urlscan.io logo urlscan.io
SecurityTrails logo

d.lewwed.space Open in urlscan Pro
2606:4700:3036::6815:2ac2  Public Scan

Go To Rescan Add Verdict Report
URL: https://d.lewwed.space/
Submission: On July 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3036::6815:2ac2, located in United States and belongs to CLOUDFLARENET, US. The main domain is d.lewwed.space.
TLS certificate: Issued by WE1 on July 10th 2024. Valid for: 3 months.
This is the only time d.lewwed.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 172.217.16.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 172.67.165.140 13335 (CLOUDFLAR...)
1 216.58.206.78 15169 (GOOGLE)
18 6
7    2606:4700:3036::6815:2ac2 (United States)

ASN13335 (CLOUDFLARENET, US)
d.lewwed.space
3    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
5    172.67.165.140 (United States)

ASN13335 (CLOUDFLARENET, US)
d.lewwed.space
1    216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
12 lewwed.space
d.lewwed.space
327 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
15 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
177 KB
18 3
Domain Requested by
12 d.lewwed.space d.lewwed.space
3 fundingchoicesmessages.google.com d.lewwed.space
3 securepubads.g.doubleclick.net d.lewwed.space
securepubads.g.doubleclick.net
18 3

This site contains no links.

Subject Issuer Validity Valid
lewwed.space
WE1		 2024-07-10 -
2024-10-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://d.lewwed.space/
Frame ID: 9A3EF89A35864AF920282C542F3E80DD
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lewwed.space games

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

3
Subdomains

6
IPs

2
Countries

543 kB
Transfer

1507 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d.lewwed.space/ 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9974b3683347a3f9bba675b0077ec0f5a79f7b6365a6e0272715c68b880f7ed8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
MISS
cf-ray
8a41a64d5c8cbe61-ZRH
content-encoding
br
content-type
text/html
date
Tue, 16 Jul 2024 11:28:35 GMT
expires
Wed, 17 Jul 2024 11:28:35 GMT
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FeCLEHSyX6YAVIFSjYODKJpqHGy24VwFrj9OYecGWBBCHhBKxaE4K1HS3qhIJbBMY62J04Nxz0WA5WpsOuzMMLt4yIIEYHhmOuvQ0FhktmbYNWogL8v4Bl6VR3G6ZcsW6NN%2Flr2VvXvwUydDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
292f267ef34a288b055d8d80ee788905387f35a97fd2676cf39a64793a04144b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31598
x-xss-protection
0
server
cafe
etag
248 / 19920 / 31085308 / config-hash: 8510356149453071209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 16 Jul 2024 11:28:36 GMT
pub-1107961416814374
fundingchoicesmessages.google.com/i/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-1107961416814374?ers=1
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08edacfa4a22df723631dd15416950d90f69b506567023fce0d18774dd91699e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-prvyDVDIHS0L2F1dDeqvxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-prvyDVDIHS0L2F1dDeqvxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLmeLLp5hY2gRn9vexKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgbmhiZ6BubxBQYAr2E5Iw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
chunk-common.ee384d64.css
d.lewwed.space/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/css/chunk-common.ee384d64.css
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3879c03bed1e1a6bece65dffabfce89ed0cf88a70d776cd41c45e7fa45f276

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-77bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdcQZ20QT5qo8jpjxnMroEEJ5Q835PtCancA6ms4bPXJC%2F4pPm060Vg2MEC%2FM%2BnUm91s4WRzH63R1LsS49B6hVVTxkEYfg5gz2vjgYJNUrJeBzCzLvbsAUqTWg2ETV8xFOEqtRmF9Inoj8kH3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8a41a64fd918be61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
chunk-vendors.df919975.css
d.lewwed.space/css/ 		69 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/css/chunk-vendors.df919975.css
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8e4695f7fa97f1bfeb3580f3deb14056a2d65dabd7e07e110332390ceeed4

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-11327"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jixi9FppXTLJHgbkLIrgSnYy2TUAJzs7vFwS7574Y7HtDU4j4Ac%2FWkvd1SgH6ptaDGh4QGcikGd5y09zHfjhYkSQ8dt1TEDuXxcuN5%2FZG%2B%2B3aLAp%2B3SpRtqLf9o4K9vY3PM9W14ma8UcapSxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8a41a64fd91bbe61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
index.797cad03.css
d.lewwed.space/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/css/index.797cad03.css
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a448ac47fc5284051fc9ecb896d5875ee6b96a70cb322fcd5839baa7ace85b

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-23a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJZQINvewfU6cVlNXXLjmFaaviCs7DCcOYMKpeNhd8F4RQo6eTkWOPEVoV2aj1cMdj0fnOn7n2FtBwY%2FxvqfF2BwDGlGbFpVJeFV4K2%2F5XFtjoF1iYjYieBjKoQux3wpRmjA%2FodYQan69yVbKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8a41a64fd91ebe61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
chunk-common.011b9c7a.js
d.lewwed.space/js/ 		230 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/js/chunk-common.011b9c7a.js
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79cc6509cf2a14aa0ba8c69c7ae0adb52e134402c7887faa80e529a6fac013a

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-39999"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFIVlPBa8nDTjx4lv5ntcxNm9dZFYT2zEVgRepao4Mnh9D86VJmPBcqPXyuOWqDQ35MQmmARLSbhQhSfHCw5PwqgBJX7OAWUYGSnG%2F%2F7RKBTVuFnlFyvJ7A%2Fvp62s29m8coZMyn0kEd9GH12FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a41a64fd920be61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
chunk-vendors.6879b757.js
d.lewwed.space/js/ 		472 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/js/chunk-vendors.6879b757.js
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91437e662ff234f0efe52473fba1e37cb3097cce13bdc186ca8c4185d42ee55f

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-76010"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORv2aFl%2BjSxZWnvVuyW5WjFPredWQoPFTc74%2F4n9nGs11Cv4amZIrentkN%2FqT6wklD69bgyj4vu4t3hSDSzMW5W8AyEB3ZMkPHRdO%2BtuH5wkXoJ7Jpo1E3%2FzL1a2oWj2m5Wdca1WS%2BjyFPmauQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a41a64fd922be61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
index.794ba7a4.js
d.lewwed.space/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/js/index.794ba7a4.js
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8115d9475feca9cf9a278e0f7991e2d6dfb7ce92185bfa265e4de4d53d92b928

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-7fdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tj0tdmseq5wXwJAfWJeP0owcQLARSYx%2BuLCtwvnisOrXeUv0TqoQkB7ZuIQCga6wqXyv6F3c8k1FXVcO7aeHD%2FQUbi8F1H4gUeDAz%2BM%2Fw7u19fNrKoAwXJu%2BLqIeGVYi0%2B5AMgOX82PINKGN%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a41a64fd923be61-ZRH
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
color.js
d.lewwed.space/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/color.js
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5312d5ca7844477c4e06fcbe5bb1c1bfce4f5bcfb1960e0666efa8ce2401ea

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-b5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxNDmPbCUKMK1Nv46axFJ8cacdxOeqgathI83gWG8aVgl3u8m4y6qDOsCrXiROi25RkYLUF%2F1Olo6jn7yxH1B6brnwHhj2zU0TqzzkPwGf9O1Zv7nNZXG9c5i1yPDUAJrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8a41a650ecba18da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:36 GMT
pub-1107961416814374
fundingchoicesmessages.google.com/b/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-1107961416814374
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a979765f482e36c90afe54283f6974f0de55bad63ac199eb97b892bf4011556
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FhrH_trvuepTTbfBMTT7VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FhrH_trvuepTTbfBMTT7VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLmeLLp5hY2gQun2lmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDU30DMzjCwwAu8s5gQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVFcfV58EAv1O9Mv4DPbgCWivV6Iz126vlYHwZX4l-K-D3BrD0SwtQMS9Ifah5OenNTJZLBOqaU5wNstCUnD_0_SQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFcfV58EAv1O9Mv4DPbgCWivV6Iz126vlYHwZX4l-K-D3BrD0SwtQMS9Ifah5OenNTJZLBOqaU5wNstCUnD_0_SQ==
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lR2fvgs1qDQzNTjAtG4KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lR2fvgs1qDQzNTjAtG4KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFk080tbAIXdh43V3JJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuaGJnoG5vEFBgBGsyvV"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://d.lewwed.space
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407150101/ 		470 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407150101/pubads_impl.js?cb=31085308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3974677b04287e11094948384cb6756bf1164276bc8d2b8d65256deb3a79e819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
5252
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149966
x-xss-protection
0
server
cafe
etag
14809116456094172007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 16 Jul 2025 10:01:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		68 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=d.lewwed.space
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8060f9045f7b5f3e1fd0d96c9a358215258c0b27ff153bdee8198b2a3b11e51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
expires
Tue, 16 Jul 2024 11:28:36 GMT
games_v2.bin
d.lewwed.space/conf/ 		113 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/conf/games_v2.bin
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc55835698bf93e9bf668ecbac00fb78db2473666ff7bd8223b79106d62546b

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
token
null

Response headers

date
Tue, 16 Jul 2024 11:28:37 GMT
x-oss-request-id
66965964ECA51232398AC5E2
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
DuZipIAvlFVRG9ZOaY3J7A==
content-disposition
inline
alt-svc
h3=":443"; ma=86400
content-length
113
x-oss-object-type
Normal
last-modified
Tue, 16 Jul 2024 09:09:05 GMT
server
cloudflare
etag
"0EE662A4802F9455511BD64E698DC9EC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6oIDBdlDBRJrzNSHmFKqUiC2AwCrFkq%2F7GZzOJAmY4hRYOFgDeORkMbrv7UaZ%2F%2Bivkax3NitwF6QFLK4dlz%2FxJfqJwqtKH8cedenWQsTG9n7qtPgk%2FQetbG4Xx6FRtdqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=3600
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8a41a655bae818da-FRA
x-oss-hash-crc64ecma
17353506613690428804
x-oss-server-time
1
expires
Tue, 16 Jul 2024 12:28:36 GMT
d.lewwed.space.bin
d.lewwed.space/conf/ 		400 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/conf/d.lewwed.space.bin
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9297a485316cb56bd71d5f7c93e75cfc3d37139beb52fa5ea0b8d34f9a741c42

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
token
null

Response headers

date
Tue, 16 Jul 2024 11:28:37 GMT
content-encoding
br
x-oss-request-id
669659649FA2BD3838FF3A96
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sr22y63JigzonhaMMPlUPKNcojdNqsuAeAzgGj9TnkrvwRJnhVhDPEo4Ly73vQY8eY6JwwVjnEX0Fta4yaUdqddVOnKD0d0aFaFJd295Uama5Mq63yr%2B5z78x%2B%2BvbJda9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-oss-ec
0026-00000001
content-type
application/xml
cf-ray
8a41a655baed18da-FRA
alt-svc
h3=":443"; ma=86400
x-oss-server-time
1
ads.d.lewwed.space.bin
d.lewwed.space/conf/ 		404 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/conf/ads.d.lewwed.space.bin
Requested by
Host: d.lewwed.space
URL: https://d.lewwed.space/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d6e7a2e6d76c38146d7b7dbe5651ea4ee0ab44da5ec7a5b8584c87e6b32132

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
token
null

Response headers

date
Tue, 16 Jul 2024 11:28:37 GMT
content-encoding
br
x-oss-request-id
66965965028C4E333359AD10
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ai78%2BNBsIRy3pc9ynY5je9vhguPjuEhOkNXBfU0tcm63c%2BvAJiWxvbXhY1K2HjQIsqi7uuj0mzXmrgvZYEvUKmW38zm0K3x4XTRr037YS0cpGC0FUkVPtEch09u2%2Fp%2BRTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-oss-ec
0026-00000001
content-type
application/xml
cf-ray
8a41a655baf218da-FRA
alt-svc
h3=":443"; ma=86400
x-oss-server-time
1
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b61fe558de138dc00513ebede4e8b0fd3bd60bd16ff20da95872835f1e359b8

Request headers

Referer
Origin
https://d.lewwed.space
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
favicon.ico
d.lewwed.space/ 		4 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.lewwed.space/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e249bb640b4165ad2d5cc967651bd8f2a8de47669d562bb35132a284989367

Request headers

Referer
https://d.lewwed.space/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:28:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 06:30:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f7bf4-113e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kaaT4j%2B%2Bpg2%2FwiVWjrksx8Up6e1mNOQCBJp2yCW0ZZeEUXPMnkuek5hhKIXj1p5%2B7jg0yalJM%2FCtcg7wnPwZ8kQ0qgoMPFNkBtPLC8suvtl29kf42F6PQB0rQM4vXpqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=86400
cf-ray
8a41a6564bc718da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 11:28:37 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| __h82AlnkH6D91__ function| __p4qa8r1lb17__ string| cHViLTExMDc5NjE0MTY4MTQzNzQ= function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| webpackJsonp object| regeneratorRuntime function| _ function| resetRootFZ function| AddStyle

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://d.lewwed.space/conf/d.lewwed.space.bin
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.lewwed.space/conf/ads.d.lewwed.space.bin
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.lewwed.space
fundingchoicesmessages.google.com
securepubads.g.doubleclick.net
172.217.16.194
172.67.165.140
216.58.206.78
2606:4700:3036::6815:2ac2
2a00:1450:4001:813::200e
01e249bb640b4165ad2d5cc967651bd8f2a8de47669d562bb35132a284989367
08edacfa4a22df723631dd15416950d90f69b506567023fce0d18774dd91699e
12a448ac47fc5284051fc9ecb896d5875ee6b96a70cb322fcd5839baa7ace85b
25d8e4695f7fa97f1bfeb3580f3deb14056a2d65dabd7e07e110332390ceeed4
292f267ef34a288b055d8d80ee788905387f35a97fd2676cf39a64793a04144b
2b61fe558de138dc00513ebede4e8b0fd3bd60bd16ff20da95872835f1e359b8
2dc55835698bf93e9bf668ecbac00fb78db2473666ff7bd8223b79106d62546b
3974677b04287e11094948384cb6756bf1164276bc8d2b8d65256deb3a79e819
3c5312d5ca7844477c4e06fcbe5bb1c1bfce4f5bcfb1960e0666efa8ce2401ea
7a979765f482e36c90afe54283f6974f0de55bad63ac199eb97b892bf4011556
8060f9045f7b5f3e1fd0d96c9a358215258c0b27ff153bdee8198b2a3b11e51e
8115d9475feca9cf9a278e0f7991e2d6dfb7ce92185bfa265e4de4d53d92b928
88d6e7a2e6d76c38146d7b7dbe5651ea4ee0ab44da5ec7a5b8584c87e6b32132
91437e662ff234f0efe52473fba1e37cb3097cce13bdc186ca8c4185d42ee55f
9297a485316cb56bd71d5f7c93e75cfc3d37139beb52fa5ea0b8d34f9a741c42
9974b3683347a3f9bba675b0077ec0f5a79f7b6365a6e0272715c68b880f7ed8
c79cc6509cf2a14aa0ba8c69c7ae0adb52e134402c7887faa80e529a6fac013a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3879c03bed1e1a6bece65dffabfce89ed0cf88a70d776cd41c45e7fa45f276