wittleshumer.live Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1...
Effective URL:
https://wittleshumer.live/?77787311018cb257bdd3262863948076
Submission: On October 15 via manual (October 15th 2022, 6:25:01 pm UTC) from ES — Scanned from ES

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wittleshumer.live.
TLS certificate: Issued by E1 on August 22nd 2022. Valid for: 3 months.

This is the only time wittleshumer.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online) Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	148.66.136.215 148.66.136.215	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	45.134.9.75 45.134.9.75	61317 (ASDETUK w...) (ASDETUK www.heficed.com)
1 1	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3034::6815:2caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
28	6

1 148.66.136.215 (Singapore, Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

gbanil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.134.9.75 (Germany)

ASN61317 (ASDETUK www.heficed.com, GB)

nestiorslot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

applicapblemud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

wittleshumer.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::6815:2caf (United States)

ASN13335 (CLOUDFLARENET, US)

trk-deserunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-deserunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	wittleshumer.live wittleshumer.live	967 KB
5	trk-deserunt.com trk-deserunt.com — Cisco Umbrella Rank: 84982 event.trk-deserunt.com — Cisco Umbrella Rank: 137652	3 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1022 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	30 KB
1	applicapblemud.com 1 redirects applicapblemud.com	690 B
1	nestiorslot.com nestiorslot.com	454 B
1	gbanil.com 1 redirects gbanil.com	157 B
28	8

	Domain	Requested by
19	wittleshumer.live	nestiorslot.com wittleshumer.live
4	event.trk-deserunt.com	trk-deserunt.com
1	fonts.gstatic.com	fonts.googleapis.com
1	trk-deserunt.com	wittleshumer.live
1	fonts.googleapis.com	wittleshumer.live
1	code.jquery.com	wittleshumer.live
1	applicapblemud.com	1 redirects
1	nestiorslot.com
1	gbanil.com	1 redirects
28	9

This site contains no links.

Subject Issuer	Validity	Valid
nestiorslot.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
*.wittleshumer.live E1	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.trk-deserunt.com E1	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Frame ID: E88F1D6974F472C24396EDAEBB7DB8FA
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shopper Survey - We Want Your Opinion!

Page URL History Show full URLs

https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm... HTTP 302
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp Page URL
https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a HTTP 302
https://wittleshumer.live/?77787311018cb257bdd3262863948076 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

1021 kB
Transfer

1260 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuLP7T9,,y5itkwLqQRrcBC HTTP 302
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp Page URL
https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a HTTP 302
https://wittleshumer.live/?77787311018cb257bdd3262863948076 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuLP7T9,,y5itkwLqQRrcBC HTTP 302
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

spp
nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/
Redirect Chain

https://gbanil.com/melan/scss/spnc?tr=zept((uYywja_sxlm8ka5i1jwo40zfc2neu36v_bXNhbmdhckB0ZWxlZm9uaWNhLm5ldA==_lkyr1fdj5gmwb7tc0uxq46v9snez8ohpa3i_nmKCzVhyf(((((((dwC2HmUZAe44,,sA8Wk6D))))))))z((uuL...
https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp

162 B
454 B

1276ms
689ms

Document
text/html

45.134.9.75
ASDETUK www.hefic...

General

Check archive.org

Show headers Download Go to

Full URL: https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.134.9.75 , Germany, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: es-ES,es;q=0.9

Response headers

content-length: 162
content-type: text/html; charset=UTF-8
date: Sat, 15 Oct 2022 18:24:54 GMT
server: Apache

Redirect headers

content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Sat, 15 Oct 2022 18:24:52 GMT
location: https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

GET
H2

200

Primary Request / Show response
wittleshumer.live/
Redirect Chain

https://applicapblemud.com/index2.php?s1=351059&s2=827933662&s3=2249&s4=lpid&ow=49&p=sp3dbspnchkr8a
https://wittleshumer.live/?77787311018cb257bdd3262863948076

19 KB
4 KB

498ms
376ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/?77787311018cb257bdd3262863948076

Requested by

Host: nestiorslot.com
URL: https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25170323463a52e491a6f7d9892bb2d0c9ebfd947d6497d5af333eed7122b37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestiorslot.com/0/0/0/7a3721539c7bdd860fa1e8436a5d1ecc/spp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75aa9829cb84866f-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 15 Oct 2022 18:24:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I9SJloh0rZ68BDxOIOpcA9X%2FwV4krFDX8%2FWuMb%2BhnPq4vx6T5PSiqF%2FPPmg7y31lCP%2FFsNocuS%2BNV4RgwOEy1e%2B5X5orYYgYrAarzH%2FnQf8gEhZuC0IknPyNu8I7yg3L2ts4J5wZnC5gKUkmeQP2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 75aa98274f4f86bd-MAD
content-type: text/html; charset=UTF-8
date: Sat, 15 Oct 2022 18:24:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://wittleshumer.live/?77787311018cb257bdd3262863948076
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHT2xlnqlRtf5F5NoJRxypdMsgQ4kDkohKyo9HrXfmiVss6rk2%2Bc2ri%2FgLmsgnFEzEXAfoLtb96nVb5ZRIF92aQfMU85NTb%2BSGm3oTqPhiv4nNDciUv03NhdU5Y8xnE%2FQbJBCHbVmXTG5%2FI5tPRLnOk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 main00.css
wittleshumer.live/master/css/ 193 KB
28 KB 498ms
492ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/css/main00.css

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Mar 2021 12:43:44 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6QiscLlRr9zNligKLsX2ZAkP44gXT6B7lDCSN8k30bgryyxh3agGlkMlrfoXUKpL02CrE1Cs3H3nylQ4kNX695I5JlIisKDnnExHCkwWve3pfCTI2ZyHf%2Bnx2wg4gXWrnGBu62hCCzsWY%2FzdIF5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982c39eb866f-MAD
expires: Sat, 22 Oct 2022 18:24:55 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 200ms
66ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:55 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1665858295.dop034.ml1.t,1665858295.cds209.ml1.hn,1665858295.cds001.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 datespain.js Show response
wittleshumer.live/master/js/ 979 B
719 B 43ms
40ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/js/datespain.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca05e639c0634538ffb8a61bb72fdaff4aa01dcd0a4f8e88aaa665629e2d627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ej4By9Fni%2B8LhupvXbQpQwaEYdZZjkigv%2BwDrcPvTBjehrpGc9yMaNYQSmtGytka9MLiL%2BozlwyDkTmF5uCjktvYTbQsxD0ZiR7a8XBsysMUDLoRYYytyhc9%2BxdY2YfP4Yg9ZhvE8So5aeHZ8gIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982c39ef866f-MAD
expires: Sat, 22 Oct 2022 02:03:12 GMT

GET
H2 404 rndm_ppl_cmt_spn.js
wittleshumer.live/master/js/ 0
0 372ms
369ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TstbQ5Qqg4FNkleSmeNFmOa%2FWz92PIry3uOsZ1iG0RAvEqvVemL6yX8tDlruvKBPd2UO%2F8NGZF4JtTc5DsqYunbLBKSCMK9byRcs2fFq1yGeORBB4ZA8F3zC%2B2aRVIA7bddVJIJspSbSKGGTb64dog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 75aa982c39f3866f-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 msg.js Show response
wittleshumer.live/inc/ 942 B
825 B 41ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/inc/msg.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3599480fb9aca6d90a0b5af6d7eda4da1a38a206244c05c5677f412f5cd623b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 18:51:03 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUHwfR7C1CbucdeutzuFeUhFlElWMz41RLy1Jc5%2BM3a0KUl9DhFIBWr9tpeCqPuhK86BT2VA%2FNy%2BByJ6TYeZZNFLstoYq9szJLs9%2BV5%2BVW7zO85cnmVnFysL%2FF9H3aZtdDMw4Q1F4bdozd8u8iThXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982c39f4866f-MAD
expires: Sat, 22 Oct 2022 04:41:30 GMT

GET
H3 200 dbschnkrlogo.png
wittleshumer.live/master/img/ 28 KB
28 KB 48ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/dbschnkrlogo.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8cec74f26afa210d0f819257fe2c51e259bb04c3379d054791ccc92c564a7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28232
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Dec 2020 09:12:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3FJsY2RE3an21uFHwXfwHx9MgWp8viPUqS4JjsWGb456KF8%2BvYhbIvbkenf1mNOshLPdS7nbG4iOLRpO%2FvvP2w%2FWN64EcaNJf%2Fs%2BCF%2FpN3Jv84hg4Y6nRZIAOxflKieawDfB30vndjRwMRM4qKriQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa982f5c0a666c-MAD
expires: Sat, 22 Oct 2022 15:58:59 GMT

GET
H3 200 spnflag.png
wittleshumer.live/master/img/ 9 KB
9 KB 41ms
40ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/spnflag.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc265c8b4f6b565784d35a64b11565ca9742b177de341b8a5af25cadc77f6260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9003
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 11:17:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9KeLduQeTOH1xRvn4EEiUsJO1kqYq%2BUZ%2FaW%2FayT1yKV%2FPnJTVgku9HU6etidOq1DQxJhKEKI%2Fr5XwR8Ntrzy9XKB6yB%2FzNpPM05u9%2BUca17Qv670hdJTify%2BMREBlnWVqAdMzp%2Bkxpc9RZfSMkKKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa982ffdd4666c-MAD
expires: Sat, 22 Oct 2022 15:58:59 GMT

GET
H3 200 freegift.png
wittleshumer.live/master/img/ 19 KB
20 KB 48ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/freegift.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f62031e4eb22b81da839cf8c5fb0ca9e9add10d30f44af9e4910c3463bfcfd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19612
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 09:55:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scv1dRB5riuTuK3ASTFJQPJGnK7eK%2BnS%2BtyQAw98ldsy6vlziiXsY87Dr4yyhgPLitH%2BCnV%2Fc8dMELlkOhPa08obiGwvu2nY7UHrSEZ4uAVBPbCjF2%2FVyGnSSKuhBDf%2FY3UBBnkzt01lg92VD6fFZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa98303ea1666c-MAD
expires: Sat, 22 Oct 2022 15:58:59 GMT

GET
H3 200 loader.gif
wittleshumer.live/master/img/ 15 KB
16 KB 48ms
47ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/loader.gif

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15537
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Dec 2020 09:42:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTIAJ5Yk2RVOF%2Bzic4h%2FVSB4gzJU1VYKHjgemv%2B6kqGhQliyGeYoPc%2Bx70vK%2BxbtAOAzyOyjeNkgKgHGmeb2McXJwPpboIcPkxjqlNv4p3iTwvObTnwk8DMPcE7FSYMNRCEW6CyV5B8RU9AtqWhPng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa98309ff8666c-MAD
expires: Sat, 22 Oct 2022 15:58:59 GMT

GET
H3 200 tick-icon.png
wittleshumer.live/master/img/ 2 KB
2 KB 44ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/tick-icon.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1714
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Dec 2020 09:42:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLlSCYd3K1WRlX2uVfH53Y5dQ46qx%2FNW2p3zftMNADi0p1QdLAlBJo54%2B9Ttk0JwyCjrXgChFWqRT%2FF7hzvznc4u0mjVQ6vDH0sBl6HOpOC%2FM3jWw6skG0i0%2BFLOma6op7woR78K8Ib2SZBEPqXohw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa9831090b666c-MAD
expires: Sat, 22 Oct 2022 15:58:59 GMT

GET
H3 200 image.php
wittleshumer.live/ 26 KB
26 KB 531ms
530ms Image
image/pjpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/image.php?img=images/products_image/iphone12blue.jpg

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254fdfed87e8fa5f6c78841bc80e8062c264c435253a981113fdcc60c7884e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQVIbRbx%2ByTAqbDLJLb3U43pjY%2B%2Fo23mAdlzB%2FYcGkfJh5igfjvyfj%2Be4Y7YvRakUHk%2BvwBi%2FMj60yZYxivv9j3M7g2qUGf6sJ5TNA9Z7nFqhMng0sFWhDWThI5H9k92ce7VJvVQe6eBuE7D7LbSxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/pjpeg
x-frame-options: SAMEORIGIN
cf-ray: 75aa98312975666c-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 9227ed9e10072ce0bac69dc54109221b.png
wittleshumer.live/master/img/ 1 KB
2 KB 43ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/9227ed9e10072ce0bac69dc54109221b.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381293
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1172
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uA9PU0OPgGFos6oIuO1g%2Bedkd9tf2befaGGgkeg0ew80Xrjha1Hqu2oMfGtG3W8C%2Fw%2F07pxe1SkSrwAuJ0IR4xVTFY5j9cmSqz9qtsrxgUCmGGdYd%2FvjtDH3XJKegUg9vdvopUJnyNhmsXADZ34LpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa983159f8666c-MAD
expires: Tue, 18 Oct 2022 08:30:03 GMT

GET
H3 200 image.php
wittleshumer.live/ 320 KB
321 KB 538ms
537ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/image.php?img=images/products_image/s21.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d41d76bb2c632bda86ac1dc43b359eb4dfd6e78a2dc647ca827936b195d3588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMVfzLtMQZEagEj6oFELnpppH0G%2FCaEWMqnzaTQ%2BJkS3eyVkmEtzXjmNQfFo4MPPaL%2FDRtXfXsBblwMeAvauXOSBvJ6yeV69afrCYiMFUNWM17bKwsuTpYdEUikvJFE3IRA1AUfxPiiTnaZTdltYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa98316a08666c-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sat, 22 Oct 2022 18:24:56 GMT

GET
H3 200 image.php
wittleshumer.live/ 496 KB
497 KB 540ms
538ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/image.php?img=images/products_image/macbookpro.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v784khUImpFzufGrWpEPpsJcKxnpxB5tXL3k2LHtEmro7jU4bGQxay5X46Wm47sqIz8UKkriGBtLqvQO3T9BrcMTTiUGNgABFflSvQZhh4iPNfe6B3HbuiNMRa9GtgHhwcCo18GzH97JQnmjgpU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa98316a0f666c-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sat, 22 Oct 2022 18:24:56 GMT

GET
H3 200 bcf7f117acc460e9148a3031c5b6c4e4.png
wittleshumer.live/master/img/ 4 KB
4 KB 56ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/bcf7f117acc460e9148a3031c5b6c4e4.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381293
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3947
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BaLvAP2%2FCfwFGw%2BRWFZMIQRUtJhlSDEZPPd7K1EsROkdJnSKFaW65GolKAbrEqeR5%2Fh1i0moFJXGDag1B74WCOLLRrByFoLxvnMN5lhcQT96qCxa9TOt%2F6%2Fc5IXH%2FP013zPFAUIMGmtDXzuPOTUkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa98316a12666c-MAD
expires: Tue, 18 Oct 2022 08:30:02 GMT

GET
H3 200 x.png
wittleshumer.live/master/img/ 5 KB
6 KB 41ms
40ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wittleshumer.live/master/img/x.png

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381293
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5389
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg2WtMvPwnCksDYKulQtI3ebZe5ye6Wwb2pATg97mx%2Bbflvy8fLL01AZbDK8xJwnxyIPvmYUF8o51%2Fk%2FzKUYu2IRNr9sLPs8HDGIiBSiHOAYnU9HhQatU0wyExbg3h%2FddQrv3X%2FcqpAZq1P2qLVBPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 75aa98316a15666c-MAD
expires: Tue, 18 Oct 2022 08:30:03 GMT

GET
H3 200 q_es_shppng.js Show response
wittleshumer.live/master/js/ 3 KB
1 KB 48ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/js/q_es_shppng.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc80d2826c18465bcb9aa12070a457a97e2875b634751d0a0012bd2fa06dcf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Dec 2020 14:33:04 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zWBM8BbBRI%2FVMa7ItDatVIb%2FaXalxCJX9lJEWMp4QC%2FgMDp%2Bwjt1JolbO%2BQruHz9mZpStFg8%2B49HgkBV5ZJcmr%2FL8g3Mnlh9DL2D756Y1ydVQRR8bMczHNAFu6toalOmRunsiCpQX70MUWX%2BdvtWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982e9a02666c-MAD
expires: Sat, 22 Oct 2022 15:58:58 GMT

GET
H3 200 timer.js Show response
wittleshumer.live/master/js/ 619 B
798 B 48ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/js/timer.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzQn5oJBbpScUOTaskqvJ6roMLhjUA7FwCQvczUAbw5CCz2ZtSCVjjDWJ50Plx3rLun9H5lXGU44RVxhLIN1o%2FSVDXyJP%2Bc71Q55AOPxGyQUnv4Hz3jAXNYs61CLuVED2zpB8zdw%2FhBbAMzMeyY%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982eeaf1666c-MAD
expires: Tue, 18 Oct 2022 08:30:02 GMT

GET
H3 200 modal.js Show response
wittleshumer.live/master/js/ 673 B
754 B 45ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wittleshumer.live/master/js/modal.js

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/?77787311018cb257bdd3262863948076
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247380
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=182URnVBqO3%2BJcHc4KbZKcXJVBzsiIGI4x3lQ9rEDBLsFoKd6LRMaEKMzugR2B2G1ql8EVhK6DgbTV3EQm0P7tGH2n%2BCsDkN6c%2FOgTmvwpW82fghxRkb7kSzzeOLmLniLbxLkmtYLtvGdiw%2BQGcQoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 75aa982f3bb1666c-MAD
expires: Wed, 19 Oct 2022 21:41:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1022 B 289ms
101ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/master/css/main00.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b90626b0de6d7b8ef91fce144d2f7615d932d6dcc6a6f90ac9f2599c03e03e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 18:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 15 Oct 2022 18:24:56 GMT

GET
H2 200 v9e118mez8 Show response
trk-deserunt.com/scripts/push/ 7 KB
3 KB 518ms
439ms Script
application/javascript 2606:4700:3034::6815:2caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-deserunt.com/scripts/push/v9e118mez8

Requested by

Host: wittleshumer.live
URL: https://wittleshumer.live/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17823b26a728bccd7efe631f9274f6b82161d6416fa62fafd93c3177cf31362

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://wittleshumer.live/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 15 Oct 2022 18:24:57 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rroq1zUNUzTrJvcs7QR8tSvlSbfP0lmbpg%2B7HyFBlKDiZN%2FILifIOdpZaXfPY1Fue39ryY6IbfuzNhrO5ouurZyyj3Q%2FM3KnJJJGZXsAakWJmnhCv4xorQHzHMTpskKGB8gXThmCbprKEGDWm4Ik"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 75aa9831eb91660b-MAD
expires: 0

GET
H2 200 P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 270ms
88ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCFuj5-v.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1bdfbfb1aa84da87b14550cfd82a523b68795b672b69128706828800d16fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wittleshumer.live
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 14 Oct 2022 01:41:18 GMT
x-content-type-options: nosniff
age: 146618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:22:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 01:41:18 GMT

POST
H3 200 v9e118mez8
event.trk-deserunt.com/register/event_log/ 0
0 630ms
472ms Fetch 2606:4700:3034::6815:2caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-deserunt.com/register/event_log/v9e118mez8

Requested by

Host: trk-deserunt.com
URL: https://trk-deserunt.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wittleshumer.live/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/json

Response headers

expires: 0
date: Sat, 15 Oct 2022 18:24:58 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsKrEzGfeVhmHbWpt9Gr5Zmxf3XNkL3aBsAEORIVjP%2BR%2FuXGq1SyTKM5RqmP%2FcGGuCWD7tv3jpMaVc%2BkxmTdlaHN2t0GxsnU%2FEhCOuvpnLXiRH8meP2s3aGSF4u%2BFSBzfn6wIDDFMLRAiSrnHJMUu%2F8z0bqk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wittleshumer.live
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 75aa983bfc6073ab-MRS
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-deserunt.com/register/event_log/ 0
0 230ms
140ms Preflight 2606:4700:3034::6815:2caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-deserunt.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wittleshumer.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://wittleshumer.live
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75aa983a08456660-MAD
content-length: 0
date: Sat, 15 Oct 2022 18:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEgFTU7jq7pdtdm4tiyJFsGJcHXB4sz%2FfXCTf%2FwNIWbkZWyWqQwmPuziDnxp4K53IGTdQHeLEEQ2P1dx1ZvPXgq48Bz9MssgbsCV%2Ft9FaL%2BmlTUwGGXNCCSBr4GsSuJ6PtiqzxZW9oLuUPsEgypKGxFCLIf5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 v9e118mez8
event.trk-deserunt.com/register/event_log/ 0
0 611ms
449ms Fetch 2606:4700:3034::6815:2caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-deserunt.com/register/event_log/v9e118mez8

Requested by

Host: trk-deserunt.com
URL: https://trk-deserunt.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wittleshumer.live/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/json

Response headers

expires: 0
date: Sat, 15 Oct 2022 18:24:58 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFnY9e4ERKPVCqEoNx04YjQZjqzNAfg6dTXAc0fRRGyWSWWOOHA8dDcqX%2Bg3gGGf3umG%2F46SQytRcII3%2FFkIc%2F0ggLkJbESH8oqx%2BK0kxf%2FzgHIg1cqFVmMUdeF42I3G4At0%2FBXH056l1AZfXlqEpXwdW7F1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wittleshumer.live
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 75aa983bfc6273ab-MRS
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-deserunt.com/register/event_log/ 0
0 224ms
135ms Preflight 2606:4700:3034::6815:2caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-deserunt.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wittleshumer.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://wittleshumer.live
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75aa983a084a6660-MAD
content-length: 0
date: Sat, 15 Oct 2022 18:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWQOxD0ERDO%2FUFCVxOi%2FUuxV6xZIeBXcJFjI89xGLptQoavv02RonE6GEgDEgSgiEc%2BFxKEtaw3Zti9spjIqmGHY%2B0fZFUMhiJx5CxzmkSqiiDvm2zACjYqFH%2FX7K524CWeF9MHO6YlbY9dvKNFvptaankwn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online) Customer Survey Spam (Consumer)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nestiorslot.com/	1970-01-20 07:27:30	Name: uid2249 Value: 827933662-20221015142454-51cd74691425c8c2de45052cead6d772-
applicapblemud.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ac16b8ad493ac1c8f78ebb68b8b19652
wittleshumer.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: f336e2b46d12fcfe07d29dd7d82ddede

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076 Message: Refused to execute script from 'https://wittleshumer.live/master/js/rndm_ppl_cmt_spn.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	error	URL: https://wittleshumer.live/?77787311018cb257bdd3262863948076 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applicapblemud.com
code.jquery.com
event.trk-deserunt.com
fonts.googleapis.com
fonts.gstatic.com
gbanil.com
nestiorslot.com
trk-deserunt.com
wittleshumer.live
148.66.136.215
2001:4de0:ac18::1:a:1b
2606:4700:3034::6815:2caf
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::9
2a06:98c1:3121::3
45.134.9.75
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
25170323463a52e491a6f7d9892bb2d0c9ebfd947d6497d5af333eed7122b37f
254fdfed87e8fa5f6c78841bc80e8062c264c435253a981113fdcc60c7884e23
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4d41d76bb2c632bda86ac1dc43b359eb4dfd6e78a2dc647ca827936b195d3588
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
aa1bdfbfb1aa84da87b14550cfd82a523b68795b672b69128706828800d16fa9
b90626b0de6d7b8ef91fce144d2f7615d932d6dcc6a6f90ac9f2599c03e03e50
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
ca05e639c0634538ffb8a61bb72fdaff4aa01dcd0a4f8e88aaa665629e2d627d
cc80d2826c18465bcb9aa12070a457a97e2875b634751d0a0012bd2fa06dcf8d
d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86
d3599480fb9aca6d90a0b5af6d7eda4da1a38a206244c05c5677f412f5cd623b
e17823b26a728bccd7efe631f9274f6b82161d6416fa62fafd93c3177cf31362
e8cec74f26afa210d0f819257fe2c51e259bb04c3379d054791ccc92c564a7e3
f62031e4eb22b81da839cf8c5fb0ca9e9add10d30f44af9e4910c3463bfcfd9e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc265c8b4f6b565784d35a64b11565ca9742b177de341b8a5af25cadc77f6260

wittleshumer.live Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

8 Domains

9 Subdomains

6 IPs

4 Countries

1021 kBTransfer

1260 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wittleshumer.live Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

1021 kB
Transfer

1260 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!