elementsofthinking.com Open in urlscan Pro
172.67.156.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mantap.pastihype.com/
Effective URL:
https://elementsofthinking.com/mobile/register?ref=safir
Submission: On June 07 via api (June 7th 2024, 5:46:37 am UTC) from US — Scanned from SG

Summary HTTP 48 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 48 HTTP transactions. The main IP is 172.67.156.203, located in United States and belongs to CLOUDFLARENET, US. The main domain is elementsofthinking.com.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.

This is the only time elementsofthinking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	172.96.191.40 172.96.191.40	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
12	172.67.156.203 172.67.156.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
11	13.225.0.205 13.225.0.205	16509 (AMAZON-02) (AMAZON-02)
19	172.67.72.220 172.67.72.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.24.113 74.125.24.113	15169 (GOOGLE) (GOOGLE)
48	6

4 172.96.191.40 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.40-static.reverse.arandomserver.com

mantap.pastihype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mudahmaxwin.boats	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.156.203 (United States)

ASN13335 (CLOUDFLARENET, US)

elementsofthinking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.0.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-0-205.sin52.r.cloudfront.net

d2rzzcn1jnr24x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.72.220 (United States)

ASN13335 (CLOUDFLARENET, US)

api2-bef.imgnxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	imgnxa.com api2-bef.imgnxa.com	76 KB
12	elementsofthinking.com elementsofthinking.com	513 KB
11	cloudfront.net d2rzzcn1jnr24x.cloudfront.net	59 KB
3	mudahmaxwin.boats mudahmaxwin.boats	2 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	305 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	100 KB
1	pastihype.com 1 redirects mantap.pastihype.com	278 B
48	7

	Domain	Requested by
19	api2-bef.imgnxa.com	elementsofthinking.com
12	elementsofthinking.com	elementsofthinking.com
11	d2rzzcn1jnr24x.cloudfront.net	elementsofthinking.com
3	mudahmaxwin.boats	elementsofthinking.com
2	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	elementsofthinking.com
1	mantap.pastihype.com	1 redirects
48	7

This site contains links to these domains. Also see Links.

Domain
sudah.click
apk-bank.s3.ap-southeast-1.amazonaws.com
www.facebook.com
twitter.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
elementsofthinking.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
www.fb.mudahmaxwin.boats R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
imgnxa.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://elementsofthinking.com/mobile/register?ref=safir
Frame ID: 9EFC25CF80022F3EA7650681FE54C178
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daftar Judi Slot Gacor Online Terpercaya di Betslot

Page URL History Show full URLs

https://mantap.pastihype.com/ HTTP 302
https://elementsofthinking.com/mobile/register?ref=safir Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

2485 kB
Transfer

3278 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sudah.click/wa-betslot

Search URL Search Domain Scan URL

URL: https://sudah.click/rtp

Search URL Search Domain Scan URL

URL: https://apk-bank.s3.ap-southeast-1.amazonaws.com/bef.apk
Title: Unduh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/betslot.terpercaya

Search URL Search Domain Scan URL

URL: https://twitter.com/betslotgacor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betslotgacor/

Search URL Search Domain Scan URL

URL: https://t.me/betslotgacor

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mantap.pastihype.com/ HTTP 302
https://elementsofthinking.com/mobile/register?ref=safir Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
elementsofthinking.com/mobile/
Redirect Chain

https://mantap.pastihype.com/
https://elementsofthinking.com/mobile/register?ref=safir

30 KB
10 KB

975ms
291ms

Document
text/html

172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1361f014aeb56969463c38bc78b94106ad4f10ea354816810bcdac8fee64ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 88fe5772cb7d44ab-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 05:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAlPZY%2FF4qCZTfFRHhD1RYxjmB9COXvihKkEGQX1DBim0WgkHgCLxM649q8i0obm1N3U1xMmb5qTn0yZwPWOretZ4d%2Fhhv6zwRsdidk3qE3Kvr%2FvD5hoHeVvmiL6avIJXZSPaf0U1aTX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 771
content-type: text/html
date: Fri, 07 Jun 2024 05:46:24 GMT
location: https://elementsofthinking.com/mobile/register?ref=safir
server: LiteSpeed

GET
H2 200 glyphicons-halflings-regular.woff
elementsofthinking.com/fonts/ 16 KB
17 KB 502ms
496ms Font
font/x-woff 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/fonts/glyphicons-halflings-regular.woff

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Origin: https://elementsofthinking.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 May 2024 19:49:12 GMT
server: cloudflare
etag: W/"0ec2b76a5a4da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkJmU%2FwLejJjt10cth6KxwvpmTHUCVO%2FjfBQQIA78PZhKZ9emXEqWFAAihO5Lqn3gT069%2BxrCaq1YkCFs5V4jBf%2BL1vxEwHF2%2FAYXIlXKZ9JG4%2BBALtl4bsA29MECtQY5%2FVfSfTSkaFr"}],"group":"cf-nel","max_age":604800}
content-type: font/x-woff
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 88fe5774be4a44ab-SIN

GET
H2 200 Lato-Regular.woff2
elementsofthinking.com/fonts/ 178 KB
180 KB 605ms
601ms Font
application/font-woff2 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/fonts/Lato-Regular.woff2

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Origin: https://elementsofthinking.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 182708
x-xss-protection: 1; mode=block
last-modified: Sun, 12 May 2024 19:49:12 GMT
server: cloudflare
etag: "0ec2b76a5a4da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wu%2FllfsFAtya7oXT4sFh9k0b2IdPHaKXQlBM8FHCp6NSrD%2FfLiBBBYuzQ%2BJrEowb9Pn%2B87TKSnzGA8C1vUgXif1NXzZJOZRRm8579Vk0dqi%2FCfuSZMUIRv6nGrmbKyWvkzjtICBWqlzO"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88fe5774be4d44ab-SIN

GET
H2 200 lato-bold.woff2
elementsofthinking.com/fonts/ 24 KB
25 KB 494ms
490ms Font
application/font-woff2 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/fonts/lato-bold.woff2

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Origin: https://elementsofthinking.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24388
x-xss-protection: 1; mode=block
last-modified: Sun, 12 May 2024 19:49:12 GMT
server: cloudflare
etag: "0ec2b76a5a4da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6l9UvM6a%2BTWAjV7edyDi0gZvRDzkGXDaXEnEviUw5K5GAdfthTsX2CokjdrcQEcOfWqD3UqKxejB8WK9FcOnjaI6amHcJV8Oc4M2HLlECIIhpqZe0VDSVXwNFleBO6A7CqPSkSeyRwjL"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88fe5774be4e44ab-SIN

GET
H2 200 Open24DisplaySt.woff2
elementsofthinking.com/fonts/ 6 KB
7 KB 499ms
495ms Font
application/font-woff2 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/fonts/Open24DisplaySt.woff2

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Origin: https://elementsofthinking.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6100
x-xss-protection: 1; mode=block
last-modified: Sun, 12 May 2024 19:49:12 GMT
server: cloudflare
etag: "0ec2b76a5a4da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1KoeOo3Wpc8wpBMVexBQWnCk6FGkd0VfVmF9%2B9u%2BzCSeuMbnCle7TY%2BP9sOOz7rGiAcv6Rl1XLnJ%2FHbXsoUA4ErvJM3joekOGmq%2F2G4W1m%2FaJGGjFjUVhfZCYPTLIBDqohcvv4GBrEe"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88fe5774be4f44ab-SIN

GET
H2 200 nexus-beta-mobile-css
elementsofthinking.com/Content/ 187 KB
48 KB 169ms
165ms Stylesheet
text/css 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/Content/nexus-beta-mobile-css?v=Vc8vgGDY-HG_gAMgFnJboDbXqLZnPTjuXTMgyecO-SA1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7361d10447551d06748c87a7cc5568927be55fdf88666a7245f0fab6c4f0dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 48066
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 05:46:25 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22Gtqh2D2HGboN9qTMXBlpTPJYRt2aRMNGuCANzI2UvwB9JX54kFVqojgSTiIxNnUNXY0%2Bxvkyj2Wunv2g7JMXT0iG5WIexl2QP1LDS0OS26OtgKB31qKPI%2F%2BJ4zawc41xxqkAoEh3Fr"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 88fe5774be4944ab-SIN
expires: Sat, 07 Jun 2025 05:46:25 GMT

GET
H2 200 nexus-beta-mobile-css
elementsofthinking.com/Content/Register/ 4 KB
2 KB 491ms
488ms Stylesheet
text/css 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/Content/Register/nexus-beta-mobile-css?v=T5DtQvMOAqUMSIrKhwx7PxSZ3DYQSg0UzH1kaz2YM3I1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f2d7373d81fd311050464208b62c3d344bca10856574199d64e7b9dc705b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1505
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 05:46:25 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJMA1AzXNslakAg7MUl7GHJBwyuB5F9mvkN6a59qQHXM%2FTZ239hSDBLjetp72clIgamuR6SQDmv3v7wF45AUabpXA1jrsuY39Wker1MLiCYVgSWHCjVtCvhsHaOHNakr9ynEZXPdHzqV"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 88fe5774be5144ab-SIN
expires: Sat, 07 Jun 2025 05:46:25 GMT

GET
H2 200 nexus-beta-mobile-dark-red-css
elementsofthinking.com/Content/Theme/ 28 KB
8 KB 493ms
491ms Stylesheet
text/css 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/Content/Theme/nexus-beta-mobile-dark-red-css?v=5DIHZePVNx1JlIgj-Gqyp3aTAGXRruetk3SRVy5I4fE1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3c7e4023abdcd38b824850c342302d16e1e99101baac59f0fb3f805a26d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 7260
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 05:46:25 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLLHk5yABYe91sHnWP1PQFjzws7xxSVz5sJSiXwHIkhy79pyKPDXYCUG07R9o4wwDO0XCsfrHYcv00%2BmbZmjFB%2FHWqHKNBNZpTXTqbQsb4SIu8esLbIZX1CHDZ4dfXZ%2BjyEN72GjCGDD"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 88fe5774be5244ab-SIN
expires: Sat, 07 Jun 2025 05:46:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
100 KB 1452ms
532ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HXZNHN7M8Q

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4b985e264e41f1a7d3d1f22f9b1df5bdf0d169e9f276b384873c0d43dc0d61dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 05:46:28 GMT

GET
H2 200 betslot.js Show response
mudahmaxwin.boats/ 9 KB
3 KB 495ms
118ms Script
application/javascript 172.96.191.40
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://mudahmaxwin.boats/betslot.js
Requested by: Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.40 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.40-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 51938e5db139627644e7010c04a26e4c1ca2321eaf4f12b982fd441b0bf96a7d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
content-encoding: br
last-modified: Tue, 09 Apr 2024 07:59:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2936
expires: Fri, 14 Jun 2024 05:46:25 GMT

GET
H2 200 wa.gif
mudahmaxwin.boats/ 778 KB
778 KB 106ms
104ms Image
image/gif 172.96.191.40
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mudahmaxwin.boats/wa.gif
Requested by: Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.40 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.40-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 963afb25d697cf3af04546a81116e0df20985d753956d5a92a0b4584f8d3bc0e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
last-modified: Tue, 09 Apr 2024 07:59:28 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 796494
expires: Fri, 14 Jun 2024 05:46:25 GMT

GET
H2 200 rtp.gif
mudahmaxwin.boats/ 955 KB
956 KB 105ms
104ms Image
image/gif 172.96.191.40
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mudahmaxwin.boats/rtp.gif
Requested by: Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.40 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.40-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f5d06911ad2428743c7145836cd0bbe00bc78de44e0bf68637c98ad2dc9cd3fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:25 GMT
last-modified: Tue, 09 Apr 2024 07:59:28 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 977882
expires: Fri, 14 Jun 2024 05:46:25 GMT

GET
H2 200 captcha
elementsofthinking.com/ 2 KB
3 KB 383ms
382ms Image
image/jpeg 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elementsofthinking.com/captcha

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bd89810435518b5d041e1304cb66b9c8ac197b3b6bb4564663efc0f2d9ce88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMn68r0NGPklthbQPo8XTy7RKoi%2BCJpdQYYr%2FjbT781CO8L7%2Bu73axq4EOptQUn08zflr5L%2BPdm649USLuMg5VqnFleHa%2FKaDEr%2BWtASOSW2UGEGq0Pr2GhWdOHg8f1xRMIIUUI7O5Vo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, s-maxage=0
cf-ray: 88fe577819f744ab-SIN
alt-svc: h3=":443"; ma=86400
content-length: 1859
x-xss-protection: 1; mode=block

GET
H2 200 nexus-beta-mobile-js Show response
elementsofthinking.com/bundles/ 538 KB
209 KB 307ms
306ms Script
application/javascript 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/bundles/nexus-beta-mobile-js?v=C-4bvBRiwmpZPwIXYcU-dx_Gvunb7bENOEF2QrUZaik1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a894f68b1ea97058db4e2f84038b1c6417c913d086f9d321e82b2d047f46d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 05:46:27 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6x2CeuL9icdlZ1o7F5Q8EwuU4lFGeiyc%2BrkVjpbGv4Ubq6Vg8wVjpC1nvUZYON33Vj91rvwUDxRo%2BWhN01C%2B93rXGYfB42PYtKhnZgzt9eYNp2pcT8Rvc5gMzGrbxE9ttsTWSIgV%2BbiO"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 88fe5782ada044ab-SIN
expires: Sat, 07 Jun 2025 05:46:27 GMT

GET
H2 200 page-js Show response
elementsofthinking.com/bundles/Register/ 4 KB
3 KB 244ms
244ms Script
application/javascript 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/bundles/Register/page-js?v=Sc2uv4m5neUmjhSGTzXmH_ywggTmX5Cr98OWXKjv0EM1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe14aaf70b4e6d72d1405dd5eefb73c469218fa3b140785bd798b5cf51c318e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/mobile/register?ref=safir
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1712
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 05:46:29 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZXKOJlKH6Zak5sFoG%2FqLD11xbEdQcZLT0mTgILfTyfCb4RllvV26p3D1X4%2B38b5UiZq%2BPDwGgrAgY7VZlSlmr0Az4nLggSrV4sAICt52w232aHjgnYdU3adS%2Bn6ENI3lkUj7Cbr3H1s"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 88fe578c18e144ab-SIN
expires: Sat, 07 Jun 2025 05:46:29 GMT

GET
H2 200 username.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/login/ 673 B
1 KB 97ms
97ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/login/username.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/Content/nexus-beta-mobile-css?v=Vc8vgGDY-HG_gAMgFnJboDbXqLZnPTjuXTMgyecO-SA1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

4570f72c836d3026d2c1e7845db3cafd67b693ff6047f11439979b6b64e763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 92122
x-cache: Hit from cloudfront
content-length: 673
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: "0fba6e5e5c8d61:0"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CPUIsaeHf3KzkO6tHklCXIEZGYqz6_IktL2RGsDi8ZPhrXG_srY1yg==

GET
H2 200 password.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/login/ 954 B
2 KB 380ms
379ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/login/password.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/Content/nexus-beta-mobile-css?v=Vc8vgGDY-HG_gAMgFnJboDbXqLZnPTjuXTMgyecO-SA1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

e6ab4551d6481df2a76ae3436a36526bece746d2aa0960aac2b8add060b08858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 92122
x-cache: Hit from cloudfront
content-length: 954
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: "0fba6e5e5c8d61:0"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AWn5hA6vCdOa2aqkmEPCgQXEbH1hpa4UoGUz4LFZte-hqEKt8VH5FQ==

GET
H2 200 android.svg
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 137 KB
40 KB 1175ms
581ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/icons/android.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

cc38cbe8ff37129fe2e4f8744a3c9496f87a7625430466192bf6e53da10be6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92120
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Oct 2023 02:49:46 GMT
server: TrillionSoft
etag: W/"081f3945b5da1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: bM8v7zwhDP3wA42_kjMZCzuQUzsSI8nRsdgtLSwg0TLbO_VyegQwEg==

GET
H2 200 logo_mobile_f0e32d0f-468f-4c4a-9a1b-160d41153e89_1717670508610.png
api2-bef.imgnxa.com/images/ 12 KB
12 KB 959ms
380ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images/logo_mobile_f0e32d0f-468f-4c4a-9a1b-160d41153e89_1717670508610.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb2ca9829f35e448c3c32d4741f3caa174467691fa77ce969edd949d94f7f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Thu, 06 Jun 2024 10:48:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ebd6e712ffb7da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KI%2BHmGli3js7JlBCjfo4Zu9%2BXKbWbpclMMYQ1F5PZ%2Bmnq1kLcKFuD4VbY1xHCKqb5XT40%2FwFRQzVwGIQz12cCN2ISqJmlKix90E3EkqbQuo2zEWfSwKsJj5Y6rKG9FRvVav64YI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe577c284b484c-SIN
content-length: 11927
x-xss-protection: 1; mode=block

GET
H2 200 Facebook_e6409c28-d6dd-4eb3-9010-b8a961c32cec_1677935918943.png
api2-bef.imgnxa.com/images/ 4 KB
4 KB 367ms
367ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images/Facebook_e6409c28-d6dd-4eb3-9010-b8a961c32cec_1677935918943.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

432aa0cdb01c7eb02afa87497f810c1d5042e0917dcd883de428eee09b30ae21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2bf489abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IW11YummXJ%2B9uc%2Fzt%2FR8%2FG%2BLduFcR1uTFRX2nuBHlgtownt6tx8FIk5B9QqwHisJBfWzo%2BfE5g9vlGzcloXonFOSBWlv5xpPspMZnmS1nJPxMcWxMoeQkmOq9hS0l69FWwpSA5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe5790bda5484c-SIN
content-length: 3954
x-xss-protection: 1; mode=block

GET
H2 200 Twitter_71068b1f-f52b-4530-a84b-0bd61309d26d_1677935954580.png
api2-bef.imgnxa.com/images/ 5 KB
6 KB 242ms
241ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images/Twitter_71068b1f-f52b-4530-a84b-0bd61309d26d_1677935954580.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8527bb3b5596b1a838bf5b11292664bffd7a71116c9fb12cf2d6f016b1f77e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bcc48dabd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Le%2B5TLiRHnShvqXp0TEXS0cKfPHSRwMYeZf6PjaU5dlbEhFJ85GUfwwluDqS3nvOZnj0rcHnp67%2FDjh0XtYrl%2BUvOkna5Y1%2Bfrm8%2Br3MHsL52SWZR05bcjGOlcpRJJ4SQfikDf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe5792ef7c484c-SIN
content-length: 5356
x-xss-protection: 1; mode=block

GET
H2 200 Instagram_589fc8dd-d669-4612-9a89-50b6efe97e68_1677932909937.png
api2-bef.imgnxa.com/images/ 6 KB
6 KB 439ms
439ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images/Instagram_589fc8dd-d669-4612-9a89-50b6efe97e68_1677932909937.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8382cc804e7f5bf5985d4355f37b57f701fc559c2593a087a5f541dda1d653c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e4791abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gNxByx3DJlcC2gv%2F7Z51AVei7MPJzUF2MCZ1ZJvHIDh67PblJZrxmq3v4yScJZlusv8t2Xwe9ngZuhfcFXbcO0tH5sUetbBVtrKp0zKof%2FD6Nm2GSOe4uNvelp5W%2BzMXFdDtX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe5793c835484c-SIN
content-length: 5954
x-xss-protection: 1; mode=block

GET
H2 200 Telegram_0cf4b816-d31d-41b9-98bb-cde6d2b21846_1677932923930.png
api2-bef.imgnxa.com/images/ 5 KB
6 KB 644ms
644ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images/Telegram_0cf4b816-d31d-41b9-98bb-cde6d2b21846_1677932923930.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5421a39d50501ce34da1b8e6626a5ef7c19893b063c922df5262ed9045761195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7f5494abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8PVcVd5jy%2FWeapU7RyCUVOFF8fFT%2FVaSKcDPbXGJmko76sJ7YZfPK6aQaa6J21ddoJATu%2F4oinR64kxGTNcx7TFByQNfoNCNPdJrl%2B6biPw9XspW9GAiyGEqzRgB38EbvUHEX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579579d1484c-SIN
content-length: 4929
x-xss-protection: 1; mode=block

GET
H2 200 BANKJAGO_2941aaa9-e2cc-4cb8-a571-c2a1173ba664_1689671797320.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 573ms
573ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//BANKJAGO_2941aaa9-e2cc-4cb8-a571-c2a1173ba664_1689671797320.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8259c7635c55782cd76bf68ecc6cebc83937013b80914bcb63879648564b632a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f4ba47abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3U3rVTK7H%2BzOX%2BJUqhxVIlEeC9mKCHcy7%2FlrEmA96FFZqQgLmaJQwaPey2brAgrkcHjj3TVXqJJuay0jocl0m0qx%2FC%2Ba%2FtVBLtWP7cuyyowpNRNQbrzhGpTEoIPDXSeUVcXyWZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe5799ce37484c-SIN
content-length: 2142
x-xss-protection: 1; mode=block

GET
H2 200 BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1716932182300.png
api2-bef.imgnxa.com/images// 3 KB
3 KB 340ms
338ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1716932182300.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24a99a784d7de534479c206378dd2171f2859ca293f370bd4570cea883b12c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 28 May 2024 21:38:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f3dd306247b1da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uly08JgQWQmzR7oA3S%2FLLnZXrpwdl5oIbve0GhTxO1f%2Bd3Aq8g%2Fz%2Fv4HkfzHKJ6XuPmgjFBYuJ2hhzYUT9ERoXejcCpRlQ6tCgMq2OkjP0NVq%2FP7BIFvG9Sto7OgbjP3MWROld8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe5799ce39484c-SIN
content-length: 2848
x-xss-protection: 1; mode=block

GET
H2 200 BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1712940541773.png
api2-bef.imgnxa.com/images// 3 KB
3 KB 233ms
232ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1712940541773.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6846b6208e80958b972c0c2133c2c27909d7dc868e381a736e7e26838f43156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Fri, 12 Apr 2024 16:51:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "68a331acf98cda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkaAJPv3hLYooLnfBvQ3Sr31krO%2Fx3JlxBtpB2H%2BTrRB%2BnYrDo%2FQlXHfr5QT0LIDydyrummtp6eF1WP3WQsn7H1F34ick%2BpbYk8Jzc33jjKmkak%2BECgKeSfY3CZe%2BKYSin%2FRzFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579ba842484c-SIN
content-length: 2831
x-xss-protection: 1; mode=block

GET
H2 200 BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1712940570070.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 904ms
902ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1712940570070.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aecefd2ebc45bd150f5adc2cba0fe00e5aa751a7fd146e9b4b546ca8b0c0b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Fri, 12 Apr 2024 16:51:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10c73cacf98cda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlfNHaAX7cDm%2B44oDuuEg9bjyORPUW2bC4Z6tJlZ7MSzKsUcQKYhfz2ZuYMV864oaqeUoQ3Hb3ihxyWMu%2FH9tz%2B8hd4pR%2BQ6W0D7WZByEJsUUJJqQu26%2BDvksY%2FhrBOPN12PVPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579ba845484c-SIN
content-length: 2173
x-xss-protection: 1; mode=block

GET
H2 200 DANA_4ad7f153-3db4-448c-9a56-e143224ba601_1700327567440.png
api2-bef.imgnxa.com/images// 1 KB
2 KB 672ms
670ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//DANA_4ad7f153-3db4-448c-9a56-e143224ba601_1700327567440.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bcda2c7f871069c7494fc91eff808d7ef047949015a3e131fc635321118e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f6e59abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0j5%2BJ5kPtPB0PiRLaBoyTMpW0eeLOo%2BJCpd%2Bqnr%2BBzrUwLWJ9gie87o4JbZxqgpN%2B06sEMrLtYoB%2BcxLQTi8DUzsJk0TOTqtLFl9NyrWQ3MufEaFVQ0MMNn6ldY6TzMaGUEbnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579ba846484c-SIN
content-length: 1479
x-xss-protection: 1; mode=block

GET
H2 200 GOPAY_6c5e75ff-7b05-4501-afbf-c11c3d208ed5_1689671898993.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 820ms
820ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//GOPAY_6c5e75ff-7b05-4501-afbf-c11c3d208ed5_1689671898993.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a15c6bc2d90d6e1002fd9285abb74ccae88234f983173d368222134f4599f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c3135fabd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogMsJSuS5i9lEDLHZWeCg2nTZVj9ws5xXvvvpulHWlDNnhBrEalzE4dSFpkaOPmCvZUumtwcY4VGovSv6vZxg8M1w69sPWuYiwM%2B5DiYN9wcYFEcBpB7El9KEGZKqLKGxOOxMlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579bb852484c-SIN
content-length: 1985
x-xss-protection: 1; mode=block

GET
H2 200 LINKAJA_529c6d9f-c095-4c6c-8f8a-fc7308824739_1689671910077.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 224ms
224ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//LINKAJA_529c6d9f-c095-4c6c-8f8a-fc7308824739_1689671910077.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

084358c9358955fe02eb74d0deb92e1f977b3cab47d889600272af039b84e831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e1b864abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJYQRG19N60guWB1X6VB%2FtO%2Bw26NgHuBhf7uokReFY%2Fcw1rdwXqgA0n2Y6B5D8%2Bfw8s9C5WBLEO%2FpKMsEXpXAzc2wTtHuQTgi4dOTXXDUPCal%2B%2BsV7PDlShyCHYSXjGhmDAfjZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579bb854484c-SIN
content-length: 2382
x-xss-protection: 1; mode=block

GET
H2 200 MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1712940559320.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 940ms
939ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1712940559320.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a7a3c505f7507306230a2ac59029b708daf55759360fd9a6413926798ec7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Fri, 12 Apr 2024 16:51:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bcd358acf98cda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo63nsKhIxuyPhGQMrmP9p8zNR%2F%2B3KQhJp95wX8R%2F6R3zxRolMaWt5%2BWqDh8CNTpJgIwpdOV6wJ5tYneIeFJEmZbAUJRJtDt4EkGrET3VmR2e28Z3BwMoXcECOgrsceC4xbkvwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579d198c484c-SIN
content-length: 2527
x-xss-protection: 1; mode=block

GET
H2 200 OVO_24504a92-3fb4-428a-a005-866cbbd33cc0_1689671928607.png
api2-bef.imgnxa.com/images// 3 KB
4 KB 800ms
799ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//OVO_24504a92-3fb4-428a-a005-866cbbd33cc0_1689671928607.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb212f9fd6cb76a9c28c3b70c846894f0f01ea6034e4df0ac0b14064e1047090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "688e6fabd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csQ1TAhxRuRocD6gD3a9ckJKVy0WNg4K5vW%2BE7a6zXBelsyvS1OgP8pPNWebAne%2Fgyp7rHdo7rCxcgiqWhRZ5npJB%2Fxm%2BrG3jr2oIDy1pODmZkJscZUqiQlVYCnoyxThPRoGNoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579f0b2c484c-SIN
content-length: 3257
x-xss-protection: 1; mode=block

GET
H2 200 QRIS_c794dc12-a39e-4907-8bf7-f8fb01c94a66_1689671937717.png
api2-bef.imgnxa.com/images// 1 KB
2 KB 856ms
855ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//QRIS_c794dc12-a39e-4907-8bf7-f8fb01c94a66_1689671937717.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b589a31a2ef6c004e968304c6c016908dfeca75327489abf162ff40b4c67b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "94c75abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tR%2BZkNHNLus0HeWJw9bxNew%2BjnSp4Nx%2BKzp5RTp%2BenDtXrX2ovIxboOfZEOOELuCOw4cxlyte6wAe%2FgMzQlIVq1OvONku0Jv7ObZy17OK5kC5j8Vo3vUk9Xghw35OkhCa5dDQs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579febe4484c-SIN
content-length: 1506
x-xss-protection: 1; mode=block

GET
H2 200 SHOPEEPAY_71fb3dae-d47e-4cee-9c3a-049398fe7625_1691770250220.png
api2-bef.imgnxa.com/images// 3 KB
3 KB 857ms
856ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//SHOPEEPAY_71fb3dae-d47e-4cee-9c3a-049398fe7625_1691770250220.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bfe64a9fe2b74a063a5e81e4e955b4fbf670496b9e6f9eecce8b5431495954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e28a7aabd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3E%2BRX8JQVg4ml%2FBqy3ULrpjIg3qY71UHuSAM60txEGWKepb55HtuziXK%2B%2B9SS5BB%2FJ0r5A1aUkwT85Gh2lfK2oM%2BFiCK25IMQt4xH2xN1H0AzT8AIYUpJiyz4ieyy4%2BvxxQeX8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579febe5484c-SIN
content-length: 2866
x-xss-protection: 1; mode=block

GET
H2 200 TELKOMSELNEXUSPAY_2e79e6b3-1fea-4fd8-ae50-2d531b39a30e_1689671969850.png
api2-bef.imgnxa.com/images// 2 KB
3 KB 859ms
858ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//TELKOMSELNEXUSPAY_2e79e6b3-1fea-4fd8-ae50-2d531b39a30e_1689671969850.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7f93a379b32ffa53ffae2745aa22b63aaab46dfdbdc1f8e3fb1b4a5b3ef440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "343080abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyffB1c4Y8%2BFV6tkC0TkUw0lH9yaUMTU%2BjugVyBCRxVWdxh76RxBU8%2BcB6KK2v8cBCoKfoOIe0EjdN8ZYpw40tyoqqtHVAwx3NWjvVn%2F9vyDSm3sYbsVpawfflgr86L6%2BVS7UQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579febe7484c-SIN
content-length: 1992
x-xss-protection: 1; mode=block

GET
H2 200 XLNEXUSPAY_0ce860e0-15d7-406d-bdbb-fb59470f0cfb_1689671981600.png
api2-bef.imgnxa.com/images// 1 KB
2 KB 859ms
858ms Image
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-bef.imgnxa.com/images//XLNEXUSPAY_0ce860e0-15d7-406d-bdbb-fb59470f0cfb_1689671981600.png

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20c39ed251534b397f946806f9d987bdcbe55565b53a213f3e31f0e76728a2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 17 Jan 2024 00:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8e3d83abd948da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yiMaPjggpIu5ZcoTX7McCgnBKT1hB6zujdNzbz4pkK%2FDOc7jXOe5FmJ0%2FSx2jZlcR0qPSRXXvlPdq%2FKbO76DsMbteqbatJGblyCrSAxxL8LuZ7Httq0XDFoCZOcEwR%2FCgEnK63c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe579febe8484c-SIN
content-length: 1399
x-xss-protection: 1; mode=block

GET
H2 200 home.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/ 751 B
1 KB 967ms
372ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/home.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

613903db9dfa7752e125feb58b27a6a6e3c78fa52d226f196c1d91eb5dbe5f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 92119
x-cache: Hit from cloudfront
content-length: 751
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: "0fba6e5e5c8d61:0"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _jNxJeVg61ZwBovOYy3GmfgdGgGIh5-qlNKyDihnz64Ov_RJTkEDdQ==

GET
H2 200 promotion.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/ 2 KB
2 KB 1613ms
1019ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/promotion.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

5cae9625050642c07df974a40b29e7cb6a20e40ae0574841588da7efca490547

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92120
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: W/"0fba6e5e5c8d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: Bk8AiqZVOl5Cfnt12bQsTnFDn5PmkwdKkOzOsfDwITTAwuQyCBeU3g==

GET
H2 200 login.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/ 2 KB
1 KB 1614ms
1020ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/login.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

803206eac30e7a2b2fe0d8a9cade1e10ff8d7ddd155c1daa6b0d3e08c8fa8de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92120
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: W/"0fba6e5e5c8d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: SvrZ10Bnrtxnf8ERmqXeo5K8UJI9XtXFwGfqbl9deCrd2sfdQ4nBbg==

GET
H2 200 live-chat.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/ 5 KB
3 KB 1615ms
1021ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/live-chat.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1737651796767edb71fdc2232e60f4055a4d63e9a8da4e164af3adb897d85153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92120
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Feb 2021 23:10:18 GMT
server: TrillionSoft
etag: W/"0e9ccb9ef3d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 3SbC_TXa9B_8BFTKDOnYw5hnjjcFR9wA9THGQM3Xt69i9LQoANEZtQ==

GET
H2 200 my-account.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/ 835 B
2 KB 1616ms
1022ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/footer/my-account.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

ce81652173b93d76518578ef0fc663e9176d2ee6ee9531807db0d62ca6e4d24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 92120
x-cache: Hit from cloudfront
content-length: 835
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Aug 2023 23:35:58 GMT
server: TrillionSoft
etag: "0335e93eced91:0"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PBZ10Pw6P8kQwFMJ9TL5oePsj3BKaGBHsui-54mZ5xUKCW5l6Hbkpw==

GET
H2 200 games.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/ 6 KB
4 KB 221ms
220ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/games.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

0c17faa8980a314620f9c3a3d5467e1b935d17ca2df3e132e6cf1cff72c1725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92125
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: W/"0fba6e5e5c8d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: TrjeOEdj_am-opQG4VrHi1PRjbsYJyk2oxJP6YIdN3twIMAyP5w3bg==

GET
H2 200 language.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/ 1 KB
1 KB 172ms
171ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/language.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

b0b8b86070ee9f440114873e807b45839fbefb03acca4aa911b4c66712fcb3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92126
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:18 GMT
server: TrillionSoft
etag: W/"0fba6e5e5c8d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 7Y3vX_pRi_Lr9ibKN5rscLxuNNggbLzMmzC_GqI2VUN2rUSKyltKvQ==

GET
H2 200 desktop.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/ 1 KB
1 KB 172ms
172ms Image
image/svg+xml 13.225.0.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/dark-red/mobile/layout/menu/desktop.svg?v=20240605-1

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/mobile/register?ref=safir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.0.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-0-205.sin52.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1099dfd68d112a502acd147bc0b4e9be8d4fa8c771a7934a89045ffb8d9a219c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 04:11:07 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-C2
age: 92126
via: 1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Dec 2020 21:08:00 GMT
server: TrillionSoft
etag: W/"078665e26d3d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: yUgecnF7y03SBPsNPOF2xCcv48g-N4Ucy1Th7VQuhdHmmnaurmhwOw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
259 B 806ms
165ms Ping
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HXZNHN7M8Q&gtm=45je4650v9101809681za200&_p=1717739185886&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2097744801.1717739190&ul=en-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717739190&sct=1&seg=0&dl=https%3A%2F%2Felementsofthinking.com%2Fmobile%2Fregister%3Fref%3Dsafir&dt=Daftar%20Judi%20Slot%20Gacor%20Online%20Terpercaya%20di%20Betslot&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6440
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXZNHN7M8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 05:46:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elementsofthinking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon_f0e32d0f-468f-4c4a-9a1b-160d41153e89_1717670508610.png
api2-bef.imgnxa.com/images/ 3 KB
4 KB 843ms
843ms Other
image/png 172.67.72.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2-bef.imgnxa.com/images/favicon_f0e32d0f-468f-4c4a-9a1b-160d41153e89_1717670508610.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.220 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db56895c0f73ae5463edacc3c67c73587951ce5ff77fac0982135c1ca381f538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Thu, 06 Jun 2024 10:48:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7c2c1313ffb7da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FsD1JOg0P%2FoN4naI4DvjUN%2B4c%2FmxKOWl61vKOOylj14j%2F1sYd5teg8ZAqC2YOYRz%2B5s6M8fjiykvN9dOTlK0IGvBB%2FRF8SzNGs4GTvPUsFytNMFbUnhowHGfqRfDHRAocNCJVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 88fe57a00bf6484c-SIN
content-length: 3567
x-xss-protection: 1; mode=block

POST
H2 200 online Show response
elementsofthinking.com/session/ 56 B
1 KB 231ms
230ms XHR
application/json 172.67.156.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elementsofthinking.com/session/online

Requested by

Host: elementsofthinking.com
URL: https://elementsofthinking.com/bundles/nexus-beta-mobile-js?v=C-4bvBRiwmpZPwIXYcU-dx_Gvunb7bENOEF2QrUZaik1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://elementsofthinking.com/mobile/register?ref=safir
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:46:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DzBm9HCYNXF44VJEwAQ97C%2FDr7uzkC7GcYOon4TbXbsPVxLOwbv5Mg5JJDfGKjSEChHzOwhyL8RanV9EYr%2FjsQhRaSnZqCOfL7rFgSzBfu5rzTNvwsiuujiPhAxJJgFk%2FknSB1r28MW"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, s-maxage=0
cf-ray: 88fe57ad2a9e44ab-SIN
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

POST
H2 204 collect
www.google-analytics.com/g/ 0
46 B 208ms
207ms Ping
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HXZNHN7M8Q&gtm=45je4650v9101809681za200&_p=1717739185886&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2097744801.1717739190&ul=en-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717739190&sct=1&seg=0&dl=https%3A%2F%2Felementsofthinking.com%2Fmobile%2Fregister%3Fref%3Dsafir&dt=Daftar%20Judi%20Slot%20Gacor%20Online%20Terpercaya%20di%20Betslot&en=scroll&epn.percent_scrolled=90&_et=5&tfd=11449
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXZNHN7M8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://elementsofthinking.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 05:46:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elementsofthinking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
elementsofthinking.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2dxtg3nyyczk2ggazeuvg5ed
elementsofthinking.com/	1970-01-20 21:52:11	Name: referral-code Value: safir
elementsofthinking.com/	1970-01-20 21:19:03	Name: register-page-captcha Value: True
elementsofthinking.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: s2bXIN0l61RDvSKmxYlMcxfgBEPS7nVnY8XD9tYi54hUPUFKiC9a6JNR7wtVeZ4DZdDHxN09oIpfKt4dX0KyhS6_Sgs8HgRBIM2GBMUTmmc1
.elementsofthinking.com/	1970-01-21 06:44:59	Name: _ga Value: GA1.1.2097744801.1717739190
.elementsofthinking.com/	1970-01-21 06:44:59	Name: _ga_HXZNHN7M8Q Value: GS1.1.1717739190.1.0.1717739190.0.0.0
elementsofthinking.com/	1970-01-20 21:19:03	Name: AWSALBTG Value: 7j3bHsFRuuQbvg9nJKLzut0h1kNQBVbJH7BPlZ0uEmDgZXvxpzJtbRgDZWXra0thBL3cfNq8U2sZIOre/HeRuvPlYQhb5P/cA+c8DNKMPwVoSxUau2DMfYj1+7dJpIJx45qlq99kJDtnQVSxX+nKmpKhUqrVtIb0t6R+1EEKSvSDmg9CFS0=
elementsofthinking.com/	1970-01-20 21:19:03	Name: AWSALB Value: Vw04f+NgN8GNPqS54aIxYSxy5RHriwePVxEh9SNMuUMT/UQppa/EseMFa2Hz3o0TzqpI092tCzKEj7tM2fC5OFcYvZxGN4LperuCBFzDha2kIcQNxivih1di34ug

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://elementsofthinking.com/mobile/register?ref=safir Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://elementsofthinking.com/mobile/register?ref=safir Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://elementsofthinking.com/mobile/register?ref=safir Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-bef.imgnxa.com
d2rzzcn1jnr24x.cloudfront.net
elementsofthinking.com
mantap.pastihype.com
mudahmaxwin.boats
www.google-analytics.com
www.googletagmanager.com
13.225.0.205
172.67.156.203
172.67.72.220
172.96.191.40
74.125.24.113
74.125.24.97
084358c9358955fe02eb74d0deb92e1f977b3cab47d889600272af039b84e831
0a15c6bc2d90d6e1002fd9285abb74ccae88234f983173d368222134f4599f30
0a7f93a379b32ffa53ffae2745aa22b63aaab46dfdbdc1f8e3fb1b4a5b3ef440
0b589a31a2ef6c004e968304c6c016908dfeca75327489abf162ff40b4c67b6a
0c17faa8980a314620f9c3a3d5467e1b935d17ca2df3e132e6cf1cff72c1725c
1099dfd68d112a502acd147bc0b4e9be8d4fa8c771a7934a89045ffb8d9a219c
13f2d7373d81fd311050464208b62c3d344bca10856574199d64e7b9dc705b50
1737651796767edb71fdc2232e60f4055a4d63e9a8da4e164af3adb897d85153
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
20c39ed251534b397f946806f9d987bdcbe55565b53a213f3e31f0e76728a2c6
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2bb2ca9829f35e448c3c32d4741f3caa174467691fa77ce969edd949d94f7f2b
37a7a3c505f7507306230a2ac59029b708daf55759360fd9a6413926798ec7c1
432aa0cdb01c7eb02afa87497f810c1d5042e0917dcd883de428eee09b30ae21
4570f72c836d3026d2c1e7845db3cafd67b693ff6047f11439979b6b64e763e4
4b985e264e41f1a7d3d1f22f9b1df5bdf0d169e9f276b384873c0d43dc0d61dc
51938e5db139627644e7010c04a26e4c1ca2321eaf4f12b982fd441b0bf96a7d
5421a39d50501ce34da1b8e6626a5ef7c19893b063c922df5262ed9045761195
57bfe64a9fe2b74a063a5e81e4e955b4fbf670496b9e6f9eecce8b5431495954
5a894f68b1ea97058db4e2f84038b1c6417c913d086f9d321e82b2d047f46d92
5cae9625050642c07df974a40b29e7cb6a20e40ae0574841588da7efca490547
613903db9dfa7752e125feb58b27a6a6e3c78fa52d226f196c1d91eb5dbe5f7e
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
803206eac30e7a2b2fe0d8a9cade1e10ff8d7ddd155c1daa6b0d3e08c8fa8de9
8259c7635c55782cd76bf68ecc6cebc83937013b80914bcb63879648564b632a
8382cc804e7f5bf5985d4355f37b57f701fc559c2593a087a5f541dda1d653c8
8527bb3b5596b1a838bf5b11292664bffd7a71116c9fb12cf2d6f016b1f77e76
8aecefd2ebc45bd150f5adc2cba0fe00e5aa751a7fd146e9b4b546ca8b0c0b26
8bcda2c7f871069c7494fc91eff808d7ef047949015a3e131fc635321118e469
8e1361f014aeb56969463c38bc78b94106ad4f10ea354816810bcdac8fee64ea
963afb25d697cf3af04546a81116e0df20985d753956d5a92a0b4584f8d3bc0e
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
98bd89810435518b5d041e1304cb66b9c8ac197b3b6bb4564663efc0f2d9ce88
ad3c7e4023abdcd38b824850c342302d16e1e99101baac59f0fb3f805a26d5ef
afe14aaf70b4e6d72d1405dd5eefb73c469218fa3b140785bd798b5cf51c318e
b0b8b86070ee9f440114873e807b45839fbefb03acca4aa911b4c66712fcb3d7
b7361d10447551d06748c87a7cc5568927be55fdf88666a7245f0fab6c4f0dac
c6846b6208e80958b972c0c2133c2c27909d7dc868e381a736e7e26838f43156
cb212f9fd6cb76a9c28c3b70c846894f0f01ea6034e4df0ac0b14064e1047090
cc38cbe8ff37129fe2e4f8744a3c9496f87a7625430466192bf6e53da10be6bf
ce81652173b93d76518578ef0fc663e9176d2ee6ee9531807db0d62ca6e4d24c
d24a99a784d7de534479c206378dd2171f2859ca293f370bd4570cea883b12c0
db56895c0f73ae5463edacc3c67c73587951ce5ff77fac0982135c1ca381f538
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab4551d6481df2a76ae3436a36526bece746d2aa0960aac2b8add060b08858
f5d06911ad2428743c7145836cd0bbe00bc78de44e0bf68637c98ad2dc9cd3fa
fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f

elementsofthinking.com Open in urlscan Pro 172.67.156.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

2 Countries

2485 kBTransfer

3278 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elementsofthinking.com Open in urlscan Pro
172.67.156.203 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

2485 kB
Transfer

3278 kB
Size

8
Cookies

48 HTTP transactions
0 data transactions