Submitted URL: http://qoorza.work/
Effective URL: https://qoorza.work/
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 17 HTTP transactions. The main IP is 104.21.50.135, located in and belongs to CLOUDFLARENET, US. The main domain is qoorza.work.
TLS certificate: Issued by WE1 on August 1st 2024. Valid for: 3 months.
This is the only time qoorza.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 12 104.21.50.135 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 192.0.66.32 2635 (AUTOMATTIC)
1 151.101.66.62 54113 (FASTLY)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
17 10
Apex Domain
Subdomains
Transfer
12 qoorza.work
qoorza.work
19 KB
3 dailymail.co.uk
i.dailymail.co.uk — Cisco Umbrella Rank: 11574
88 KB
2 gstatic.com
fonts.gstatic.com
16 KB
1 indiatimes.in
im.indiatimes.in — Cisco Umbrella Rank: 511057
81 KB
1 gannett-cdn.com
www.gannett-cdn.com — Cisco Umbrella Rank: 16479
39 KB
1 nypost.com
nypost.com — Cisco Umbrella Rank: 13330
25 KB
1 newsweek.com
d.newsweek.com — Cisco Umbrella Rank: 33014
442 KB
1 independent.co.uk
static.independent.co.uk — Cisco Umbrella Rank: 42716
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
835 B
0 thesun.co.uk Failed
www.thesun.co.uk Failed
0 cnbcfm.com Failed
image.cnbcfm.com Failed
17 11
Domain Requested by
12 qoorza.work 8 redirects qoorza.work
3 i.dailymail.co.uk qoorza.work
2 fonts.gstatic.com fonts.googleapis.com
1 im.indiatimes.in qoorza.work
1 www.gannett-cdn.com qoorza.work
1 nypost.com qoorza.work
1 d.newsweek.com qoorza.work
1 static.independent.co.uk qoorza.work
1 fonts.googleapis.com qoorza.work
0 www.thesun.co.uk Failed qoorza.work
0 image.cnbcfm.com Failed qoorza.work
17 11

This site contains no links.

Subject Issuer Validity Valid
qoorza.work
WE1
2024-08-01 -
2024-10-30
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://qoorza.work/
Frame ID: 9FA92F74BCCEA07518C01F39E6943C43
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

'Bomb' almost smuggled onto passenger plane was a commercial grade firework It appeared to be a part of the original manufacture of the compound

Page URL History Show full URLs

  1. http://qoorza.work/ HTTP 307
    https://qoorza.work/ Page URL
  2. https://qoorza.work/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

41 %
HTTPS

67 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

729 kB
Transfer

773 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qoorza.work/ HTTP 307
    https://qoorza.work/ Page URL
  2. https://qoorza.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://qoorza.work/ HTTP 307
  • https://qoorza.work/
Request Chain 4
  • https://qoorza.work/images/3864-bomb-almost-smuggled-onto-passenger-plane-npgqg HTTP 302
  • https://i.dailymail.co.uk/1s/2023/03/02/00/68238911-0-image-a-3_1677718704049.jpg
Request Chain 5
  • https://qoorza.work/images/3891-police-say-el-paso-man-beat-sister-to-death-aft-gvwzgvh HTTP 302
  • https://static.independent.co.uk/2022/02/11/13/newFile-3.jpg?quality=75&width=1200&auto=webp
Request Chain 6
  • https://qoorza.work/images/2505-albertsons-held-preliminary-merger-tal-pydmbuj HTTP 302
  • https://image.cnbcfm.com/api/v1/image/103269684-GettyImages-479261374.jpg?v=1532564209&w=1920&h=1080
Request Chain 7
  • https://qoorza.work/images/1630-biden-begins-border-speech-by-c-ulgvcaw HTTP 302
  • https://i.dailymail.co.uk/1s/2024/02/29/22/81895351-0-image-a-9_1709246420701.jpg
Request Chain 8
  • https://qoorza.work/images/2974-kanye-west-believes-lebron-need-yhxhpzc HTTP 302
  • https://d.newsweek.com/en/full/1150051/gettyimages-1043884042.jpg
Request Chain 9
  • https://qoorza.work/images/4985-primark-makes-major-change-to-its-wwkgjev HTTP 302
  • https://www.thesun.co.uk/wp-content/uploads/2024/05/newspress-collage-xkmcupf28-1715894877678.jpg?1715898491&strip=all&quality=100&w=1920&h=1080&crop=1
Request Chain 10
  • https://qoorza.work/images/430-the-bachelor-sportsbet-predicts-show-acnummi HTTP 302
  • https://i.dailymail.co.uk/1s/2021/08/05/05/46307383-0-image-a-139_1628137452199.jpg
Request Chain 11
  • https://qoorza.work/images/3826-matthew-fitzpatrick-gets-big-hole-in-one-to-make-beekj HTTP 302
  • https://nypost.com/wp-content/uploads/sites/2/2023/06/NYPICHPDPICT000012704090.jpg?quality=75&strip=all&w=1024
Request Chain 12
  • https://qoorza.work/images/2490-best-buy-sale-shop-rival-prime-hsnppr HTTP 302
  • https://www.gannett-cdn.com/presto/2023/07/10/USAT/e8425afd-87d5-4405-8106-939f72ddae8a-Copy_of_Holiday_Backgrounds_-_2023-07-10T110317.316.png?auto=webp&crop=2039,1147,x8,y0&format=pjpg&width=1200
Request Chain 13
  • https://qoorza.work/images/4800-vikramaditya-motwane-sona-mohapatra-slam-kabir-ueohr HTTP 302
  • https://im.indiatimes.in/content/2019/Dec/FBImage6-1_5de4bed7b7f74.jpg

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
qoorza.work/
Redirect Chain
  • http://qoorza.work/
  • https://qoorza.work/
271 B
601 B
Document
General
Full URL
https://qoorza.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a1cd892856d5bb628db7c6e7d2b4d4122a0a2f6095b69cd164e8dccf62e451

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac24e4e7bb02bde-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Aug 2024 02:12:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1h0IeTntV9d8Dw7j4wUqqwviJPOyWjkl3se8WGw0dCejfE4Zy%2B7ZqAoa63O32NCGF7eOl0xMY9X15aw2XZbgvurBobqtFrSO%2FRkAZyGeeT1DAE1FQbtqtRNLAhsbrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://qoorza.work/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
qoorza.work/
555 B
559 B
Other
General
Full URL
https://qoorza.work/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 02:12:54 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPh9RQObpPY9Ue2GIPgcae%2F9wY2o0RcFGDHzuSXiiOhHX8bm7wOqvCgHV8VmeKXJNtw56PMTr%2BkfIJ5bOBJc39kNlBhRi5%2FTwd%2B9CvOeY2YHS30434NFBghq3CGGmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8ac24e4edbe62bde-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
qoorza.work/
39 KB
9 KB
Document
General
Full URL
https://qoorza.work/
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d76c1d5ec3688d2ada87b8a9e9260ae66f003924f57bdef399d3afedc24c8c3

Request headers

Referer
https://qoorza.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac24e619da52bde-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Aug 2024 02:12:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoY1FhdSLy2jpD%2FEW4yYevUVpi6CzTAswtM%2F6MH36R5EyyBBa8aB6XnWooARluAJkbsGI8ihXcz8etHHVQDPS6p9jQMfiaUqx6u5zcXg%2FRMy5QkiJAqOBeIO6wgphA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-qoorza-work-id
4f5501c2104c8cb8
style_3b799c3a.css
qoorza.work/assets/
22 KB
5 KB
Stylesheet
General
Full URL
https://qoorza.work/assets/style_3b799c3a.css
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917b55ddce4cad06b78e1d1db989ea38abb299a1df0fdf9f386937ff6e24b28d

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 02:12:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jul 2024 12:42:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a2482c-5719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ea5rtUA2DHHD7VK9ZjvZTUCL1JGZO4TDOr3Bnb%2Fix9NI5oFHbRYLc9GLgG4ojY1Y3ZSa6gNpZLegyf7J8kNmBqepAwSWfskrdK9gT4dP37j%2B3V3zKmAQGw7h7mjMRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ac24e61edd12bde-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/
2 KB
835 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Aug 2024 02:12:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 01:35:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Aug 2024 02:12:57 GMT
68238911-0-image-a-3_1677718704049.jpg
i.dailymail.co.uk/1s/2023/03/02/00/
Redirect Chain
  • https://qoorza.work/images/3864-bomb-almost-smuggled-onto-passenger-plane-npgqg
  • https://i.dailymail.co.uk/1s/2023/03/02/00/68238911-0-image-a-3_1677718704049.jpg
14 KB
15 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2023/03/02/00/68238911-0-image-a-3_1677718704049.jpg
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a02:26f0:1700:1a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1026fd014637a075bf6ec1037cc139e7572d677c7845a01ae749a84c70eaa790

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
0E.iS3sfO0IpGibfsnqGLB_wbmyHP2Wg
date
Thu, 01 Aug 2024 02:12:57 GMT
x-origin
cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
/1s/2023/03/02/00/68238911-0-image-a-3_1677718704049.jpg
x-amz-replication-status
COMPLETED
content-length
14753
x-mol-img
avif
last-modified
Thu, 02 Mar 2023 00:58:28 GMT
server
AmazonS3
etag
"131a37b1abd54e457320954969853793"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
HhUB5VXYArwmtkXbpeLc4W30KX59sQtxsE3Px2FlsbAX0yzVoKof5g==
expires
Sat, 31 Aug 2024 02:12:57 GMT

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ofd001pIM0rRCT8%2BeDHtfmiW1SPKQvSZGAZQZ9acrsNysLxmxygGrqFNysK2Sv892RacVsorOx2XdRhCMfOJgtvqTR6TRIWNoMdYmLju5vaSTNNPJZM%2BHzfBMKTEKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://i.dailymail.co.uk/1s/2023/03/02/00/68238911-0-image-a-3_1677718704049.jpg
cf-ray
8ac24e61edd32bde-FRA
alt-svc
h3=":443"; ma=86400
newFile-3.jpg
static.independent.co.uk/2022/02/11/13/
Redirect Chain
  • https://qoorza.work/images/3891-police-say-el-paso-man-beat-sister-to-death-aft-gvwzgvh
  • https://static.independent.co.uk/2022/02/11/13/newFile-3.jpg?quality=75&width=1200&auto=webp
21 KB
22 KB
Image
General
Full URL
https://static.independent.co.uk/2022/02/11/13/newFile-3.jpg?quality=75&width=1200&auto=webp
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fd0421dec177d499fdb5c8cb28b642661be70dec3a14bf52a2205b43923f5c7

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 02:12:57 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-etou8240195
x-amz-request-id
8G478FD46MSZVT1P
age
2396107
x-cache
HIT, MISS
fastly-io-info
ifsz=242295 idim=806x605 ifmt=jpeg ofsz=21927 odim=1200x901 ofmt=avif
xbe
shield_london_city_uk
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21927
x-amz-id-2
UqDga+UnpbSoegTN1seNHxXBmboVzuy1o1VJUbDFaihWRVgkQVRZKvqfDigd+ddaleHzYDJN3V0=
x-served-by
cache-lcy-eglc8600099-LCY, cache-fra-etou8220139-FRA
server
AmazonS3
x-timer
S1722478377.366305,VS0,VE14
etag
"oPOv1qvoYqXCGsTxzGyZvpt5etPslNH2l7TRatUpi1E"
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 0

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4hMmL3Iu0%2BvmWz7zHuAc5ABXg3RCE8ePQ7VUF6QDxO2DZ6LGmkBvlpRObYEMorNdSSv0fU1sHSrYkza79g2h8c3auKGoCjqwUbX7svcb%2F7VnPDXikg%2FvNY%2F67U0ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://static.independent.co.uk/2022/02/11/13/newFile-3.jpg?quality=75&width=1200&auto=webp
cf-ray
8ac24e61edd72bde-FRA
alt-svc
h3=":443"; ma=86400
103269684-GettyImages-479261374.jpg
image.cnbcfm.com/api/v1/image/
Redirect Chain
  • https://qoorza.work/images/2505-albertsons-held-preliminary-merger-tal-pydmbuj
  • https://image.cnbcfm.com/api/v1/image/103269684-GettyImages-479261374.jpg?v=1532564209&w=1920&h=1080
0
0

81895351-0-image-a-9_1709246420701.jpg
i.dailymail.co.uk/1s/2024/02/29/22/
Redirect Chain
  • https://qoorza.work/images/1630-biden-begins-border-speech-by-c-ulgvcaw
  • https://i.dailymail.co.uk/1s/2024/02/29/22/81895351-0-image-a-9_1709246420701.jpg
50 KB
50 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2024/02/29/22/81895351-0-image-a-9_1709246420701.jpg
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a02:26f0:1700:1a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f84cc4dd7960bcef26da9922871719ef8b8fd7fcc4694bc5db8f322c70634663

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
fJaEGLR56PaBPKzbPQzsTtpwR2QW_ABD
date
Thu, 01 Aug 2024 02:12:57 GMT
x-origin
cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
/1s/2024/02/29/22/81895351-0-image-a-9_1709246420701.jpg
x-amz-replication-status
COMPLETED
content-length
50726
x-mol-img
avif
last-modified
Thu, 29 Feb 2024 22:40:23 GMT
server
AmazonS3
etag
"e7e9a6eb46056f1fe097cf2ccd9d0b53"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oCsFJzBzsuCzM_N-sTyqvMX63IwlvUcZn6cvc05uiAEzmpPJyuuGFQ==
expires
Sat, 31 Aug 2024 02:12:57 GMT

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2PLr77banRsyrgVUnc9O8Y5cMAoKi0jVp3Sk6H3wCGDZP7RzvTYtlYnsTfNdoPrUWyjtDgyqgKEz2qtUJ7wds6H62GDe1gQEcUnE0lSOkir9IncNV4JRII9LZ7UUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://i.dailymail.co.uk/1s/2024/02/29/22/81895351-0-image-a-9_1709246420701.jpg
cf-ray
8ac24e61fdde2bde-FRA
alt-svc
h3=":443"; ma=86400
gettyimages-1043884042.jpg
d.newsweek.com/en/full/1150051/
Redirect Chain
  • https://qoorza.work/images/2974-kanye-west-believes-lebron-need-yhxhpzc
  • https://d.newsweek.com/en/full/1150051/gettyimages-1043884042.jpg
441 KB
442 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1150051/gettyimages-1043884042.jpg
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a02:26f0:3500:3::b818:4d07 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
1d190442ce4349bb8f8029ceaac70e5fc04e357de0080018cf4e212b190c9223
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
date
Thu, 01 Aug 2024 02:12:57 GMT
x-cacheable
YES
server
Apache
last-modified
Thu, 01 Aug 2024 02:12:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25919947

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fy%2FS7eeX6nLcHVR0U7lCrEiJTrdtFvVCy0ETI2f7ZsdhFemPjP0dnmkmZc8lwRktfOMcpXQtYTARrHLBiLnRwqYIJLlsSFILsaQT89Ev1DMb3GQy6%2FSENuefK3gvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://d.newsweek.com/en/full/1150051/gettyimages-1043884042.jpg
cf-ray
8ac24e61fddf2bde-FRA
alt-svc
h3=":443"; ma=86400
newspress-collage-xkmcupf28-1715894877678.jpg
www.thesun.co.uk/wp-content/uploads/2024/05/
Redirect Chain
  • https://qoorza.work/images/4985-primark-makes-major-change-to-its-wwkgjev
  • https://www.thesun.co.uk/wp-content/uploads/2024/05/newspress-collage-xkmcupf28-1715894877678.jpg?1715898491&strip=all&quality=100&w=1920&h=1080&crop=1
0
0

46307383-0-image-a-139_1628137452199.jpg
i.dailymail.co.uk/1s/2021/08/05/05/
Redirect Chain
  • https://qoorza.work/images/430-the-bachelor-sportsbet-predicts-show-acnummi
  • https://i.dailymail.co.uk/1s/2021/08/05/05/46307383-0-image-a-139_1628137452199.jpg
22 KB
23 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2021/08/05/05/46307383-0-image-a-139_1628137452199.jpg
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a02:26f0:1700:1a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dfc287c95dd09369e1337afde5b1bbcafa6b7bbcc741c58bff717d4274b2dbc

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Jm60faEyn5Irj67nEPQWo9cpZO5RCp1J
date
Thu, 01 Aug 2024 02:12:57 GMT
x-origin
cloudfront
x-amz-cf-pop
FRA50-C1
edge-cache-tag
/1s/2021/08/05/05/46307383-0-image-a-139_1628137452199.jpg
x-amz-replication-status
COMPLETED
content-length
22795
x-mol-img
avif
last-modified
Thu, 05 Aug 2021 04:24:14 GMT
server
AmazonS3
etag
"60f8e06ccceadc05c2dc5fb85fe8e1a5"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QhYsfP2utZCPHQxtqmloxJV394yDV7Egcu_nDz5ZpqNoJlijtGHO5Q==
expires
Sat, 31 Aug 2024 02:12:57 GMT

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqyIvljkrzvp6gYLg0F9bdn1IOgwpuwlGCd27b8oGOE0d1j1iXu0acEr7NUwU8sQvAbwgDTzUKM5xG0hXAywSZrIEBbP%2BWGS9QuI25QxSDMAvN03T8FSesNlsfQ7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://i.dailymail.co.uk/1s/2021/08/05/05/46307383-0-image-a-139_1628137452199.jpg
cf-ray
8ac24e61fde22bde-FRA
alt-svc
h3=":443"; ma=86400
NYPICHPDPICT000012704090.jpg
nypost.com/wp-content/uploads/sites/2/2023/06/
Redirect Chain
  • https://qoorza.work/images/3826-matthew-fitzpatrick-gets-big-hole-in-one-to-make-beekj
  • https://nypost.com/wp-content/uploads/sites/2/2023/06/NYPICHPDPICT000012704090.jpg?quality=75&strip=all&w=1024
25 KB
25 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/06/NYPICHPDPICT000012704090.jpg?quality=75&strip=all&w=1024
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7e2e4df043a51002f73a36f6deb5684e1eab784881f12bae71de919061195439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 02:12:58 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 200 443
last-modified
Thu, 01 Aug 2024 02:12:58 GMT
server
nginx
etag
"601b08b0844ed1b2"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
25422

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGQqmU1jSF9Yne102mmI2YdwPYTL36mfjur4zeZncjac9g4TOSHA17A1YALalM8ukFESPInTBghTg4b0AfcVgiGP1X3wVNLgd3ZcQqM7W7tkj7feUu3%2BcQTFiarmYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://nypost.com/wp-content/uploads/sites/2/2023/06/NYPICHPDPICT000012704090.jpg?quality=75&strip=all&w=1024
cf-ray
8ac24e61fde42bde-FRA
alt-svc
h3=":443"; ma=86400
e8425afd-87d5-4405-8106-939f72ddae8a-Copy_of_Holiday_Backgrounds_-_2023-07-10T110317.316.png
www.gannett-cdn.com/presto/2023/07/10/USAT/
Redirect Chain
  • https://qoorza.work/images/2490-best-buy-sale-shop-rival-prime-hsnppr
  • https://www.gannett-cdn.com/presto/2023/07/10/USAT/e8425afd-87d5-4405-8106-939f72ddae8a-Copy_of_Holiday_Backgrounds_-_2023-07-10T110317.316.png?auto=webp&crop=2039,1147,x8,y0&format=pjpg&width=1200
38 KB
39 KB
Image
General
Full URL
https://www.gannett-cdn.com/presto/2023/07/10/USAT/e8425afd-87d5-4405-8106-939f72ddae8a-Copy_of_Holiday_Backgrounds_-_2023-07-10T110317.316.png?auto=webp&crop=2039,1147,x8,y0&format=pjpg&width=1200
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9dfb43e3bc18b0e09eef061c68819c637a41fff2b714b9372e45f95b21f21b0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 02:12:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010250
age
0
x-cache
MISS, MISS, MISS
fastly-stats
io=1
content-length
39342
etag
"KfPnLxQ0EKZqrE+FmnoQiBx1BBhVw0CY3oUjebBH4UY"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0, 0

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnB%2FXv147G2Q2g2cpYAbFdAe63yoPOrZokHVFDi1FZeGuERQ0A5R4emCUPmxUodcJssUYNzqRMhaBI3jt3%2FveZh74w4xdPG6cjk7xDJjninyRFPXK5LEkBMlT2uzSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.gannett-cdn.com/presto/2023/07/10/USAT/e8425afd-87d5-4405-8106-939f72ddae8a-Copy_of_Holiday_Backgrounds_-_2023-07-10T110317.316.png?auto=webp&crop=2039,1147,x8,y0&format=pjpg&width=1200
cf-ray
8ac24e61fde62bde-FRA
alt-svc
h3=":443"; ma=86400
FBImage6-1_5de4bed7b7f74.jpg
im.indiatimes.in/content/2019/Dec/
Redirect Chain
  • https://qoorza.work/images/4800-vikramaditya-motwane-sona-mohapatra-slam-kabir-ueohr
  • https://im.indiatimes.in/content/2019/Dec/FBImage6-1_5de4bed7b7f74.jpg
82 KB
81 KB
Image
General
Full URL
https://im.indiatimes.in/content/2019/Dec/FBImage6-1_5de4bed7b7f74.jpg
Requested by
Host: qoorza.work
URL: https://qoorza.work/
Protocol
H2
Server
2a02:26f0:1700:791::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
df15e0c6757b615422dbb30e5194abc3926df54412260b42d602f08304c8eca9
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

Referer
https://qoorza.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
date
Thu, 01 Aug 2024 02:12:57 GMT
last-modified
Mon, 02 Dec 2019 07:35:51 GMT
server
Bhoot
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31535956
expires
Fri, 01 Aug 2025 02:12:13 GMT

Redirect headers

date
Thu, 01 Aug 2024 02:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MG6ORbSzFWLtLtGWTjkbBnZug8d%2B8gr02Dd8XpE684jTWK4UtwUPblqieA1RmDqm1J5vJsOSZQ763ofipuNfCEsFzY%2FQ2hIGeikiU1aCTFxPy9qXi%2FNpwhpG3G%2FVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://im.indiatimes.in/content/2019/Dec/FBImage6-1_5de4bed7b7f74.jpg
cf-ray
8ac24e61fde72bde-FRA
alt-svc
h3=":443"; ma=86400
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qoorza.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:43:54 GMT
x-content-type-options
nosniff
age
116943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 17:43:54 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qoorza.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:04:16 GMT
x-content-type-options
nosniff
age
601721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 03:04:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image.cnbcfm.com
URL
https://image.cnbcfm.com/api/v1/image/103269684-GettyImages-479261374.jpg?v=1532564209&w=1920&h=1080
Domain
www.thesun.co.uk
URL
https://www.thesun.co.uk/wp-content/uploads/2024/05/newspress-collage-xkmcupf28-1715894877678.jpg?1715898491&strip=all&quality=100&w=1920&h=1080&crop=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
qoorza.work/ Name: 3b799c3a108da0bb9680c6602c01bd08
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://qoorza.work/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.newsweek.com
fonts.googleapis.com
fonts.gstatic.com
i.dailymail.co.uk
im.indiatimes.in
image.cnbcfm.com
nypost.com
qoorza.work
static.independent.co.uk
www.gannett-cdn.com
www.thesun.co.uk
image.cnbcfm.com
www.thesun.co.uk
104.21.50.135
151.101.66.62
192.0.66.32
2a00:1450:4001:808::2003
2a00:1450:4001:830::200a
2a02:26f0:1700:1a6::16c2
2a02:26f0:1700:791::3857
2a02:26f0:3500:3::b818:4d07
2a04:4e42:400::347
1026fd014637a075bf6ec1037cc139e7572d677c7845a01ae749a84c70eaa790
1d190442ce4349bb8f8029ceaac70e5fc04e357de0080018cf4e212b190c9223
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
4dfc287c95dd09369e1337afde5b1bbcafa6b7bbcc741c58bff717d4274b2dbc
5d76c1d5ec3688d2ada87b8a9e9260ae66f003924f57bdef399d3afedc24c8c3
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e2e4df043a51002f73a36f6deb5684e1eab784881f12bae71de919061195439
82a1cd892856d5bb628db7c6e7d2b4d4122a0a2f6095b69cd164e8dccf62e451
917b55ddce4cad06b78e1d1db989ea38abb299a1df0fdf9f386937ff6e24b28d
9dfb43e3bc18b0e09eef061c68819c637a41fff2b714b9372e45f95b21f21b0b
9fd0421dec177d499fdb5c8cb28b642661be70dec3a14bf52a2205b43923f5c7
df15e0c6757b615422dbb30e5194abc3926df54412260b42d602f08304c8eca9
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f84cc4dd7960bcef26da9922871719ef8b8fd7fcc4694bc5db8f322c70634663