qltuh.check-tl-ver-235-2.com Open in urlscan Pro
172.67.189.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click
Effective URL:
https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8...
Submission: On June 14 via manual (June 14th 2024, 8:59:41 am UTC) from FR — Scanned from FR

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 172.67.189.72, located in United States and belongs to CLOUDFLARENET, US. The main domain is qltuh.check-tl-ver-235-2.com.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.

This is the only time qltuh.check-tl-ver-235-2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.194.41.211 35.194.41.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	146.148.75.207 146.148.75.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.189.72 172.67.189.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

2 35.194.41.211 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: mailsurefive.com

mailsurefive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.148.75.207 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.75.148.146.bc.googleusercontent.com

www.mincing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qltuh.bellatrixmeissa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.189.72 (United States)

ASN13335 (CLOUDFLARENET, US)

qltuh.check-tl-ver-235-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.check-tl-ver-235-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	check-tl-ver-235-2.com qltuh.check-tl-ver-235-2.com cdnstatic.check-tl-ver-235-2.com — Cisco Umbrella Rank: 448913	22 KB
2	mailsurefive.com mailsurefive.com	1 KB
1	bellatrixmeissa.com 1 redirects qltuh.bellatrixmeissa.com — Cisco Umbrella Rank: 236637	834 B
1	mincing.com 1 redirects www.mincing.com	257 B
10	4

	Domain	Requested by
7	qltuh.check-tl-ver-235-2.com	mailsurefive.com qltuh.check-tl-ver-235-2.com
2	mailsurefive.com	mailsurefive.com
1	cdnstatic.check-tl-ver-235-2.com	qltuh.check-tl-ver-235-2.com
1	qltuh.bellatrixmeissa.com	1 redirects
1	www.mincing.com	1 redirects
10	5

This site contains no links.

Subject Issuer	Validity	Valid
mailsurefive.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
check-tl-ver-235-2.com GTS CA 1P5	`2024-05-23` - `2024-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Frame ID: BE6421E6EBDEB7A2000B27D2BCDAEB9E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click "Allow"

Page URL History Show full URLs

https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp... Page URL
https://www.mincing.com/products/ HTTP 302
https://qltuh.bellatrixmeissa.com/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cpm02vijvq3flljbcsvg HTTP 302
https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3fl... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

2
IPs

2
Countries

24 kB
Transfer

56 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click Page URL
https://www.mincing.com/products/ HTTP 302
https://qltuh.bellatrixmeissa.com/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cpm02vijvq3flljbcsvg HTTP 302
https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK click Show response
mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/ 1 KB
987 B 420ms
129ms Document
text/html 35.194.41.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.194.41.211 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

mailsurefive.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ef27797ec0f9614449212e45e17f881360874a71b245a0db1cb7dbcd9741512a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 561
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jun 2024 08:59:36 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-TRACE-ID: req_xJkeVSoXWmWBgREfGsmnmUFrMFNoMg
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK click
mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/ 70 B
505 B 124ms
124ms XHR
application/json 35.194.41.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click?reqid=req_SGyv9BmxNdpGu8xHTnQmmCgx32jEfJ

Requested by

Host: mailsurefive.com
URL: https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.194.41.211 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

mailsurefive.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json
Referer: https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-TRACE-ID: req_K9jUGV6wfVG0tV62NELleSVn8Hrgbx
Date: Fri, 14 Jun 2024 08:59:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
Content-Length: 88
X-XSS-Protection: 1; mode=block

GET
H3

200

Primary Request / Show response
qltuh.check-tl-ver-235-2.com/space-robot/
Redirect Chain

https://www.mincing.com/products/
https://qltuh.bellatrixmeissa.com/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cpm02vijvq3flljbcsvg
https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=171835...

13 KB
4 KB

86ms
46ms

Document
text/html

172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Requested by: Host: mailsurefive.com
URL: https://mailsurefive.com/ct3/gmztanrsga3tcnc7l5pwq5duobztulzpo53xoltnnfxgg2lom4xgg33nf5yhe33eovrxi4zp/click
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://mailsurefive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89392017f91ff0e8-CDG
content-encoding: br
content-type: text/html
date: Fri, 14 Jun 2024 08:59:37 GMT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4fy9b6FBMJ8Yqmap%2BDjnL1fc3V7qPxvxwe8Cm3p6QlNswE1QBxxV%2BCvfcqvAKuIZJ50nWbxd9GutQn7VTB2s8VB00VcDtYFwqWbVt1j1GIZ8%2FEgnpna5pEjd1s%2BmozdSBeJMsTt3MbUFldVcLXz"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 893920176a499eb4-CDG
content-length: 0
date: Fri, 14 Jun 2024 08:59:37 GMT
location: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zgt7insnJgnlrAUUqmXbH172ss%2F8%2FN%2Ffm9DikchxbfURJsiwIOLHyuFBMPtiSVmq24gp%2FtvDBn4Dx2JeNo8s1T5iMuwyW4M26l1b9Jgj3t6wncoIpTpMf05nYrAd7nNul7hWRQQDFPgWA1cq"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 trls.js Show response
qltuh.check-tl-ver-235-2.com/space-robot/assets/ 12 KB
5 KB 35ms
34ms Script
application/javascript 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/assets/trls.js
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2280
etag: W/"6627c958-2f4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqAgsoAp5tWzpbAiQTMB7DrJXwQGt%2BuKdOxuxb8M69N4x%2BtpLrgc1DdFNCdCCB0p9Wh8CS40S1998Kr0rzho%2BdwZfIJZYd3%2FiMOsCpPC%2BIxwjgg%2BTJ0Ssba9pAIn7MB96Gu00Bv%2FrFDBus30GbpC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 89392018496ef0e8-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
qltuh.check-tl-ver-235-2.com/space-robot/assets/ 6 KB
2 KB 31ms
30ms Stylesheet
text/css 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/assets/style.css?v=4
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b758313cde9005f3f2082f616558a3db63019d03a5f1376f3a49e64d874909e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1853
etag: W/"6627c958-1986"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctFaklfit8gTvh9VYzUaLkqz4fNhPhMi9aOmDWxv%2B%2B83QrwGZS1IrklnB1xa%2Frn1vf6enFYHQhZ96PwqW%2F2%2B%2BJ4lhzvtmP%2Bkx79bUzpL9M8L9qSpAHvXmRdwEeeEQ%2F6VoB2dz0B8AVElxqjTQJ4M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 89392018496ff0e8-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 corner.png
qltuh.check-tl-ver-235-2.com/space-robot/assets/ 300 B
762 B 33ms
32ms Image
image/png 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/assets/corner.png
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4724
etag: "6627c958-12c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkGdL7qo9QaAviThkmByjPhkU5ER2qCZcUiya6joFDiGcIvdYojYDIj0C0OMZYscITutx0%2FGv%2BkAtgvqhFbCFslg3WqDGIzBjw6P%2BafJrSHgJpUesoDEHiNZwQ6vvFOu9T0QEtYXeOwVODj8iJmn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893920184970f0e8-CDG
alt-svc: h3=":443"; ma=86400
content-length: 300

GET
H3 200 main.js Show response
qltuh.check-tl-ver-235-2.com/space-robot/assets/ 5 KB
1 KB 31ms
31ms Script
application/javascript 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/assets/main.js?v=3
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0224d810d4f0ac617ddd4ab215e0084aeec230d8944780a129c0046de2dad5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3491
etag: W/"6627c958-1255"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvbzzWZ6uXeqKgz67l9sCu9lUeTBV4vKcDaYq6ShcAvmS6l7oIJ1O%2Bt3Ek4pVX4zaC9C%2BIzGtjKnlYZEau7TX00Yt3wLUboJF00uQTDxAvdiwKiLNWCaneZk0aUSuSXwJjqUTxYz1KnBsLYY3ZTS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 893920184971f0e8-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 static-pl.js Show response
qltuh.check-tl-ver-235-2.com/shared-js/assets/ 3 KB
2 KB 28ms
28ms Script
application/javascript 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/shared-js/assets/static-pl.js?v=2
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4906
etag: W/"6627c958-dee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKEJJo0UQs6OMugx8Qt%2BDhx2YALCHlMMD9Po5I3RESnJg49eOu2E0Mo5Gaax%2B%2F0NAllfOs6gjkceQmqPYoNBrgbgY5jcANxqYSSNUsIO4PB1D%2BQCry5r82QE56PVZZ24t1%2B0xCQYRCzIdkszuYqo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8939201879a0f0e8-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 204 ps.js Show response
cdnstatic.check-tl-ver-235-2.com/ps/ 0
598 B 96ms
80ms Script
application/javascript 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.check-tl-ver-235-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-235-2.com&timeout=30&tb=true&nrid=897f6b8c18a94b6e9fb7111fdc170519
Requested by: Host: qltuh.check-tl-ver-235-2.com
URL: https://qltuh.check-tl-ver-235-2.com/shared-js/assets/static-pl.js?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR%2Ff%2FtbeWo8PijqAKOAtsq7lm2T018fMm44vDdkKgugrDSIoqc8KiR6nmP9nUCE9ic1mWB7dkX7gY3UZZrKO1ZIVF%2FXt%2B9lkM2jWdi9BuH9pQ%2BOaXiDFPsQWiBWXMBg5sR3fqLXis1wsyVGprvGDXaJPYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 89392018c9e0f0e8-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
qltuh.check-tl-ver-235-2.com/space-robot/assets/ 15 KB
6 KB 29ms
28ms Other
image/x-icon 172.67.189.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.check-tl-ver-235-2.com/space-robot/assets/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7e89635c2278aac17966d17cb41c8a725ab5d0d0d5a40b41f7fa5169440059

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://qltuh.check-tl-ver-235-2.com/space-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=space-robot&click_id=cpm02vijvq3flljbcsvg&nrid=897f6b8c18a94b6e9fb7111fdc170519&hash=y0d546rG3JQuJHIXq-38QA&exp=1718355877
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:59:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1220
etag: W/"6627c958-3aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgxATNZFUquG3B5Sof1m7CJmTKCdOXQibUmyEN%2BOxFefgZtK8cEmiGxnkRadcIEG1SHpmUBuXh1PT12cAm7BxEmVJF8SWKNWgcFhzu%2BnnaLOVCoYCHXtD5ds6iXFb906NLPU0283ocf%2F7%2FTOo3Gl"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 893920194a4bf0e8-CDG
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qltuh.bellatrixmeissa.com/	1970-01-20 21:25:01	Name: CHiI7Gh3GUyTa8XGgNqDyQ Value: 1
qltuh.bellatrixmeissa.com/	1970-01-21 06:55:15	Name: __pl Value: 9a0b7341-5d12-4d3d-a943-8f0a9d3f97f3
qltuh.bellatrixmeissa.com/	1970-01-20 21:19:19	Name: __cap Value: 1
cdnstatic.check-tl-ver-235-2.com/	1970-01-21 06:55:15	Name: __psu Value: aea50ebb-6ee3-4587-9453-03d5a92681b3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstatic.check-tl-ver-235-2.com
mailsurefive.com
qltuh.bellatrixmeissa.com
qltuh.check-tl-ver-235-2.com
www.mincing.com
146.148.75.207
172.67.189.72
188.114.97.3
35.194.41.211
0b758313cde9005f3f2082f616558a3db63019d03a5f1376f3a49e64d874909e
0e7e89635c2278aac17966d17cb41c8a725ab5d0d0d5a40b41f7fa5169440059
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
4c0224d810d4f0ac617ddd4ab215e0084aeec230d8944780a129c0046de2dad5
51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef27797ec0f9614449212e45e17f881360874a71b245a0db1cb7dbcd9741512a

qltuh.check-tl-ver-235-2.com Open in urlscan Pro 172.67.189.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

2 IPs

2 Countries

24 kBTransfer

56 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

qltuh.check-tl-ver-235-2.com Open in urlscan Pro
172.67.189.72 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

2
IPs

2
Countries

24 kB
Transfer

56 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions