quixtie.com Open in urlscan Pro
104.21.93.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jumiang.com/
Effective URL:
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer...
Submission: On February 08 via manual (February 8th 2024, 1:19:47 pm UTC) from ES — Scanned from ES

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 104.21.93.29, located in and belongs to CLOUDFLARENET, US. The main domain is quixtie.com.
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2024. Valid for: 3 months.

This is the only time quixtie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.224.212.212 103.224.212.212	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
2 3	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	15169 (GOOGLE) (GOOGLE)
2	104.21.93.29 104.21.93.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	7

3 103.224.212.212 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-212.above.com

jumiang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

hemiae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.239.53.32 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.trustflayer1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tq.trustflayer1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.93.29 (None, )

ASN13335 (CLOUDFLARENET, US)

quixtie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 19101 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9177	9 KB
3	trustflayer1.online 2 redirects xml-v4.trustflayer1.online tq.trustflayer1.online	16 KB
3	jumiang.com 1 redirects jumiang.com	8 KB
2	quixtie.com quixtie.com	5 KB
2	hemiae.com 1 redirects hemiae.com	2 KB
0	horny-honey.online Failed horny-honey.online Failed
0	onesignal.com Failed cdn.onesignal.com Failed
23	7

	Domain	Requested by
3	jumiang.com	1 redirects jumiang.com
2	quixtie.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	xml-v4.trustflayer1.online	2 redirects
2	hemiae.com	1 redirects jumiang.com
1	cdn.perfdrive.com	tq.trustflayer1.online
1	tq.trustflayer1.online	hemiae.com
0	horny-honey.online Failed	quixtie.com
0	cdn.onesignal.com Failed	quixtie.com
23	9

This site contains no links.

Subject Issuer	Validity	Valid
bersihmy.com R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
quixtie.com GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139
Frame ID: 06925ACA6C5CF2BC336FF48A73EA4316
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://jumiang.com/ HTTP 302
https://jumiang.com/ Page URL
http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGlu... HTTP 302
http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGlu... Page URL
http://xml-v4.trustflayer1.online/click?seat=2464886&i=v-tZJY9Lq24_0 HTTP 302
http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 Page URL
http://xml-v4.trustflayer1.online/click2?i=v-tZJY9Lq24_0&ci=878983023422276073&j=rv%3Db%26ss%3D1600x1200%26ws%... HTTP 302
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=100... Page URL
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=100... Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

23
Requests

30 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

37 kB
Transfer

77 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jumiang.com/ HTTP 302
https://jumiang.com/ Page URL
http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576 Page URL
http://xml-v4.trustflayer1.online/click?seat=2464886&i=v-tZJY9Lq24_0 HTTP 302
http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 Page URL
http://xml-v4.trustflayer1.online/click2?i=v-tZJY9Lq24_0&ci=878983023422276073&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6677%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Dhemiae.com%26lo%3Dtq.trustflayer1.online%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26tp%3D17%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139 Page URL
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://jumiang.com/ HTTP 302
https://jumiang.com/

Request Chain 2

http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576

Request Chain 3

http://xml-v4.trustflayer1.online/click?seat=2464886&i=v-tZJY9Lq24_0 HTTP 302
http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25

Request Chain 8

http://xml-v4.trustflayer1.online/click2?i=v-tZJY9Lq24_0&ci=878983023422276073&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6677%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Dhemiae.com%26lo%3Dtq.trustflayer1.online%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26tp%3D17%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139

23 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response jumiang.com/ Redirect Chain http://jumiang.com/ https://jumiang.com/	7 KB 3 KB	1569ms 932ms	Document text/html	103.224.212.212 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://jumiang.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.224.212.212 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-212.above.com Software Apache / Resource Hash `9ef62d5dd329fc964f889aa4c33c773947949c5daef8e803598e649d3bcf88e7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers connection close content-encoding gzip content-length 3339 content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:38 GMT server Apache vary Accept-Encoding Redirect headers connection close content-length 0 content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:37 GMT location https://jumiang.com/ server Apache
GET H/1.1	200 OK	swfobject.js jumiang.com/js/	10 KB 4 KB	1243ms 548ms	Script application/javascript	103.224.212.212 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://jumiang.com/js/swfobject.js Requested by Host: jumiang.com URL: https://jumiang.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.224.212.212 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-212.above.com Software Apache / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer https://jumiang.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 08 Feb 2024 13:19:40 GMT content-encoding gzip last-modified Thu, 16 Nov 2023 05:06:15 GMT server Apache etag "27ef-60a3dfaaa1fc0-gzip" vary Accept-Encoding content-type application/javascript connection close accept-ranges bytes content-length 3949
GET H/1.1	200 OK	jr.php hemiae.com/ Redirect Chain http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1l... http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1l...	359 B 453 B	1013ms 1005ms	Document text/html	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576 Requested by Host: jumiang.com URL: https://jumiang.com/ Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache / Resource Hash Request headers Referer https://jumiang.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers connection close content-encoding gzip content-length 240 content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:42 GMT server Apache vary Accept-Encoding x-jr-code s Redirect headers connection close content-length 0 content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:41 GMT location jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576 server Apache x-jr-code cr
GET H/1.1	200 OK	filter Show response tq.trustflayer1.online/ Redirect Chain http://xml-v4.trustflayer1.online/click?seat=2464886&i=v-tZJY9Lq24_0 http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25	15 KB 15 KB	482ms 449ms	Document text/html	173.239.53.32 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Full URL http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 Requested by Host: hemiae.com URL: http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576 Protocol HTTP/1.1 Server 173.239.53.32 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software / Resource Hash `041a11188eba1e73f4fdbe9a086e3c0f496cfdc676d75739dedbfc2e153fad4b` Request headers Referer http://hemiae.com/jr.php?gz=vcf7i4A5sHAApWRXvHG%2BL349fkdtZkJvdHZJNE5KU21FOXlrTnRUZjh4RTBZNGluOHJJbW9QZllWdG05d3RPK012VG4yWTVpczcxMVo0TWhHc3FmTWtkd1JWcEhObWR6amhvMmJGL2EvUUs2emNXKzQ3SkhTZzFsT3VLQ1lJbGZDbE95YkRzcnBSditMeU5yVGdxdG1tOUVsS2pSMkRpanNOWkV3aGprZ2NSMzdBZGpaalN0ZXdqMDN0U25NTG96dmpWeXNPdE5mT24weW9veEFwMnV3UDN3T1VTenhsT1NJbFFxZGRHc1REdkUyNm9kb0o0T2pZZ2Iwelc0Vzh3QUdhOHd4K2NpVko2YlR5WVNMS3pvRTZYcHB0cUxKeS9hdEJvUG5Hc25CSWRPVDZDSDNKTXdLK05Rbmh2TFVHc2c0WmJwUW1DTGxFN0lXWDd1aVVDa3prNllzTjQ1Wit0dEc5QnBZaU9TckxFZkRNWTlkTlR1V3ZyWXcyTGNGNlA4N21uRzgzZzR6dElIdVRkVGhpRDRRK2pDc0xpa1djWlVZd1ZiOVFIb1phODZyTFJ4YVdHVFNmWXZXSTE1dE5IWEQ2ZnQrb0VIQ1lFTkhGN1lSVVFkSWFwS0d5TG1ra1FRVjJVVTM3b1VJMEZnSW9acm5Za29nb0wzL2kyTE81dzAvU2lqa01zS0g0b210VW1icEYrYXUveFpSd1pqclhoczNnb0l4VFptSzBybGVJb0VibHVWMHNxSDVsSzF1cXVtT2hlcjRiazhxYU16Wk5jR1ErSlVrMUlraU54ZWRVRTYyN0NHQTBya0RzVm9XbEhtT0hnSWd2djlENzVsU1pDYXVGSnN1QVJoaWhCcGtyQ29aVzlmV2txbkN4cUJtT3BYZzVjR3JaSGNES3lXb3VmRjQvYW4wa3pRc3pGZ1NKQVlNSkw5bTdPUkpzYjQ3a3FCM0docUdCZTVWcVRyaXVMSU4xSHROK3ZOM2lRZWMzNDlDbXhuSndwK2Zqb21CY0JVSTZUU0EyY0ZBazY3TUczd0NyWUJ2a1pHZFUvaktha1JUempWSUpOMlVtNjRnZXo1Tmd3Y3gwNURYWk1GQTBQZ0xhV1Q2d0J1emlJMXhWdk1reFlDSzVIN2ZGMGpmWVJ2SUpNc1Y5cDRBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1707398381.5250576 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Cache-Control no-store Connection keep-alive Content-Length 15276 Content-Type text/html; charset=utf-8 Referrer-Policy unsafe-url Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25
GET H2	200	aperture.js Show response cdn.perfdrive.com/aperture/	26 KB 8 KB	641ms 175ms	Script application/javascript	130.211.29.114 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.perfdrive.com/aperture/aperture.js Requested by Host: tq.trustflayer1.online URL: http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 114.29.211.130.bc.googleusercontent.com Software nginx/1.24.0 / Resource Hash `9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506` Request headers accept-language es-ES,es;q=0.9 Referer http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 08 Feb 2024 12:56:59 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 04:28:49 GMT server nginx/1.24.0 age 1365 etag W/"65389981-6844" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600,public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7938
POST H2	200	jsdata cas.avalon.perfdrive.com/	316 B 375 B	562ms 192ms	XHR text/plain	35.241.15.240 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/aperture/aperture.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers Referer http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * x-response-time 30ms date Thu, 08 Feb 2024 13:19:44 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 316 content-type text/plain; charset=UTF-8
POST H2	200	jsdata cas.avalon.perfdrive.com/	211 B 355 B	560ms 192ms	XHR text/plain	35.241.15.240 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/aperture/aperture.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers Referer http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * x-response-time 0ms date Thu, 08 Feb 2024 13:19:44 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 211 content-type text/plain; charset=UTF-8
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1` Request headers accept-language es-ES,es;q=0.9 Referer http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response quixtie.com/khappr/ Redirect Chain http://xml-v4.trustflayer1.online/click2?i=v-tZJY9Lq24_0&ci=878983023422276073&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6677%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3... https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner...	5 KB 2 KB	1469ms 587ms	Document text/html	104.21.93.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.93.29 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a5f8a0b61bbfa64fb7b3377bccabed5c3ed650b57122fd8ac235f45fa89642b` Request headers Referer http://tq.trustflayer1.online/filter?q=jumiang&i=v-tZJY9Lq24_0&ci=878983023422276073&t=812552989&h=25 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 85242a877cf75cf3-MAD content-encoding br content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBCfIofTR2bVLl6O%2FIUz7tnUGpNsptVCqJy1vuWk5IL%2FV%2BhSdlQYY4TejJk9Rv%2FmyWxhmw68Y8zhIf9uCSe%2BBmZIdbd025HMPnmOomA8pO7SOVSdfI5TL%2BM7MHD4OA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139
POST H2	200	Primary Request / Show response quixtie.com/khappr/	14 KB 3 KB	1175ms 987ms	Document text/html	104.21.93.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.93.29 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `445ac085960a21e08a5ff35f0bfe4312702e38c4adb32309abf7faf53affddde` Request headers Content-Type application/x-www-form-urlencoded Origin https://quixtie.com Referer https://quixtie.com/khappr/?bid=0.02&conversion=DDLGZxqvAek&source_subid=1753555632&campaign=1000764&search_referrer_domain=1753555632.com&query=jumiang&carrier=Telefonica+de+Espana&state=cn&banner=5704303&ip=83.59.68.139 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 85242a8bcad45cf3-MAD content-encoding br content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 13:19:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUpc7zny5Q%2FroOy8%2BOJd2vJbEPWNxGhon0P3LW%2BXn3Y42SkcpCEhh30tbO46eKzzzlqUX2Auk6ekOk5lF%2FTBG3XykbJAbF6JMmhiU%2F8p1kXEfDReXvBx1pv%2FkvzTRg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET		OneSignalSDK.js cdn.onesignal.com/sdks/	0 0

GET		bootstrap.css horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		stylesuk.css horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		jquery.min.js horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		bootstrap.min.js horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		bootstrap-slider.min.css horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		bootstrap-slider.min.js horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		lp-confirm.css horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		notdat.js horny-honey.online/landers/redfiles/pesimg/	0 0

GET		redmp.js horny-honey.online/landers/redfiles/	0 0

GET		w1.jpg horny-honey.online/landers/redfiles/pesimg/	0 0

GET		radar.gif horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		main.js horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

GET		bbradar.js horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap.css

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/stylesuk.css

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/jquery.min.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap.min.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap-slider.min.css

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap-slider.min.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/lp-confirm.css

Domain: horny-honey.online
URL: https://horny-honey.online/landers/redfiles/pesimg/notdat.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/redfiles/redmp.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/redfiles/pesimg/w1.jpg

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/radar.gif

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/main.js

Domain: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bbradar.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quixtie.com/khappr	1970-01-20 18:16:38	Name: _cid Value: 7c4b1e80cdad39874d7b1dfe2440ab5e
jumiang.com/	1970-01-21 03:52:38	Name: __tad Value: 1707398377.5339508
hemiae.com/	1970-01-21 03:52:38	Name: __tad Value: 1707398381.5250576
.trustflayer1.online/	1969-12-31 23:59:59	Name: x3325799 Value: 328863899
tq.trustflayer1.online/	1969-12-31 23:59:59	Name: c1033171906 Value: -328863899
.trustflayer1.online/	1970-01-20 22:35:46	Name: __ssds Value: 2
tq.trustflayer1.online/	1969-12-31 23:59:59	Name: jc Value: 6677
.trustflayer1.online/	1970-01-20 22:35:46	Name: __ssuzjsr2 Value: a9be0cd8e
.trustflayer1.online/	1970-01-20 22:35:46	Name: __uzmaj2 Value: 5490320b-4105-4f86-b72d-327ef990d645
.trustflayer1.online/	1970-01-20 22:35:46	Name: __uzmbj2 Value: 1707398384
.trustflayer1.online/	1970-01-20 22:35:46	Name: __uzmcj2 Value: 992801033206
.trustflayer1.online/	1970-01-20 22:35:46	Name: __uzmdj2 Value: 1707398384

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.onesignal.com
cdn.perfdrive.com
hemiae.com
horny-honey.online
jumiang.com
quixtie.com
tq.trustflayer1.online
xml-v4.trustflayer1.online
cdn.onesignal.com
horny-honey.online
103.224.182.206
103.224.212.212
104.21.93.29
130.211.29.114
173.239.53.32
35.241.15.240
041a11188eba1e73f4fdbe9a086e3c0f496cfdc676d75739dedbfc2e153fad4b
0a5f8a0b61bbfa64fb7b3377bccabed5c3ed650b57122fd8ac235f45fa89642b
445ac085960a21e08a5ff35f0bfe4312702e38c4adb32309abf7faf53affddde
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
9ef62d5dd329fc964f889aa4c33c773947949c5daef8e803598e649d3bcf88e7
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

quixtie.com Open in urlscan Pro 104.21.93.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

30 %HTTPS

0 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

37 kBTransfer

77 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

12 Cookies

Indicators

quixtie.com Open in urlscan Pro
104.21.93.29 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

30 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

37 kB
Transfer

77 kB
Size

12
Cookies

23 HTTP transactions
1 data transactions