inc/msg.v3.js?64e61b8540079 Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 11 Jul 2023 21:35:45 GMT server cloudflare vary Accept-Encoding,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyL0ntz74KkDV3pwpjHBpcA10u5lXjcmD%2FZtmGu4gfvH0MEHp2Hh9Pd6tTAsmbV2ykdqxP3zR%2BZeoPA83Rp4gWMU1RUQ%2BnsfaMla1FH%2FDXpnNYFLzGB5LLTzde2NXBO6Tw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e7e3981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H3	200	jquery-3.4.1.min.js Show response qutzeldumy.com/assets/js/vendor/	86 KB 31 KB	60ms 59ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/vendor/jquery-3.4.1.min.js Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 179712 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 23 Mar 2021 22:52:06 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYfSMEhBkHTmFXWRdNmYpyVT9UGkFE48mOUWNJbegGFLbmICb8t1B4Lkk5x5G8XGfYMADy4G6LI9qxt04PGs%2BZYheSBkr4PA8Fox6Mzp1cbqIWiUV%2BUXnJ9sAaR7kV2uaA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e803981-YYZ expires Mon, 28 Aug 2023 12:50:13 GMT
GET H3	200	bootstrap.min.js qutzeldumy.com/assets/js/vendor/bootstrap/js/	48 KB 14 KB	61ms 60ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/vendor/bootstrap/js/bootstrap.min.js Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 179712 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 23 Mar 2021 22:52:06 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Aks3QMj24TnbPW0PG%2BpZA2Q%2FxtEx188%2BeFihS%2FYzAvwlG2Me5p337vMbgARnlV%2BMH3J8jsjoeiDWOKRTJbkm7n3YA%2B2KETBtuXyGRF%2BVoswzSgaes0SlXmf0jpv4DJA5w%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e823981-YYZ expires Mon, 28 Aug 2023 12:50:13 GMT
GET H3	200	functions.js qutzeldumy.com/assets/js/	495 B 729 B	169ms 168ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/functions.js?v=baad39c42f7c7550b525b7186ccb9fcf Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 03 Jul 2023 15:34:56 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbzot3OrCTEvGzUz2yigwrcb%2Brx32oOa6W3GQJK%2BeIIZj4hiEjVtKaBOm8C62dQAauqC8CyvnHduYm4eqTV0fJJryPEAcF577WUqm%2FIXORIaStm4KJaspi4Gvs%2FrItn%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e833981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H3	200	intl_functions.js qutzeldumy.com/assets/js/	3 KB 2 KB	89ms 88ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/intl_functions.js?v=baad39c42f7c7550b525b7186ccb9fcf Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 26 Sep 2022 20:48:44 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxEXJ%2B7%2BCX5aeGESepANsx3qkft5Kp1RtFJBLpcMG7zGexSZE85vaT8aNEgGRpCA8jyb7wog22jwCBQlzORGpoMnw4DAU5bMwpEoEiTtzX0QKtmJJ%2BD7oJIGC%2FZks7EpRg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a25e843981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H3	200	common-hybrid.js qutzeldumy.com/assets/js/legacy/dist/	94 KB 21 KB	210ms 209ms	Script application/javascript	104.21.60.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qutzeldumy.com/assets/js/legacy/dist/common-hybrid.js?v=baad39c42f7c7550b525b7186ccb9fcf Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/?s1=351432&s2=1041582515&s3=1782&s4=1710&ow=&s10=739 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.60.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/aff30ab3af2ea56e7716d7933f4c1003 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 14:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 07 Jul 2023 17:42:58 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV3po2iUFP7aWIrZCOKba1vCqtgeFEk%2Fx0twqrStFCYE0Og86jZd8RHVPCSto83juMT5jZGYXMKcFGhqae4x6wFrfa%2F2I3d65LvbRkcCBsCibLauVQOmUxLv8hJ%2Bp7FUeA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 7fb423a26e8d3981-YYZ expires Wed, 30 Aug 2023 14:45:25 GMT
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	248ms 54ms	Stylesheet text/css	142.250.72.106
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap Requested by Host: qutzeldumy.com URL: https://qutzeldumy.com/assets/css/legacy/dist/common-hybrid.css?v=baad39c42f7c7550b525b7186ccb9fcf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.106 -, , ASN (), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://qutzeldumy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 23 Aug 2023 14:45:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 23 Aug 2023 14:45:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 23 Aug 2023 14:45:25 GMT
GET		v9e118mez8 trk-essursta.com/scripts/push/	0 0
GET		gtm.js www.googletagmanager.com/	0 0
GET		onlinesurvey-color.png qutzeldumy.com/uploads/archive/company/175/images/	0 0
GET		708e0dbb65b832c2fd95362e23479d52.png qutzeldumy.com/fim/739-CA/	0 0
GET		b0e1e96b6cd2a2ca468cd4fd4ea240d3.gif qutzeldumy.com/fim/739-CA/	0 0
GET		137d5c70e2b67730452a5f3fd9380739.png qutzeldumy.com/fim/739-CA/	0 0
GET		902e829242ab4b4e6eb6c5bc108978c0.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		d656b59a47c5ac8cd181c8e693ec21f6.png qutzeldumy.com/fim/739-CA/	0 0
GET		d3fd18cd5b8d161ea8809544018a79bf.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		83209dd5d3bc839c6df3033c181e29fc.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		a257697a94a6ae2816c6ed59476e54cd.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		6e4288ba5fcdab0926488d0ab46550c3.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		d0cc24a1a1971285706f602fce8b2e82.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		947b7f41d93aea5e2b9ebec0f1193772.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		881a869e81e85f368230ed6d5fda0a1e.jpg qutzeldumy.com/fim/739-CA/	0 0
GET		0edcf20e14740c05833efe2cb18872fd.png qutzeldumy.com/fim/739-CA/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

trk-essursta.com

URL

https://trk-essursta.com/scripts/push/v9e118mez8

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/uploads/archive/company/175/images/onlinesurvey-color.png

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/708e0dbb65b832c2fd95362e23479d52.png

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/b0e1e96b6cd2a2ca468cd4fd4ea240d3.gif

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/137d5c70e2b67730452a5f3fd9380739.png

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/902e829242ab4b4e6eb6c5bc108978c0.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/d656b59a47c5ac8cd181c8e693ec21f6.png

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/d3fd18cd5b8d161ea8809544018a79bf.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/83209dd5d3bc839c6df3033c181e29fc.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/a257697a94a6ae2816c6ed59476e54cd.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/6e4288ba5fcdab0926488d0ab46550c3.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/d0cc24a1a1971285706f602fce8b2e82.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/947b7f41d93aea5e2b9ebec0f1193772.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/881a869e81e85f368230ed6d5fda0a1e.jpg

Domain

qutzeldumy.com

URL

https://qutzeldumy.com/fim/739-CA/0edcf20e14740c05833efe2cb18872fd.png

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x4eba function| _0x3ccf

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			loungelander.com/	1970-01-20 14:56:33	Name: uid1782 Value: 1041582515-20230823104524-f746fb40609983a1036c2c49f8a42474-0
			qutzeldumy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 43071f4de076039874b2ee7c93f79e24

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
loungelander.com
qutzeldumy.com
storage.googleapis.com
trk-essursta.com
www.googletagmanager.com
qutzeldumy.com
trk-essursta.com
www.googletagmanager.com
104.21.60.92
142.250.72.106
142.250.72.112
185.80.128.14
81.16.141.158
0d179464152961488fd1f0915ed1738ee410dabbe6a8fc3161f916f0fa12cdee
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
93ec45808ec58a11e0de668e985c98438361d3e35e1531ef74a2ad233ab283c2
cc41e713e57d50bc6dd7f28b233a7f911b82e591e847e793007831dba2fc5910