qltuh.abyssalforge.top Open in urlscan Pro
104.21.59.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Effective URL:
https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iau...
Submission: On November 18 via manual (November 18th 2023, 5:13:38 pm UTC) from US — Scanned from FR

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 104.21.59.147, located in and belongs to CLOUDFLARENET, US. The main domain is qltuh.abyssalforge.top.
TLS certificate: Issued by E1 on October 11th 2023. Valid for: 3 months.

This is the only time qltuh.abyssalforge.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	141.94.245.65 141.94.245.65	16276 (OVH) (OVH)
1	2607:f2d8:201... 2607:f2d8:2010:2::2	18450 (WEBNX) (WEBNX)
1	34.230.102.214 34.230.102.214	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:486... 2001:4860:4860::8888	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:310... 2606:4700:3108::ac42:2b29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.30.54 104.21.30.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.21.59.147 104.21.59.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.90.27.45 157.90.27.45	24940 (HETZNER-AS) (HETZNER-AS)
23	7

8 141.94.245.65 (France)

ASN16276 (OVH, FR)
PTR: vps-4f3d656a.vps.ovh.net

dev.sorga.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f2d8:2010:2::2 (United States)

ASN18450 (WEBNX, US)

api64.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.102.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-102-214.compute-1.amazonaws.com

respected-useful-cereal.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4860::8888 (United States)

ASN15169 (GOOGLE, US)

dns.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

webdatatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.30.54 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qltuh.canopusacrux.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.59.147 (None, )

ASN13335 (CLOUDFLARENET, US)

qltuh.abyssalforge.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.abyssalforge.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.27.45 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.27.90.157.clients.your-server.de

js2json.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	abyssalforge.top qltuh.abyssalforge.top cdnstatic.abyssalforge.top	29 KB
8	sorga.org dev.sorga.org	302 KB
2	checkaf.com checkaf.com — Cisco Umbrella Rank: 265980
1	js2json.com js2json.com — Cisco Umbrella Rank: 246684	18 KB
1	canopusacrux.top 1 redirects qltuh.canopusacrux.top — Cisco Umbrella Rank: 464614	711 B
1	webdatatrace.com 1 redirects webdatatrace.com — Cisco Umbrella Rank: 379575	480 B
1	dns.google dns.google — Cisco Umbrella Rank: 1140	556 B
1	glitch.me respected-useful-cereal.glitch.me
1	ipify.org api64.ipify.org — Cisco Umbrella Rank: 8922	228 B
23	9

	Domain	Requested by
8	dev.sorga.org	dev.sorga.org
7	qltuh.abyssalforge.top	dev.sorga.org qltuh.abyssalforge.top
2	checkaf.com	js2json.com
1	cdnstatic.abyssalforge.top	qltuh.abyssalforge.top
1	js2json.com	qltuh.abyssalforge.top
1	qltuh.canopusacrux.top	1 redirects
1	webdatatrace.com	1 redirects
1	dns.google	dev.sorga.org
1	respected-useful-cereal.glitch.me
1	api64.ipify.org	dev.sorga.org
23	10

This site contains no links.

Subject Issuer	Validity	Valid
dev.sorga.org R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
glitch.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-01`	a year	crt.sh
dns.google GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
abyssalforge.top E1	`2023-10-11` - `2024-01-09`	3 months	crt.sh
js2json.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
checkaf.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Frame ID: A56172845652C52A0A4EF5E3150FC091
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Press “Allow” to verify, that you are not a robot

Page URL History Show full URLs

https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ Page URL
https://webdatatrace.com/?clcf1fijvq3bs5jg9kmg HTTP 302
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=clcf1fijvq3bs5jg9kmg HTTP 302
https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5j... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"

Page Statistics

23
Requests

96 %
HTTPS

38 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

350 kB
Transfer

415 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ Page URL
https://webdatatrace.com/?clcf1fijvq3bs5jg9kmg HTTP 302
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=clcf1fijvq3bs5jg9kmg HTTP 302
https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dev.sorga.org/ 33 KB
9 KB 437ms
347ms Document
text/html 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

b4a2398cad01bd9e8ee6e0903057e5ce3819806153469fcda462ac26b12b1df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 17:13:34 GMT
link: <https://dev.sorga.org/index.php?rest_route=/>; rel="https://api.w.org/" <https://dev.sorga.org/index.php?rest_route=/wp/v2/pages/564>; rel="alternate"; type="application/json" <https://dev.sorga.org/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
x-powered-by: TinyCP
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
dev.sorga.org/wp-includes/css/dist/block-library/ 107 KB
108 KB 16ms
15ms Stylesheet
text/css 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 21:48:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "654ab09c-1add3"
x-powered-by: TinyCP
content-type: text/css
accept-ranges: bytes
content-length: 110035
x-xss-protection: 1; mode=block

GET
H2 200 style.css
dev.sorga.org/wp-content/themes/twentytwentyone/ 152 KB
152 KB 44ms
44ms Stylesheet
text/css 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-content/themes/twentytwentyone/style.css?ver=1.8

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

7da3693e807bd78b0b9ca423e3e27f3f3f0232996ceff9c9ab9b0f55e2221e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Mar 2023 16:27:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "640765e6-25f45"
x-powered-by: TinyCP
content-type: text/css
accept-ranges: bytes
content-length: 155461
x-xss-protection: 1; mode=block

GET
H2 200 web-agency-logo-3.png
dev.sorga.org/wp-content/uploads/2020/12/ 4 KB
4 KB 45ms
44ms Image
image/png 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.sorga.org/wp-content/uploads/2020/12/web-agency-logo-3.png

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

e80ee7df60b18c2a528d38109214f9b52a461af225011846f6a82a95291da15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 14:50:53 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64c91bcd-eac"
x-powered-by: TinyCP
content-type: image/png
accept-ranges: bytes
content-length: 3756
x-xss-protection: 1; mode=block

GET
H2 200 primary-navigation.js Show response
dev.sorga.org/wp-content/themes/twentytwentyone/assets/js/ 6 KB
6 KB 45ms
44ms Script
application/javascript 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.8

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Jan 2023 12:59:10 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63cfd61e-179e"
x-powered-by: TinyCP
content-type: application/javascript
accept-ranges: bytes
content-length: 6046
x-xss-protection: 1; mode=block

GET
H2 200 responsive-embeds.js Show response
dev.sorga.org/wp-content/themes/twentytwentyone/assets/js/ 1 KB
1 KB 35ms
35ms Script
application/javascript 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.8

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Dec 2020 14:57:07 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5fdb71c3-467"
x-powered-by: TinyCP
content-type: application/javascript
accept-ranges: bytes
content-length: 1127
x-xss-protection: 1; mode=block

GET
H2 200 print.css
dev.sorga.org/wp-content/themes/twentytwentyone/assets/css/ 3 KB
3 KB 36ms
35ms Stylesheet
text/css 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.8

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 14:52:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63c807a2-b51"
x-powered-by: TinyCP
content-type: text/css
accept-ranges: bytes
content-length: 2897
x-xss-protection: 1; mode=block

GET
BLOB 200
OK a7684253-425e-4735-a5d3-d3afc3bc5b9b
https://dev.sorga.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dev.sorga.org/a7684253-425e-4735-a5d3-d3afc3bc5b9b
Requested by: Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK / Show response
api64.ipify.org/ 28 B
228 B 281ms
90ms Fetch
application/json 2607:f2d8:2010:2::2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api64.ipify.org/?format=json
Requested by: Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f2d8:2010:2::2 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software: nginx/1.25.1 /
Resource Hash: 83472a31e86f20f354a3c4dcb0a89a6f68574d414c164c39adbb264c48e2d2a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 18 Nov 2023 17:13:34 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 28
Vary: Origin
Content-Type: application/json

GET
H2 200 wp-emoji-release.min.js Show response
dev.sorga.org/wp-includes/js/ 18 KB
19 KB 16ms
15ms Script
application/javascript 141.94.245.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.sorga.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.94.245.65 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-4f3d656a.vps.ovh.net

Software

nginx/1.18.0 (Ubuntu) / TinyCP

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:34 GMT
strict-transport-security: max-age=600; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63db0985-4904"
x-powered-by: TinyCP
content-type: application/javascript
accept-ranges: bytes
content-length: 18692
x-xss-protection: 1; mode=block

GET
H2 200 /
respected-useful-cereal.glitch.me/ 0
0 400ms
199ms Document
text/html 34.230.102.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://respected-useful-cereal.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.102.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-102-214.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 3086
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 17:13:34 GMT
etag: "d719b26856b134ec5f305110e57270d9"
last-modified: Wed, 15 Nov 2023 22:54:59 GMT
server: AmazonS3
x-amz-id-2: EGcg5XUW6x5HoeRYTRDoqs8eg8EAwnsHGzRh5jASfVArNChdBX8Xp2rQWcakWsYwfUYvxN3aWH0=
x-amz-request-id: 7JGVE6GV37P3KYFP
x-amz-server-side-encryption: AES256
x-amz-version-id: OAvEyODazQ.pqZSC3fceWsBeZKsX_4yt

GET
H2 200 resolve
dns.google/ 371 B
556 B 142ms
85ms Fetch
application/json 2001:4860:4860::8888
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dns.google/resolve?name=dev.sorga.org.2001-41d0-d-364d--6.2870390.ads-promo.com&type=txt

Requested by

Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4860::8888 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 17:13:34 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261
x-xss-protection: 0
expires: Sat, 18 Nov 2023 17:13:34 GMT

GET
H2

200

Primary Request / Show response
qltuh.abyssalforge.top/eyes-robot/
Redirect Chain

https://webdatatrace.com/?clcf1fijvq3bs5jg9kmg
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=clcf1fijvq3bs5jg9kmg
https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915

1 KB
918 B

119ms
63ms

Document
text/html

104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Requested by: Host: dev.sorga.org
URL: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec

Request headers

Referer: https://dev.sorga.org/?o=boeing-757-200-752-united-airlines-ff-mgdz9pCZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8281d84bfe48d40c-CDG
content-encoding: br
content-type: text/html
date: Sat, 18 Nov 2023 17:13:35 GMT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiW6Dda9njDMnqLsy%2BXkPg8Myx32omhCusziIJ13cSqkTGNEtC6c2wPVwEFhcehbmrmdxMy4CtWNvp%2F7oDXVkP%2FRpVFg%2BipDEtOqoydZ0MtERIIkLp6lLgcP6TzxtDRxuxOUQuCCqf88"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8281d84b28bc6f6a-CDG
content-length: 0
date: Sat, 18 Nov 2023 17:13:35 GMT
location: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqmNXRhgxropMWjx8%2Bv8QI0NR68Xws2XBTdbGMNGvQ2Z9ubtLzZRjsQoj2Ib%2FpLmJ77iY83iWQdKgdmwXgTzrcN6ab2n%2FHQAyseU2oDAJAtVS37Qqd%2FhkKxSAccTlKFFfHmv6eDtTZNe"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 trls.js Show response
qltuh.abyssalforge.top/eyes-robot/assets/ 11 KB
2 KB 30ms
29ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.abyssalforge.top/eyes-robot/assets/trls.js
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1988
etag: W/"654ca8f2-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thSAp7KGQfw%2B1g%2F5rnVaxUs5dUsDfvhA4%2FsV7QaG4Eg8OXwfr8SG8cNlpcMjJ6h0QlyocmToQ5X9wworEg0fz4KRuHoA32ZZ7Wn3MC4YxJtvVCRvHD2V42g2CG3R9cL1aYCjxAmeAAoQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8281d84c5e9fd40c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
qltuh.abyssalforge.top/eyes-robot/assets/ 3 KB
1 KB 28ms
27ms Stylesheet
text/css 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.abyssalforge.top/eyes-robot/assets/style.css
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1988
etag: W/"654ca8f2-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JREZwITqgOJ2Du9R%2F%2BRCpIGBVY0BGWUn56RHS0Q3GRm3s9UNjnFSRRNmWdJ6DbVyR6tAd4Q2MLiQvG%2BbaT6W2gW9SvVBgCOyta%2F6ortoDjR%2BHDnQKJOqSrk7%2BT89AjStGnIVC%2B%2B%2BoBzl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8281d84c5e9dd40c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 1.png
qltuh.abyssalforge.top/eyes-robot/assets/ 10 KB
11 KB 28ms
28ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.abyssalforge.top/eyes-robot/assets/1.png
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5887
etag: "654ca8f2-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MupMa4MjvY7YNXh5QrxbQ%2B2gqH8ZDVAdFZs5qxT6O7EkyPWfuRmHBuc2OnUfmBvCaCqv1rVkvR4M7l%2FEEJMHlbNejlax7w5Tmtw6NFymOaAf2cLIbxV3YHtbhoJorGwF0eqKQo0IQAP1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8281d84c5ea0d40c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H2 200 2.png
qltuh.abyssalforge.top/eyes-robot/assets/ 1 KB
1 KB 29ms
28ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.abyssalforge.top/eyes-robot/assets/2.png
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5887
etag: "654ca8f2-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwUiC8nyWNiT2%2Booj2%2BWb3uDhcwR79sYxVsh5%2BLzZIuny4i%2F5h3RCJbDO0htOTD3DvpG%2BJR4CfxoeV%2BFHhMR48Z3tBaWoIhqN9IXFmyHH%2FbzrehyVIPIAKGBGo2Lcgsg3A%2BrzHW3zh5t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8281d84c5ea1d40c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H2 200 static-pl.js Show response
qltuh.abyssalforge.top/shared-js/assets/ 3 KB
1 KB 30ms
30ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.abyssalforge.top/shared-js/assets/static-pl.js
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5821
etag: W/"654ca8f2-bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yblwuwpqqgC6m%2F73pIr9K5pHXiRti5r5prTXVNX%2B8CPlgflRLARp3CBApIKqqmx6qX1PvKv%2FdqXfak2AaWbyOqK4s2hpTqMssSXvFgXycmEYpPEz727%2BBSnCE%2BA9XmCECBkVtvdaOFLf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8281d84c8ec5d40c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
js2json.com/ 48 KB
18 KB 144ms
52ms Script
application/javascript 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/script.js
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&hash=vODt4_iauK5PFVHdltiigg&exp=1700327915
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash: b959b437fda46525d706e56bce45eb610d27a5fffe82dde0e1bef399c437631a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 image.png
qltuh.abyssalforge.top/eyes-robot/assets/ 11 KB
11 KB 26ms
26ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.abyssalforge.top/eyes-robot/assets/image.png
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/eyes-robot/assets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5821
etag: "654ca8f2-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9j5A3Fs9PhNsB3I1ToJuNPhTE1GFXwqK8xTMkKHTug1d4ar39B%2FogHUtcCROlSs3fPGKMVz%2FU64YJULOD64W047rWyFx%2FNhCvMaXjDcOhjJMyD8ilnezLcTtNgQwJG0%2FAlWBko5P32d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8281d84c9ec9d40c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H2 204 ps.js Show response
cdnstatic.abyssalforge.top/ps/ 0
390 B 73ms
64ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=clcf1fijvq3bs5jg9kmg&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Requested by: Host: qltuh.abyssalforge.top
URL: https://qltuh.abyssalforge.top/shared-js/assets/static-pl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qltuh.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:13:35 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1VGBSPpzJDB6CvZescj6ewC7kQl6OggKDzEZG%2BaGokJ9%2Bqrw05gnv3Jkiym4QkVct2yqlN7KGtMbKbPGigi9XBnOav8nkoGiwuiI%2FWserXtNIU7x%2FJF91pakuBCAQhTuD4z%2BxQ9rBl4pm1pRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8281d84cdef3d40c-CDG
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 data
checkaf.com/ 0
0 123ms
29ms Preflight 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://checkaf.com/data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qltuh.abyssalforge.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://qltuh.abyssalforge.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 18 Nov 2023 17:13:35 GMT
server: openresty
vary: Origin

POST
H2 200 data
checkaf.com/ 0
0 34ms
33ms Fetch 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://checkaf.com/data
Requested by: Host: js2json.com
URL: https://js2json.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://qltuh.abyssalforge.top/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://qltuh.abyssalforge.top
date: Sat, 18 Nov 2023 17:13:35 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: openresty
content-length: 0
vary: Origin

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qltuh.canopusacrux.top/	1970-01-20 16:24:33	Name: CHiI7Gh3GUyTa8XGgNqDyQ Value: 5
qltuh.canopusacrux.top/	1970-01-21 01:54:47	Name: __pl Value: 03bd3c57-3262-4040-8802-53cadf6c45c5
qltuh.canopusacrux.top/	1970-01-20 16:18:51	Name: __cap Value: 1
cdnstatic.abyssalforge.top/	1970-01-21 01:54:47	Name: __psu Value: 2ed26c4d-4dd3-4376-b215-fea6247e5fd9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=600; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api64.ipify.org
cdnstatic.abyssalforge.top
checkaf.com
dev.sorga.org
dns.google
js2json.com
qltuh.abyssalforge.top
qltuh.canopusacrux.top
respected-useful-cereal.glitch.me
webdatatrace.com
104.21.30.54
104.21.59.147
141.94.245.65
157.90.27.45
2001:4860:4860::8888
2606:4700:3108::ac42:2b29
2607:f2d8:2010:2::2
34.230.102.214
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7da3693e807bd78b0b9ca423e3e27f3f3f0232996ceff9c9ab9b0f55e2221e46
83472a31e86f20f354a3c4dcb0a89a6f68574d414c164c39adbb264c48e2d2a5
8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
b4a2398cad01bd9e8ee6e0903057e5ce3819806153469fcda462ac26b12b1df6
b959b437fda46525d706e56bce45eb610d27a5fffe82dde0e1bef399c437631a
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80ee7df60b18c2a528d38109214f9b52a461af225011846f6a82a95291da15e
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

qltuh.abyssalforge.top Open in urlscan Pro 104.21.59.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

38 %IPv6

9 Domains

10 Subdomains

7 IPs

4 Countries

350 kBTransfer

415 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

qltuh.abyssalforge.top Open in urlscan Pro
104.21.59.147 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

38 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

350 kB
Transfer

415 kB
Size

4
Cookies

23 HTTP transactions
0 data transactions