wittleshumer.live Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Submitted URL: https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1...
Effective URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Submission: On October 15 via manual from ES — Scanned from ES

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wittleshumer.live.
TLS certificate: Issued by E1 on August 22nd 2022. Valid for: 3 months.
This is the only time wittleshumer.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online) Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 148.66.136.215 26496 (AS-26496-...)
1 45.134.9.75 61317 (ASDETUK w...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
19 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
28 6
Apex Domain
Subdomains
Transfer
19 wittleshumer.live
wittleshumer.live
967 KB
5 trk-deserunt.com
trk-deserunt.com — Cisco Umbrella Rank: 84982
event.trk-deserunt.com — Cisco Umbrella Rank: 137652
3 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1022 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
30 KB
1 applicapblemud.com
applicapblemud.com
690 B
1 nestiorslot.com
nestiorslot.com
454 B
1 gbanil.com
gbanil.com
157 B
28 8
Domain Requested by
19 wittleshumer.live nestiorslot.com
wittleshumer.live
4 event.trk-deserunt.com trk-deserunt.com
1 fonts.gstatic.com fonts.googleapis.com
1 trk-deserunt.com wittleshumer.live
1 fonts.googleapis.com wittleshumer.live
1 code.jquery.com wittleshumer.live
1 applicapblemud.com 1 redirects
1 nestiorslot.com
1 gbanil.com 1 redirects
28 9

This site contains no links.

Subject Issuer Validity Valid
nestiorslot.com
R3
2022-09-11 -
2022-12-10
3 months crt.sh
*.wittleshumer.live
E1
2022-08-22 -
2022-11-20
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.trk-deserunt.com
E1
2022-09-15 -
2022-12-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Frame ID: E88F1D6974F472C24396EDAEBB7DB8FA
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Shopper Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm... HTTP 302
    https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp Page URL
  2. https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a HTTP 302
    https://wittleshumer.live/?77787311018cb257bdd3262863948076 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

1021 kB
Transfer

1260 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuLP7T9,,y5itkwLqQRrcBC HTTP 302
    https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp Page URL
  2. https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a HTTP 302
    https://wittleshumer.live/?77787311018cb257bdd3262863948076 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuLP7T9,,y5itkwLqQRrcBC HTTP 302
  • https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
spp
nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/
Redirect Chain
  • https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuL...
  • https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
162 B
454 B
Document
General
Full URL
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.134.9.75 , Germany, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
es-ES,es;q=0.9

Response headers

content-length
162
content-type
text/html; charset=UTF-8
date
Sat, 15 Oct 2022 18:24:54 GMT
server
Apache

Redirect headers

content-encoding
br
content-length
1
content-type
text/html; charset=UTF-8
date
Sat, 15 Oct 2022 18:24:52 GMT
location
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
Primary Request /
wittleshumer.live/
Redirect Chain
  • https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a
  • https://wittleshumer.live/?77787311018cb257bdd3262863948076
19 KB
4 KB
Document
General
Full URL
https://wittleshumer.live/?77787311018cb257bdd3262863948076
Requested by
Host: nestiorslot.com
URL: https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25170323463a52e491a6f7d9892bb2d0c9ebfd947d6497d5af333eed7122b37f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75aa9829cb84866f-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Oct 2022 18:24:55 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I9SJloh0rZ68BDxOIOpcA9X%2FwV4krFDX8%2FWuMb%2BhnPq4vx6T5PSiqF%2FPPmg7y31lCP%2FFsNocuS%2BNV4RgwOEy1e%2B5X5orYYgYrAarzH%2FnQf8gEhZuC0IknPyNu8I7yg3L2ts4J5wZnC5gKUkmeQP2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
75aa98274f4f86bd-MAD
content-type
text/html; charset=UTF-8
date
Sat, 15 Oct 2022 18:24:55 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://wittleshumer.live/?77787311018cb257bdd3262863948076
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHT2xlnqlRtf5F5NoJRxypdMsgQ4kDkohKyo9HrXfmiVss6rk2%2Bc2ri%2FgLmsgnFEzEXAfoLtb96nVb5ZRIF92aQfMU85NTb%2BSGm3oTqPhiv4nNDciUv03NhdU5Y8xnE%2FQbJBCHbVmXTG5%2FI5tPRLnOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main00.css
wittleshumer.live/master/css/
193 KB
28 KB
Stylesheet
General
Full URL
https://wittleshumer.live/master/css/main00.css
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 Mar 2021 12:43:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6QiscLlRr9zNligKLsX2ZAkP44gXT6B7lDCSN8k30bgryyxh3agGlkMlrfoXUKpL02CrE1Cs3H3nylQ4kNX695I5JlIisKDnnExHCkwWve3pfCTI2ZyHf%2Bnx2wg4gXWrnGBu62hCCzsWY%2FzdIF5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982c39eb866f-MAD
expires
Sat, 22 Oct 2022 18:24:55 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:55 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1665858295.dop034.ml1.t,1665858295.cds209.ml1.hn,1665858295.cds001.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
datespain.js
wittleshumer.live/master/js/
979 B
719 B
Script
General
Full URL
https://wittleshumer.live/master/js/datespain.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca05e639c0634538ffb8a61bb72fdaff4aa01dcd0a4f8e88aaa665629e2d627d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ej4By9Fni%2B8LhupvXbQpQwaEYdZZjkigv%2BwDrcPvTBjehrpGc9yMaNYQSmtGytka9MLiL%2BozlwyDkTmF5uCjktvYTbQsxD0ZiR7a8XBsysMUDLoRYYytyhc9%2BxdY2YfP4Yg9ZhvE8So5aeHZ8gIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982c39ef866f-MAD
expires
Sat, 22 Oct 2022 02:03:12 GMT
rndm_ppl_cmt_spn.js
wittleshumer.live/master/js/
0
0
Script
General
Full URL
https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TstbQ5Qqg4FNkleSmeNFmOa%2FWz92PIry3uOsZ1iG0RAvEqvVemL6yX8tDlruvKBPd2UO%2F8NGZF4JtTc5DsqYunbLBKSCMK9byRcs2fFq1yGeORBB4ZA8F3zC%2B2aRVIA7bddVJIJspSbSKGGTb64dog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
75aa982c39f3866f-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
msg.js
wittleshumer.live/inc/
942 B
825 B
Script
General
Full URL
https://wittleshumer.live/inc/msg.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3599480fb9aca6d90a0b5af6d7eda4da1a38a206244c05c5677f412f5cd623b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 15 Sep 2022 18:51:03 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUHwfR7C1CbucdeutzuFeUhFlElWMz41RLy1Jc5%2BM3a0KUl9DhFIBWr9tpeCqPuhK86BT2VA%2FNy%2BByJ6TYeZZNFLstoYq9szJLs9%2BV5%2BVW7zO85cnmVnFysL%2FF9H3aZtdDMw4Q1F4bdozd8u8iThXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982c39f4866f-MAD
expires
Sat, 22 Oct 2022 04:41:30 GMT
dbschnkrlogo.png
wittleshumer.live/master/img/
28 KB
28 KB
Image
General
Full URL
https://wittleshumer.live/master/img/dbschnkrlogo.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8cec74f26afa210d0f819257fe2c51e259bb04c3379d054791ccc92c564a7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28232
x-xss-protection
1; mode=block
last-modified
Wed, 09 Dec 2020 09:12:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3FJsY2RE3an21uFHwXfwHx9MgWp8viPUqS4JjsWGb456KF8%2BvYhbIvbkenf1mNOshLPdS7nbG4iOLRpO%2FvvP2w%2FWN64EcaNJf%2Fs%2BCF%2FpN3Jv84hg4Y6nRZIAOxflKieawDfB30vndjRwMRM4qKriQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa982f5c0a666c-MAD
expires
Sat, 22 Oct 2022 15:58:59 GMT
spnflag.png
wittleshumer.live/master/img/
9 KB
9 KB
Image
General
Full URL
https://wittleshumer.live/master/img/spnflag.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc265c8b4f6b565784d35a64b11565ca9742b177de341b8a5af25cadc77f6260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9003
x-xss-protection
1; mode=block
last-modified
Fri, 04 Sep 2020 11:17:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9KeLduQeTOH1xRvn4EEiUsJO1kqYq%2BUZ%2FaW%2FayT1yKV%2FPnJTVgku9HU6etidOq1DQxJhKEKI%2Fr5XwR8Ntrzy9XKB6yB%2FzNpPM05u9%2BUca17Qv670hdJTify%2BMREBlnWVqAdMzp%2Bkxpc9RZfSMkKKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa982ffdd4666c-MAD
expires
Sat, 22 Oct 2022 15:58:59 GMT
freegift.png
wittleshumer.live/master/img/
19 KB
20 KB
Image
General
Full URL
https://wittleshumer.live/master/img/freegift.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62031e4eb22b81da839cf8c5fb0ca9e9add10d30f44af9e4910c3463bfcfd9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19612
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 09:55:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scv1dRB5riuTuK3ASTFJQPJGnK7eK%2BnS%2BtyQAw98ldsy6vlziiXsY87Dr4yyhgPLitH%2BCnV%2Fc8dMELlkOhPa08obiGwvu2nY7UHrSEZ4uAVBPbCjF2%2FVyGnSSKuhBDf%2FY3UBBnkzt01lg92VD6fFZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa98303ea1666c-MAD
expires
Sat, 22 Oct 2022 15:58:59 GMT
loader.gif
wittleshumer.live/master/img/
15 KB
16 KB
Image
General
Full URL
https://wittleshumer.live/master/img/loader.gif
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Mon, 07 Dec 2020 09:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTIAJ5Yk2RVOF%2Bzic4h%2FVSB4gzJU1VYKHjgemv%2B6kqGhQliyGeYoPc%2Bx70vK%2BxbtAOAzyOyjeNkgKgHGmeb2McXJwPpboIcPkxjqlNv4p3iTwvObTnwk8DMPcE7FSYMNRCEW6CyV5B8RU9AtqWhPng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa98309ff8666c-MAD
expires
Sat, 22 Oct 2022 15:58:59 GMT
tick-icon.png
wittleshumer.live/master/img/
2 KB
2 KB
Image
General
Full URL
https://wittleshumer.live/master/img/tick-icon.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Mon, 07 Dec 2020 09:42:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLlSCYd3K1WRlX2uVfH53Y5dQ46qx%2FNW2p3zftMNADi0p1QdLAlBJo54%2B9Ttk0JwyCjrXgChFWqRT%2FF7hzvznc4u0mjVQ6vDH0sBl6HOpOC%2FM3jWw6skG0i0%2BFLOma6op7woR78K8Ib2SZBEPqXohw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa9831090b666c-MAD
expires
Sat, 22 Oct 2022 15:58:59 GMT
image.php
wittleshumer.live/
26 KB
26 KB
Image
General
Full URL
https://wittleshumer.live/image.php?img=images/products_image/iphone12blue.jpg
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254fdfed87e8fa5f6c78841bc80e8062c264c435253a981113fdcc60c7884e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQVIbRbx%2ByTAqbDLJLb3U43pjY%2B%2Fo23mAdlzB%2FYcGkfJh5igfjvyfj%2Be4Y7YvRakUHk%2BvwBi%2FMj60yZYxivv9j3M7g2qUGf6sJ5TNA9Z7nFqhMng0sFWhDWThI5H9k92ce7VJvVQe6eBuE7D7LbSxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/pjpeg
x-frame-options
SAMEORIGIN
cf-ray
75aa98312975666c-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
9227ed9e10072ce0bac69dc54109221b.png
wittleshumer.live/master/img/
1 KB
2 KB
Image
General
Full URL
https://wittleshumer.live/master/img/9227ed9e10072ce0bac69dc54109221b.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
381293
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1172
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uA9PU0OPgGFos6oIuO1g%2Bedkd9tf2befaGGgkeg0ew80Xrjha1Hqu2oMfGtG3W8C%2Fw%2F07pxe1SkSrwAuJ0IR4xVTFY5j9cmSqz9qtsrxgUCmGGdYd%2FvjtDH3XJKegUg9vdvopUJnyNhmsXADZ34LpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa983159f8666c-MAD
expires
Tue, 18 Oct 2022 08:30:03 GMT
image.php
wittleshumer.live/
320 KB
321 KB
Image
General
Full URL
https://wittleshumer.live/image.php?img=images/products_image/s21.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d41d76bb2c632bda86ac1dc43b359eb4dfd6e78a2dc647ca827936b195d3588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMVfzLtMQZEagEj6oFELnpppH0G%2FCaEWMqnzaTQ%2BJkS3eyVkmEtzXjmNQfFo4MPPaL%2FDRtXfXsBblwMeAvauXOSBvJ6yeV69afrCYiMFUNWM17bKwsuTpYdEUikvJFE3IRA1AUfxPiiTnaZTdltYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa98316a08666c-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 18:24:56 GMT
image.php
wittleshumer.live/
496 KB
497 KB
Image
General
Full URL
https://wittleshumer.live/image.php?img=images/products_image/macbookpro.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v784khUImpFzufGrWpEPpsJcKxnpxB5tXL3k2LHtEmro7jU4bGQxay5X46Wm47sqIz8UKkriGBtLqvQO3T9BrcMTTiUGNgABFflSvQZhh4iPNfe6B3HbuiNMRa9GtgHhwcCo18GzH97JQnmjgpU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa98316a0f666c-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 18:24:56 GMT
bcf7f117acc460e9148a3031c5b6c4e4.png
wittleshumer.live/master/img/
4 KB
4 KB
Image
General
Full URL
https://wittleshumer.live/master/img/bcf7f117acc460e9148a3031c5b6c4e4.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
381293
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3947
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BaLvAP2%2FCfwFGw%2BRWFZMIQRUtJhlSDEZPPd7K1EsROkdJnSKFaW65GolKAbrEqeR5%2Fh1i0moFJXGDag1B74WCOLLRrByFoLxvnMN5lhcQT96qCxa9TOt%2F6%2Fc5IXH%2FP013zPFAUIMGmtDXzuPOTUkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa98316a12666c-MAD
expires
Tue, 18 Oct 2022 08:30:02 GMT
x.png
wittleshumer.live/master/img/
5 KB
6 KB
Image
General
Full URL
https://wittleshumer.live/master/img/x.png
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
381293
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg2WtMvPwnCksDYKulQtI3ebZe5ye6Wwb2pATg97mx%2Bbflvy8fLL01AZbDK8xJwnxyIPvmYUF8o51%2Fk%2FzKUYu2IRNr9sLPs8HDGIiBSiHOAYnU9HhQatU0wyExbg3h%2FddQrv3X%2FcqpAZq1P2qLVBPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75aa98316a15666c-MAD
expires
Tue, 18 Oct 2022 08:30:03 GMT
q_es_shppng.js
wittleshumer.live/master/js/
3 KB
1 KB
Script
General
Full URL
https://wittleshumer.live/master/js/q_es_shppng.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc80d2826c18465bcb9aa12070a457a97e2875b634751d0a0012bd2fa06dcf8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Dec 2020 14:33:04 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zWBM8BbBRI%2FVMa7ItDatVIb%2FaXalxCJX9lJEWMp4QC%2FgMDp%2Bwjt1JolbO%2BQruHz9mZpStFg8%2B49HgkBV5ZJcmr%2FL8g3Mnlh9DL2D756Y1ydVQRR8bMczHNAFu6toalOmRunsiCpQX70MUWX%2BdvtWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982e9a02666c-MAD
expires
Sat, 22 Oct 2022 15:58:58 GMT
timer.js
wittleshumer.live/master/js/
619 B
798 B
Script
General
Full URL
https://wittleshumer.live/master/js/timer.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
381294
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzQn5oJBbpScUOTaskqvJ6roMLhjUA7FwCQvczUAbw5CCz2ZtSCVjjDWJ50Plx3rLun9H5lXGU44RVxhLIN1o%2FSVDXyJP%2Bc71Q55AOPxGyQUnv4Hz3jAXNYs61CLuVED2zpB8zdw%2FhBbAMzMeyY%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982eeaf1666c-MAD
expires
Tue, 18 Oct 2022 08:30:02 GMT
modal.js
wittleshumer.live/master/js/
673 B
754 B
Script
General
Full URL
https://wittleshumer.live/master/js/modal.js
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=182URnVBqO3%2BJcHc4KbZKcXJVBzsiIGI4x3lQ9rEDBLsFoKd6LRMaEKMzugR2B2G1ql8EVhK6DgbTV3EQm0P7tGH2n%2BCsDkN6c%2FOgTmvwpW82fghxRkb7kSzzeOLmLniLbxLkmtYLtvGdiw%2BQGcQoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75aa982f3bb1666c-MAD
expires
Wed, 19 Oct 2022 21:41:56 GMT
css2
fonts.googleapis.com/
5 KB
1022 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/master/css/main00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b90626b0de6d7b8ef91fce144d2f7615d932d6dcc6a6f90ac9f2599c03e03e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Oct 2022 18:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 15 Oct 2022 18:24:56 GMT
v9e118mez8
trk-deserunt.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-deserunt.com/scripts/push/v9e118mez8
Requested by
Host: wittleshumer.live
URL: https://wittleshumer.live/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17823b26a728bccd7efe631f9274f6b82161d6416fa62fafd93c3177cf31362
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://wittleshumer.live/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 15 Oct 2022 18:24:57 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rroq1zUNUzTrJvcs7QR8tSvlSbfP0lmbpg%2B7HyFBlKDiZN%2FILifIOdpZaXfPY1Fue39ryY6IbfuzNhrO5ouurZyyj3Q%2FM3KnJJJGZXsAakWJmnhCv4xorQHzHMTpskKGB8gXThmCbprKEGDWm4Ik"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75aa9831eb91660b-MAD
expires
0
P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v27/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCFuj5-v.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa1bdfbfb1aa84da87b14550cfd82a523b68795b672b69128706828800d16fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wittleshumer.live
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 14 Oct 2022 01:41:18 GMT
x-content-type-options
nosniff
age
146618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:22:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 01:41:18 GMT
v9e118mez8
event.trk-deserunt.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-deserunt.com/register/event_log/v9e118mez8
Requested by
Host: trk-deserunt.com
URL: https://trk-deserunt.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wittleshumer.live/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

expires
0
date
Sat, 15 Oct 2022 18:24:58 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsKrEzGfeVhmHbWpt9Gr5Zmxf3XNkL3aBsAEORIVjP%2BR%2FuXGq1SyTKM5RqmP%2FcGGuCWD7tv3jpMaVc%2BkxmTdlaHN2t0GxsnU%2FEhCOuvpnLXiRH8meP2s3aGSF4u%2BFSBzfn6wIDDFMLRAiSrnHJMUu%2F8z0bqk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://wittleshumer.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75aa983bfc6073ab-MRS
x-pushplatformapp-params
v9e118mez8
event.trk-deserunt.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-deserunt.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wittleshumer.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://wittleshumer.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75aa983a08456660-MAD
content-length
0
date
Sat, 15 Oct 2022 18:24:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEgFTU7jq7pdtdm4tiyJFsGJcHXB4sz%2FfXCTf%2FwNIWbkZWyWqQwmPuziDnxp4K53IGTdQHeLEEQ2P1dx1ZvPXgq48Bz9MssgbsCV%2Ft9FaL%2BmlTUwGGXNCCSBr4GsSuJ6PtiqzxZW9oLuUPsEgypKGxFCLIf5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-deserunt.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-deserunt.com/register/event_log/v9e118mez8
Requested by
Host: trk-deserunt.com
URL: https://trk-deserunt.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wittleshumer.live/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type
application/json

Response headers

expires
0
date
Sat, 15 Oct 2022 18:24:58 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFnY9e4ERKPVCqEoNx04YjQZjqzNAfg6dTXAc0fRRGyWSWWOOHA8dDcqX%2Bg3gGGf3umG%2F46SQytRcII3%2FFkIc%2F0ggLkJbESH8oqx%2BK0kxf%2FzgHIg1cqFVmMUdeF42I3G4At0%2FBXH056l1AZfXlqEpXwdW7F1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://wittleshumer.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75aa983bfc6273ab-MRS
x-pushplatformapp-params
v9e118mez8
event.trk-deserunt.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-deserunt.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wittleshumer.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://wittleshumer.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75aa983a084a6660-MAD
content-length
0
date
Sat, 15 Oct 2022 18:24:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWQOxD0ERDO%2FUFCVxOi%2FUuxV6xZIeBXcJFjI89xGLptQoavv02RonE6GEgDEgSgiEc%2BFxKEtaw3Zti9spjIqmGHY%2B0fZFUMhiJx5CxzmkSqiiDvm2zACjYqFH%2FX7K524CWeF9MHO6YlbY9dvKNFvptaankwn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online) Customer Survey Spam (Consumer)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| asdf function| datehax function| replaceUrlParam object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| startTimer function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

3 Cookies

Domain/Path Name / Value
nestiorslot.com/ Name: uid2249
Value: 827933662-20221015142454-51cd74691425c8c2de45052cead6d772-
applicapblemud.com/ Name: PHPSESSID
Value: ac16b8ad493ac1c8f78ebb68b8b19652
wittleshumer.live/ Name: PHPSESSID
Value: f336e2b46d12fcfe07d29dd7d82ddede

3 Console Messages

Source Level URL
Text
network error URL: https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Message:
Refused to execute script from 'https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other error URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applicapblemud.com
code.jquery.com
event.trk-deserunt.com
fonts.googleapis.com
fonts.gstatic.com
gbanil.com
nestiorslot.com
trk-deserunt.com
wittleshumer.live
148.66.136.215
2001:4de0:ac18::1:a:1b
2606:4700:3034::6815:2caf
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::9
2a06:98c1:3121::3
45.134.9.75
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
25170323463a52e491a6f7d9892bb2d0c9ebfd947d6497d5af333eed7122b37f
254fdfed87e8fa5f6c78841bc80e8062c264c435253a981113fdcc60c7884e23
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4d41d76bb2c632bda86ac1dc43b359eb4dfd6e78a2dc647ca827936b195d3588
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
aa1bdfbfb1aa84da87b14550cfd82a523b68795b672b69128706828800d16fa9
b90626b0de6d7b8ef91fce144d2f7615d932d6dcc6a6f90ac9f2599c03e03e50
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
ca05e639c0634538ffb8a61bb72fdaff4aa01dcd0a4f8e88aaa665629e2d627d
cc80d2826c18465bcb9aa12070a457a97e2875b634751d0a0012bd2fa06dcf8d
d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86
d3599480fb9aca6d90a0b5af6d7eda4da1a38a206244c05c5677f412f5cd623b
e17823b26a728bccd7efe631f9274f6b82161d6416fa62fafd93c3177cf31362
e8cec74f26afa210d0f819257fe2c51e259bb04c3379d054791ccc92c564a7e3
f62031e4eb22b81da839cf8c5fb0ca9e9add10d30f44af9e4910c3463bfcfd9e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc265c8b4f6b565784d35a64b11565ca9742b177de341b8a5af25cadc77f6260