urlscan.io logo urlscan.io
SecurityTrails logo

beingtek.com Open in urlscan Pro
89.117.157.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://beingtek.com/FMzbXbh
Effective URL: https://beingtek.com/FMzbXbh
Submission: On December 04 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 22 HTTP transactions. The main IP is 89.117.157.47, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is beingtek.com.
TLS certificate: Issued by R3 on October 15th 2023. Valid for: 3 months.
This is the only time beingtek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 89.117.157.47 47583 (AS-HOSTINGER)
1 142.250.76.106 15169 (GOOGLE)
1 142.250.67.8 15169 (GOOGLE)
1 172.217.24.33 15169 (GOOGLE)
1 139.45.197.245 9002 (RETN-AS)
3 213.183.48.30 56630 (MELBICOM-...)
1 173.233.139.164 7979 (SERVERS-COM)
2 142.250.204.3 15169 (GOOGLE)
1 142.250.66.238 15169 (GOOGLE)
1 104.21.11.245 13335 (CLOUDFLAR...)
22 11
6    89.117.157.47 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)
beingtek.com
1    142.250.76.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f10.1e100.net
fonts.googleapis.com
1    142.250.67.8 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f8.1e100.net
www.googletagmanager.com
1    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f33.1e100.net
blogger.googleusercontent.com
1    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
ossmightyenar.net
3    213.183.48.30 (Moscow, Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: vm612898.melbi.space
neon.today
1    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
www.toprevenuegate.com
2    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
fonts.gstatic.com
1    142.250.66.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net
www.google-analytics.com
1    104.21.11.245 (None, )

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
Apex Domain
Subdomains		 Transfer
6 beingtek.com
beingtek.com
206 KB
3 neon.today
neon.today
1 MB
2 gstatic.com
fonts.gstatic.com
46 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 24468
8 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
252 B
1 toprevenuegate.com
www.toprevenuegate.com — Cisco Umbrella Rank: 161927
817 B
1 ossmightyenar.net
ossmightyenar.net — Cisco Umbrella Rank: 394860
34 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12342
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
852 B
0 fleraprt.com Failed
fleraprt.com Failed
0 rtmark.net Failed
my.rtmark.net Failed
22 12
Domain Requested by
6 beingtek.com 1 redirects beingtek.com
3 neon.today beingtek.com
neon.today
2 fonts.gstatic.com fonts.googleapis.com
1 tzegilo.com ossmightyenar.net
1 www.google-analytics.com www.googletagmanager.com
1 www.toprevenuegate.com beingtek.com
1 ossmightyenar.net beingtek.com
ossmightyenar.net
1 blogger.googleusercontent.com beingtek.com
1 www.googletagmanager.com beingtek.com
1 fonts.googleapis.com beingtek.com
0 fleraprt.com Failed tzegilo.com
0 my.rtmark.net Failed ossmightyenar.net
22 12

This site contains no links.

Subject Issuer Validity Valid
beingtek.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ossmightyenar.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
neon.today
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh
toprevenuegate.com
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://beingtek.com/FMzbXbh
Frame ID: B653AC093C899FC8817CEAAE72816161
Requests: 17 HTTP requests in this frame

Frame: https://neon.today/context/get/47752/29657/0/468/60
Frame ID: CA0F8D464F20D5C9AD7F1AE8354C9E32
Requests: 3 HTTP requests in this frame

Frame: https://www.toprevenuegate.com/j1qj9vf1?key=5f334fe3ab1c404813386ac8b9b2550b
Frame ID: 8033AB52AA154DFAA37126BBDB72F821
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Being Tek

Page URL History Show full URLs

  1. http://beingtek.com/FMzbXbh HTTP 301
    https://beingtek.com/FMzbXbh Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

77 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

11
IPs

5
Countries

1514 kB
Transfer

2043 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beingtek.com/FMzbXbh HTTP 301
    https://beingtek.com/FMzbXbh Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request FMzbXbh
beingtek.com/
Redirect Chain
  • http://beingtek.com/FMzbXbh
  • https://beingtek.com/FMzbXbh
10 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.117.157.47 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
eca689946180e3cbd89fb53543d93fce5b36218f0eedd79c46750d1b88a37d2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 04 Dec 2023 22:43:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-powered-by
PHP/7.4.33
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Mon, 04 Dec 2023 22:43:32 GMT
location
https://beingtek.com/FMzbXbh
platform
hostinger
server
LiteSpeed
css
fonts.googleapis.com/ 		3 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f10.1e100.net
Software
ESF /
Resource Hash
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 22:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 21:55:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 22:43:33 GMT
styles.min.css
beingtek.com/cloud_theme/build/css/ 		189 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beingtek.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.117.157.47 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/FMzbXbh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-length
31461
x-xss-protection
1; mode=block
last-modified
Tue, 04 May 2021 13:54:27 GMT
server
LiteSpeed
etag
"2f202-60915213-65974eca02308841;br"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
platform
hostinger
expires
Wed, 03 Jan 2024 22:43:33 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R2M9TD7R99
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8fd1caba112b4e7735af63875ac5fb87dfecc22a9e9c8501b7a32c3827dc4925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 22:43:34 GMT
AVvXsEhl8kAw_ZVDD62ODWt8NrLNXvCzx08ci3rKUSKIOTL-DMhAYSHSyd6G5NV1lwFTdKgwkPsLRumM7JRWNkw8xNMibKBa8lzCQ4Sfn5TtAOBW58vSC9X4W07R6shbfon86rCOadHYoXVijQvNMkS0-RqEgvpEA4TJMeQHAxclPBk7m3m6rl7cdHVD4Zs9
blogger.googleusercontent.com/img/a/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhl8kAw_ZVDD62ODWt8NrLNXvCzx08ci3rKUSKIOTL-DMhAYSHSyd6G5NV1lwFTdKgwkPsLRumM7JRWNkw8xNMibKBa8lzCQ4Sfn5TtAOBW58vSC9X4W07R6shbfon86rCOadHYoXVijQvNMkS0-RqEgvpEA4TJMeQHAxclPBk7m3m6rl7cdHVD4Zs9
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
fife /
Resource Hash
0cd612279a40b39ada8efdd118a701119511a933797a46bcfa016ceb5f50ff9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v64b"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="c6845baa-87ac-4978-8f7a-1ee86062d972.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6039
x-xss-protection
0
expires
Tue, 05 Dec 2023 22:43:34 GMT
ads.js
beingtek.com/js/ 		191 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beingtek.com/js/ads.js
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.117.157.47 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/FMzbXbh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:33 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 13:54:27 GMT
server
LiteSpeed
etag
"bf-60915213-cf74c8296b0b0a3c;;;"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
191
x-xss-protection
1; mode=block
expires
Mon, 11 Dec 2023 22:43:33 GMT
script.min.js
beingtek.com/cloud_theme/build/js/ 		202 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beingtek.com/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.117.157.47 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/FMzbXbh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-length
58205
x-xss-protection
1; mode=block
last-modified
Tue, 04 May 2021 13:54:27 GMT
server
LiteSpeed
etag
"32956-60915213-15ea723e616fcd44;br"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
expires
Mon, 11 Dec 2023 22:43:33 GMT
4942880
ossmightyenar.net/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ossmightyenar.net/401/4942880
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b2647c234856c4ec3dfa191033c9992e97d5d211f91c3fec34e969029eccac0d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:34 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
af72c565b51c7e7e8704ebbdb6c4b7fd
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
60
neon.today/context/get/47752/29657/0/468/ Frame CA0F 		727 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://neon.today/context/get/47752/29657/0/468/60
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.183.48.30 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
vm612898.melbi.space
Software
nginx /
Resource Hash
11787e907a9ef0779915f744501e1d0559252972e02600f79f4b98dc846f3c13

Request headers

Referer
https://beingtek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
468
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Dec 2023 22:43:36 GMT
Server
nginx
Vary
Accept-Encoding
j1qj9vf1
www.toprevenuegate.com/ Frame 8033 		115 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.toprevenuegate.com/j1qj9vf1?key=5f334fe3ab1c404813386ac8b9b2550b
Requested by
Host: beingtek.com
URL: https://beingtek.com/FMzbXbh
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://beingtek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Mon, 04 Dec 2023 22:43:35 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.21.6
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
edc5f9032868a0c617d4c45e89e3570a
header.jpg
beingtek.com/cloud_theme/build/img/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beingtek.com/cloud_theme/build/img/header.jpg
Requested by
Host: beingtek.com
URL: https://beingtek.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.117.157.47 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:34 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 13:54:27 GMT
server
LiteSpeed
etag
"1b96a-60915213-a6e856ca8bc05ab6;;;"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
platform
hostinger
content-length
113002
x-xss-protection
1; mode=block
expires
Tue, 03 Dec 2024 22:43:34 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beingtek.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:21:38 GMT
x-content-type-options
nosniff
age
451316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:21:38 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beingtek.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:21:38 GMT
x-content-type-options
nosniff
age
451316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:21:38 GMT
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R2M9TD7R99&gtm=45je3bt0v883833019&_p=1701729813921&gcd=11l1l1l1l1&dma=0&cid=934187183.1701729815&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701729814&sct=1&seg=0&dl=https%3A%2F%2Fbeingtek.com%2FFMzbXbh&dt=Being%20Tek&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3576
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2M9TD7R99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 22:43:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beingtek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6517e66bff09f1723606e1d71ed31900.gif
neon.today/banners/74405/ Frame CA0F 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neon.today/banners/74405/6517e66bff09f1723606e1d71ed31900.gif
Requested by
Host: neon.today
URL: https://neon.today/context/get/47752/29657/0/468/60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.183.48.30 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
vm612898.melbi.space
Software
nginx /
Resource Hash
9103beb6c0f27fb6cd75a4cd5ebb83cfdfd4c90602baaae19a1f0b794f54196a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://neon.today/context/get/47752/29657/0/468/60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 22:43:36 GMT
Last-Modified
Wed, 08 Nov 2023 18:54:22 GMT
Server
nginx
ETag
"654bd95e-115082"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1134722
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_white_small.png
neon.today/ Frame CA0F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neon.today/logo_white_small.png
Requested by
Host: neon.today
URL: https://neon.today/context/get/47752/29657/0/468/60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.183.48.30 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
vm612898.melbi.space
Software
nginx /
Resource Hash
595fd725bb9002daf682dfc659e12d7373afbc13bd760f9a7d3f58c5537e2e07

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://neon.today/context/get/47752/29657/0/468/60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 22:43:36 GMT
Last-Modified
Sat, 20 Aug 2022 08:28:35 GMT
Server
nginx
ETag
"63009b33-4a09"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18953
Expires
Thu, 31 Dec 2037 23:55:55 GMT
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: ossmightyenar.net
URL: https://ossmightyenar.net/401/4942880
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.11.245 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://beingtek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6998
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44Y%2B4eq%2F0b9aD5cecSlshTNyaa9YR2Olq2SXkdtWol04fnfKsuzLcG2dD6DpMQtwOVPaWvw2WM2mvGhHhIF7ubEI0BFxKm9H3CCeQvegvfNrvlS2%2Fd5cJlwNf0C83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
830791c28ccda93d-SYD
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		0
0
add
fleraprt.com/log/ 		0
0
4942880
ossmightyenar.net/500/ Frame 		0
0
4942880
ossmightyenar.net/500/ 		0
0
gid.js
my.rtmark.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js
Domain
fleraprt.com
URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Domain
ossmightyenar.net
URL
https://ossmightyenar.net/500/4942880?excludes=&oaid=k0fb688346tb371103322v1g6oold717&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fbeingtek.com%2FFMzbXbh&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&js_build=8&sw_version=v1.312.0
Domain
ossmightyenar.net
URL
https://ossmightyenar.net/500/4942880?excludes=&oaid=k0fb688346tb371103322v1g6oold717&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fbeingtek.com%2FFMzbXbh&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&js_build=8&sw_version=v1.312.0
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?userId=k0fb688346tb371103322v1g6oold717

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| gtag object| dataLayer object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| zfgstorage object| n9zvxghiusj object| zfgformats object| __ds3dcv__ boolean| __lwkemfd9q__ object| webpushlogs object| syncCallbacks string| isSyncing object| __ds3dcV__

7 Cookies

Domain/Path Name / Value
beingtek.com/ Name: AppSession
Value: d761fc8f6a7f6518148a099027578d92
beingtek.com/ Name: csrfToken
Value: 47a12d4725b28ce4be8c29310769c61acec94be9abda782c05fe2b153ce5dead9686cb1fdaa288005dfa734a34d8ec48eac765ba38805402255b6e603e64f50b
beingtek.com/ Name: app_visitor
Value: Q2FrZQ%3D%3D.ZTE3Y2NlMjA5OTllNTVjOTA5MWJhNjZmMDQ4ZDFjMWIyMWNhMjliY2M3YzQ1ZGY5MDU5ZWNjZWFhYmYwZjhjMJACzD2u%2BkXI97%2B9sM%2B5FtUlUy1cntVXDaT1g%2FQoQjpvm6OiwBKC8EWc7p%2BhNUMcls9R8Zn3a6Z3NKByOgwJ%2FyEmpr3SU%2FxCNLAjY705PwH7
beingtek.com/ Name: ab
Value: 2
.beingtek.com/ Name: _ga_R2M9TD7R99
Value: GS1.1.1701729814.1.0.1701729814.0.0.0
.beingtek.com/ Name: _ga
Value: GA1.1.934187183.1701729815
ossmightyenar.net/ Name: OAID
Value: 6f4efc80524544c6b363b1e4fd9c189f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beingtek.com
blogger.googleusercontent.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
neon.today
ossmightyenar.net
tzegilo.com
www.google-analytics.com
www.googletagmanager.com
www.toprevenuegate.com
fleraprt.com
my.rtmark.net
ossmightyenar.net
104.21.11.245
139.45.197.245
142.250.204.3
142.250.66.238
142.250.67.8
142.250.76.106
172.217.24.33
173.233.139.164
213.183.48.30
89.117.157.47
0cd612279a40b39ada8efdd118a701119511a933797a46bcfa016ceb5f50ff9f
11787e907a9ef0779915f744501e1d0559252972e02600f79f4b98dc846f3c13
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
595fd725bb9002daf682dfc659e12d7373afbc13bd760f9a7d3f58c5537e2e07
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
8fd1caba112b4e7735af63875ac5fb87dfecc22a9e9c8501b7a32c3827dc4925
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
9103beb6c0f27fb6cd75a4cd5ebb83cfdfd4c90602baaae19a1f0b794f54196a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b2647c234856c4ec3dfa191033c9992e97d5d211f91c3fec34e969029eccac0d
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca689946180e3cbd89fb53543d93fce5b36218f0eedd79c46750d1b88a37d2b
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590