urlscan.io logo urlscan.io
SecurityTrails logo

lewf.tingsight.click Open in urlscan Pro
172.67.197.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFN...
Effective URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Submission: On September 30 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 172.67.197.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is lewf.tingsight.click.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time lewf.tingsight.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.147.46.45 212219 (HOSTINGDU...)
1 45.139.123.50 8100 (ASN-QUADR...)
1 1 172.67.197.28 13335 (CLOUDFLAR...)
1 29 172.67.197.23 13335 (CLOUDFLAR...)
3 172.67.150.30 13335 (CLOUDFLAR...)
32 3
1    45.147.46.45 (Turkey)

ASN212219 (HOSTINGDUNYAM HOSTING DUNYAM, TR)
PTR: mail.montajokgcc.com
language-tool.egemenc.com
1    45.139.123.50 (Ashburn, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
krakenvent.com
1    172.67.197.28 (United States)

ASN13335 (CLOUDFLARENET, US)
sumoned.click
29    172.67.197.23 (United States)

ASN13335 (CLOUDFLARENET, US)
lewf.tingsight.click
3    172.67.150.30 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-elevostra.com
Apex Domain
Subdomains		 Transfer
29 tingsight.click
lewf.tingsight.click
737 KB
3 trk-elevostra.com
event.trk-elevostra.com — Cisco Umbrella Rank: 653733
1 sumoned.click
sumoned.click
651 B
1 krakenvent.com
krakenvent.com
423 B
1 egemenc.com
language-tool.egemenc.com
303 B
32 5
Domain Requested by
29 lewf.tingsight.click 1 redirects krakenvent.com
lewf.tingsight.click
3 event.trk-elevostra.com lewf.tingsight.click
1 sumoned.click 1 redirects
1 krakenvent.com
1 language-tool.egemenc.com 1 redirects
32 5

This site contains no links.

Subject Issuer Validity Valid
krakenvent.com
R10		 2024-09-04 -
2024-12-03		 3 months crt.sh
tingsight.click
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
trk-elevostra.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Frame ID: E7AAFF105B0ED7F79E1B829FE589E76C
Requests: 29 HTTP requests in this frame

Frame: https://lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 673EFF20E4958762D6A53FC6E80C5EC8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Online Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZ... HTTP 307
    https://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZ... HTTP 307
    http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZ... HTTP 302
    https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt Page URL
  2. https://sumoned.click/35181101/375804/95e8c4c8a3e0595446d50a7566a67c39x/123517942902/140403 HTTP 302
    https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

737 kB
Transfer

1663 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 307
    https://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 307
    http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 302
    https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt Page URL
  2. https://sumoned.click/35181101/375804/95e8c4c8a3e0595446d50a7566a67c39x/123517942902/140403 HTTP 302
    https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 307
  • https://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 307
  • http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__ HTTP 302
  • https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
Request Chain 26
  • https://lewf.tingsight.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0_0_512_7252_mt
krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/
Redirect Chain
  • http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__
  • https://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__
  • http://language-tool.egemenc.com/YitFN1BGblNvc29pTDhNWWJwMXpsMFkyUXRoRyt0MTE1VktQek10d2JKTVR5bUZoSVpkREtXdmtZQnMwd0VQRit2bkl3MFFNVkhUTUQ1Y2xDclUxbHc9PQ__
  • https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
154 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.139.123.50 Ashburn, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 00:09:35 GMT
server
nginx/1.12.2
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Sep 2024 00:09:34 GMT
Keep-Alive
timeout=5, max=100
Location
https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
Server
Apache/2.4.41 (Ubuntu)
Primary Request wzts
lewf.tingsight.click/luzl/thev/gtzt/
Redirect Chain
  • https://sumoned.click/35181101/375804/95e8c4c8a3e0595446d50a7566a67c39x/123517942902/140403
  • https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Requested by
Host: krakenvent.com
URL: https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f85fd2086bc9e77c788121c879e51f32188ee9cc5ff80acccc3efdc1c5ce6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krakenvent.com/0/0/0/3fba9b4ffb2ddf3bdb57b87399c07c27/1/0_0/0_0_512_7252_mt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8caffc383ca9ab07-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 00:09:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S95lXkxch3%2BfkdgghIsQlLkXmkUPb%2FMds7LW1xCNy6Dlp3TIHDdKngCgIDopmh8XdNYuiNC61S8DgfvpV7PWdPQKSupSLCWwEBDoJFVmNOCsd2QTI8oR7s5HTSvPsNbSMmVUVNRQkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8caffc305b56a979-SYD
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 00:09:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqGVS4dUQbCfvUvl%2Fj%2BpmxQrNiwp66i8VkrfwVVPYQiSmJtljyi2%2BnwEJDmMPz7uAeVfou%2Bmyya94DMZ5di48ccCfEwEtg0LpoLjE1eRYLdPBFqMnzVVS1eHuk36TRkG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
speculation
lewf.tingsight.click/cdn-cgi/ 		128 B
549 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lewf.tingsight.click
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pN9lnpYojl5tm7IHcaX1S%2FCP9ky5111mQeVTaaOTLOsxIYxyFUwBsTH609ZY5bujCydNBMB1KVmdPSJo%2BzjchDXQQdgKdcpYZeUIHOiFlRDAimdvZW4K8q3XNYIIbYm6LkxEg27gjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caffc425dd9ab07-SYD
access-control-allow-origin
https://lewf.tingsight.click
content-length
128
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
bootstrap.min.css
lewf.tingsight.click/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

content-encoding
br
cf-cache-status
HIT
age
16018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19M4lIT8GtJBpCCg0kKBzPNbRIn4a4k6vftx4oZutXG5Df587NX2%2BA%2F77IGCBu7gY8Ah6%2B4BI1PNEqz9v0mIUBqfuCySLJNKp7431%2BJ7K8xyCyNLQYttkINycbXqKg2JutHAcEbwMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:40 GMT
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
text/css
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc425ddcab07-SYD
x-xss-protection
1; mode=block
server
cloudflare
all.min.css
lewf.tingsight.click/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

content-encoding
br
cf-cache-status
HIT
age
16018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1%2Bjq3ClBvTcFzfGYVVcNE4P7hCAkNKypi2h8uLAJcDvpMaAwUJ%2FPVn4camw1EO6TuDE%2BYRveJzT5ghzU9S7dxU98lpqU9H7AFZdFRr18214EDApgzz%2BDCul%2FMaHmkofw5NjM9CBig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:40 GMT
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
text/css
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc425de1ab07-SYD
x-xss-protection
1; mode=block
server
cloudflare
common.css
lewf.tingsight.click/assets/css/dublin/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/css/dublin/common.css?v=8cfeceff7ec3446e7199b3fe49caafd6
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f786031b0170922ad2f2041e42cfd52f4d3329e3524ce1e196313623f2d9aaed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2Fvdxoi%2Bs2GiU8Nz%2BrPbHU9LFQ%2FLq8pama1jZD010CovJvoCGIO5%2F%2B2ByLRMqprM8y%2FtSK62lBSd7zOjGPDTgUw9cCYe9GTyWtFi7BloaGmpYdVNIA0KhZhdPRhf5B%2F%2F2tl91ryE6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc425de2ab07-SYD
expires
Mon, 07 Oct 2024 00:09:39 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Tue, 24 Sep 2024 19:06:34 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
msg.v3.js
lewf.tingsight.click/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/inc/msg.v3.js?66f9ec42790a2
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ebb4897369c139eb47377fef8c5508e8ba36f40bebcc016f9bef3639d28a506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KNHj0wF9kuouZ1FK%2FVwuxwP4QLkfcGf7ZOFlj10Ub5Sp0iWkglURvt7Anxg19zMx3cEeTHEHa4sv1kJTpAZbBsfpJkPKzSh2SNy%2BpNlYQJfGiQZL1Bpa0zk4Egv1lcEpIJuMkCFxtw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc425de4ab07-SYD
expires
Mon, 07 Oct 2024 00:09:39 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 14:00:38 GMT
vary
Accept-Encoding,User-Agent,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
871c3bdbf465fd6cb78e9603b36a7563.png
lewf.tingsight.click/fim/4316-AU/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/871c3bdbf465fd6cb78e9603b36a7563.png
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb7e43cb85192f97f8cf23a0f17af232654404cb6dc8563f962d448ae2b2fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqMVcmaJiTMIrjJdb07%2BP2Nriym%2BFUfZ7g%2FNmUulsOTErtu9Vb19gWFmcTS5Jg%2Bb299yp4Nl3LlmlKS3OowtPNSzA3q7Oxn7PBELi8bIvOHk9kuOt1uAtOs7erSCOjQWcLLp26dHSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 00:09:39 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 00:09:38 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc425de7ab07-SYD
accept-ranges
bytes
content-length
34510
x-xss-protection
1; mode=block
server
cloudflare
f91baa5bcada467e6ad2eda2f6dc7f78.png
lewf.tingsight.click/fim/4316-AU/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/f91baa5bcada467e6ad2eda2f6dc7f78.png
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc63c941fa5a58fc9545eaa30ea675f104e7f741a765d547a3929073217bcbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
16017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWsz7yqTKp0XLSxCA4rYq0rLXiDt8oTRm9nRoZGrAGJMl5snJMWTHqSowudbCS6Sf9Xy9w5klFp7lVVKgCvaSVnrgb2qK0yFcprPjAqZqOTHEmqGYuceknvlXn8D%2BghczCDuSkGeIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
image/png
last-modified
Sun, 29 Sep 2024 11:06:09 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc426df0ab07-SYD
accept-ranges
bytes
content-length
2897
x-xss-protection
1; mode=block
server
cloudflare
4692cd2d57f5b20c1b502e1b3b65e7ae.png
lewf.tingsight.click/fim/4316-AU/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/4692cd2d57f5b20c1b502e1b3b65e7ae.png
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
16017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9R6ohK7ZmeWFi7Crjlt5KVHfeoM6mEHLu851ouS1SietynDOXo91TweG834Oo8KQ1TQyp7AsGSw%2FFkklzY2d%2Fnqm14z9A08QFNc6Q38lNlajdX%2BE6C8Bj6d8JAx%2FZLPxMS9Dek8hw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
image/png
last-modified
Sun, 29 Sep 2024 19:42:39 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc428dffab07-SYD
accept-ranges
bytes
content-length
129897
x-xss-protection
1; mode=block
server
cloudflare
email-decode.min.js
lewf.tingsight.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66f525c6-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5uEZXM%2FBbqhxxI3mK%2BGLXityEf8ZAgVqtlNtBi26ZNH8YP4PEQ1FwKhzOcR6Tv01OvuPPvNR6fZb5T0TNAVa%2FfV3sewa%2F8%2ByeE0CfIgbjq932KsqWMsAJJrQGC%2Fx3R9R0uATc78BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc42be39ab07-SYD
expires
Wed, 02 Oct 2024 00:09:39 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 09:13:42 GMT
server
cloudflare
vary
Accept-Encoding
jquery-3.4.1.min.js
lewf.tingsight.click/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

content-encoding
br
cf-cache-status
HIT
age
16018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdGdWJ4%2Fri1TmxPvxlPaIoy2TSi4vVZkY2Z59Xch5eXQWdQvOfhR9hLZ%2FhgAkcOiEl0bkDBsFBFeW5diffZf7VbzV0vXKHfVI26rtH%2FlOXq%2F4xo0aqt%2FV5XV5ivFAMOXegvLCS2b0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
application/javascript
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc42ce46ab07-SYD
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.min.js
lewf.tingsight.click/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

content-encoding
br
cf-cache-status
HIT
age
16018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9ZrkgXfHsU59YDPXLwtr7gZE7TjkJNGjJTNKD0gAQgpqIJ1DyCaNTW%2BsAEkYb14Uza%2BE8SE%2FF0hR2v5F3ejMSDg6DSWnVVoN6vyXBHY30mHlkmux3i9H5fBP%2FHBY%2B50p0OmgH112w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
application/javascript
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc42fe6cab07-SYD
x-xss-protection
1; mode=block
server
cloudflare
functions.js
lewf.tingsight.click/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/js/functions.js?v=8cfeceff7ec3446e7199b3fe49caafd6
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ch3Zhp3k9OMbPlFbQlIGDfA5wFiHHijaF%2BN7ns6uenX6Ub8pQAalDY093hOg%2FNTrxrhzD3EQxCmNYSEN%2BYVCNwVmB9Wzkf4Hrm77IcPwfFHQ5%2B4l6mGYyHkjiSTfVYPJY9RIQAdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc431e93ab07-SYD
expires
Mon, 07 Oct 2024 00:09:39 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 19:17:35 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
gbvar.js
lewf.tingsight.click/assets/js/ 		41 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/js/gbvar.js?v=54
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d701bc839d0e45766710864418e103c5d7ab3d26cda438fc73f006095ea33357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
5172
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkTz5bGtEuFCLXOUZY7qCaw9H36D4HsJgNLbzoa1pVrytrBtCD%2B8r1X4RzDXKVcKpdkkF1XNUTmkvbCYxIY2Wnxx8xCmHcK0CehTv%2FoR3mbINpYmOydYUcV7kiC%2FwFe7tf%2B5bUkN%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 22:43:27 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 21:04:42 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc472a80ab07-SYD
accept-ranges
bytes
content-length
41
x-xss-protection
1; mode=block
server
cloudflare
intl_functions.js
lewf.tingsight.click/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/js/intl_functions.js?v=8cfeceff7ec3446e7199b3fe49caafd6
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dcmoJ4qO9LWsMFD5CDMjwdfaF9ilo2zvC0VwIPEnPVFOaJGNCBoDp%2BezSKMhHK6rM9hdeUKbD4KgOOG1wYi5AcQnsttdgKfSpqcbkU6DTES%2FLOODoEWLpa8HVOgdga%2FVPL9dDtqgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc473a9dab07-SYD
expires
Mon, 07 Oct 2024 00:09:40 GMT
date
Mon, 30 Sep 2024 00:09:40 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Mon, 22 Jul 2024 19:31:48 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
common.js
lewf.tingsight.click/assets/js/dublin/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/js/dublin/common.js?v=8cfeceff7ec3446e7199b3fe49caafd6
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e8c411eedceb467fcf885c0ed9617899767374c013aa2e08494de528a811d88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDAcxrhYXvCOzzXCPBrBrRskJZXPeUcj0oHdsO4vqKtlW1un9MoSEc%2FWx3zrPRMYKzj6aQ4AnGXMOSCcuWbqdaZ1YpNi4FcTa%2FZv7%2B62qx%2BuSqM8mdNShKVvz2eUIdKcaCIO3QVJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc47cb86ab07-SYD
expires
Mon, 07 Oct 2024 00:09:40 GMT
date
Mon, 30 Sep 2024 00:09:40 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 19:06:34 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
v9e118mez8.js
lewf.tingsight.click/inc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/inc/v9e118mez8.js
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/inc/msg.v3.js?66f9ec42790a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

content-encoding
br
cf-cache-status
HIT
age
16016
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsxIBhDqvOiUPg7IndrpMAJUOO1TZ3yqDFDYs86zr92FRICP52Qnk1wjSRj5KlXafgpbST0XYf60QtgeXVM5WlYFfpPSf9Xe5pAkGzB5JDmIR5bX837JeBlqF2t2yf1hDtoAgAZ3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:43 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 23:25:24 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc47cb87ab07-SYD
x-xss-protection
1; mode=block
server
cloudflare
4692cd2d57f5b20c1b502e1b3b65e7ae.png
lewf.tingsight.click/fim/4316-AU/ 		127 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/4692cd2d57f5b20c1b502e1b3b65e7ae.png
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
16017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9R6ohK7ZmeWFi7Crjlt5KVHfeoM6mEHLu851ouS1SietynDOXo91TweG834Oo8KQ1TQyp7AsGSw%2FFkklzY2d%2Fnqm14z9A08QFNc6Q38lNlajdX%2BE6C8Bj6d8JAx%2FZLPxMS9Dek8hw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:38 GMT
content-type
image/png
last-modified
Sun, 29 Sep 2024 19:42:39 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc428dffab07-SYD
accept-ranges
bytes
content-length
129897
x-xss-protection
1; mode=block
server
cloudflare
fa-solid-900.woff2
lewf.tingsight.click/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lewf.tingsight.click
Referer
https://lewf.tingsight.click/assets/vendors/fontawesome_pro/css/all.min.css

Response headers

cf-cache-status
HIT
age
16018
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQ7%2BkbfTgQfX4jys%2BdfHsfWEqFcHb9KlW2MPSWyGTgCoBV58eLpC4gJZJphlZeZHRiMxpG0rJv1WTUBVLmMdzQ5fIWrkKdh9%2F7XFvQGyzWZg5fugy1yP8J2WQu7m9aH1PQBBU1imyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:41 GMT
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
font/woff2
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc47fbaeab07-SYD
accept-ranges
bytes
content-length
327824
x-xss-protection
1; mode=block
server
cloudflare
/
lewf.tingsight.click/ 		41 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/assets/vendors/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHUHGlbeIaxXhuw9d5pwC5MVOGNdxxJIxTQRmI18AL0uxZIQLCbwIz5HKzLXTGqshZF%2BtiMYmJzaHxGPVJ%2FQnmOzaba1uLW43TfP3BNYyTKmV7QFZs8RSfM3qiooq6TGsbkc%2Bq01Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc481bc7ab07-SYD
expires
Thu, 19 Nov 1981 08:52:00 GMT
x-xss-protection
1; mode=block
date
Mon, 30 Sep 2024 00:09:40 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
server
cloudflare
x-frame-options
SAMEORIGIN
v9e118mez8
event.trk-elevostra.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lewf.tingsight.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8caffc496b9d5745-SYD
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 30 Sep 2024 00:09:40 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B46M78saQlL0S7%2BeRD4O5RFmMFv9sJrDtZ4PBEIyzTuPwpa%2F8p13WSYEqYYdrtKJ1TaBuMmmmRSrnxCk%2FOxiS1SxnTR8efMWDwz1GOSdSOixYHbUbgYvstNIoHeM46EJLbwzEjgBkU2NCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/inc/v9e118mez8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://lewf.tingsight.click/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ix3MHiW2XBVyGsRP3B%2BfVtq0HLVfHVDogixoXdy6vlRArXUJY%2F3gtoVX%2B%2FC3VFpY8AMNyxG59bO2XGjaz26CewWIlJ4oZM0DYrC5vWkD7BywxBCMatYM8zKUzQDCjKYBhIzfGQmGS7%2F5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
date
Mon, 30 Sep 2024 00:09:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8caffc4eb8d85745-SYD
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
9ac8e6787efae071db69bba0f8f02d4f.jpg
lewf.tingsight.click/fim/4316-AU/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/9ac8e6787efae071db69bba0f8f02d4f.jpg
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67df5d4b8c39116066291b09e9ed074107235a446a8fb93c1cef86e784d4b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7suEjHEeL1DtQMewHOesC4TApbRLW2%2F3%2BdGOyM0gAxi3sEUAG0ZF8Iu9vXPEUn6NPR1uMVmxjWxMn%2F7hhBnrJryn95jgv3qCXwUT27N1GVvdfuYiC3Y55sKb%2FEnyB%2BNAIa5ZXlZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 00:09:41 GMT
date
Mon, 30 Sep 2024 00:09:41 GMT
content-type
image/jpeg
last-modified
Sun, 29 Sep 2024 11:06:09 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc4d38ccab07-SYD
accept-ranges
bytes
content-length
3746
x-xss-protection
1; mode=block
server
cloudflare
ccdf90d1bcf29eae4ff642c273790796.jpg
lewf.tingsight.click/fim/4316-AU/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/ccdf90d1bcf29eae4ff642c273790796.jpg
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FxUAcdqNuGTmneDUB0UAe8WVVIiFsQv1VBzPtSZudMSD5wZ60uagpoMRrQ9NVv33NlDJmtiGkR3jFYT7tu9rzyn%2BgBoWJZsf40aZaWNhti%2FMmqVt38yA1G3k%2F2%2B1n%2B0pYcXFP9kXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 00:09:41 GMT
date
Mon, 30 Sep 2024 00:09:41 GMT
content-type
image/jpeg
last-modified
Sun, 29 Sep 2024 11:21:06 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc4d38cfab07-SYD
accept-ranges
bytes
content-length
1855
x-xss-protection
1; mode=block
server
cloudflare
2412a2b1ed0369824b7d0ba7d4ea928b.jpg
lewf.tingsight.click/fim/4316-AU/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/2412a2b1ed0369824b7d0ba7d4ea928b.jpg
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904426131894370992ab9930bd6e618ba60b91119ed15e63b66e2fe91c3edf1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
13189
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgTvvLJYC7LTj826CYYYcIMcwXCdtS7%2FAKMJv5dpunB9nO7LYOZs7J7rSxqsc3v6xZpy8u1zZEKbZi1VESH5PsXoD5ZescIhfsXaWjWINzcRc8zEq%2Biq0NrRt1w5k0%2BFdxEaUf%2BPTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 20:29:51 GMT
date
Mon, 30 Sep 2024 00:09:40 GMT
content-type
image/jpeg
last-modified
Sun, 29 Sep 2024 19:42:39 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc4d38d0ab07-SYD
accept-ranges
bytes
content-length
13827
x-xss-protection
1; mode=block
server
cloudflare
b59e40a0689f0346058b093c47a5e8ca.jpg
lewf.tingsight.click/fim/4316-AU/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/b59e40a0689f0346058b093c47a5e8ca.jpg
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCOY1Z%2FHF3M7Nkhg41MjeThUgkcN92HmoyHIz%2FU9iIQ0yteCJwWirLt%2FshpIkpcRD4MPG%2F9dwiQrVx27ZsIxDVNv853F8ctBNosanLU8q8aRBAN9RBhGI37xltO76SXtmCePgR4A9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 00:09:41 GMT
date
Mon, 30 Sep 2024 00:09:41 GMT
content-type
image/jpeg
last-modified
Sun, 29 Sep 2024 11:14:46 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc4d38d1ab07-SYD
accept-ranges
bytes
content-length
1998
x-xss-protection
1; mode=block
server
cloudflare
main.js
lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 673E
Redirect Chain
  • https://lewf.tingsight.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94932b1611d6f36ea3a828f5b040d26afc82659cfe441b042896a5bc458d161c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLLiviEWe6St3LxeI4L%2FC9TRCLP2FcCwCviGCWkUZGRN%2Bf48LEB3DQPhXa%2BU%2FnSNOkZJr0V%2FeVJ4G6V6HXouBr7%2FhgGka45FM0Ie23ZSTM9rozTu4NhjG6n1RGJ0eX1WGgP8sd1NgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8caffc4d48dfab07-SYD
date
Mon, 30 Sep 2024 00:09:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lTSmQxeuqwXzDfoTnjBBn8vp9bK9ENmrGVwWJKdRuck1FzHFzu8N8Qu0Tqi17y6%2FxXRTEMj3RkBlhq87v2TxNPRHkDw%2BPr8nzHyoPNdpINriDPkmARHEphs2R3biEBLOEHWIRz2DSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caffc4d38d2ab07-SYD
access-control-allow-origin
*
content-length
0
date
Mon, 30 Sep 2024 00:09:40 GMT
vary
Accept-Encoding
server
cloudflare
871c3bdbf465fd6cb78e9603b36a7563.png
lewf.tingsight.click/fim/4316-AU/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewf.tingsight.click/fim/4316-AU/871c3bdbf465fd6cb78e9603b36a7563.png
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb7e43cb85192f97f8cf23a0f17af232654404cb6dc8563f962d448ae2b2fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqMVcmaJiTMIrjJdb07%2BP2Nriym%2BFUfZ7g%2FNmUulsOTErtu9Vb19gWFmcTS5Jg%2Bb299yp4Nl3LlmlKS3OowtPNSzA3q7Oxn7PBELi8bIvOHk9kuOt1uAtOs7erSCOjQWcLLp26dHSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 00:09:39 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 00:09:39 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 00:09:38 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc425de7ab07-SYD
accept-ranges
bytes
content-length
34510
x-xss-protection
1; mode=block
server
cloudflare
8caffc383ca9ab07
lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 673E 		0
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/cdn-cgi/challenge-platform/h/g/jsd/r/8caffc383ca9ab07
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8caffc4dc956ab07-SYD
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
0
date
Mon, 30 Sep 2024 00:09:40 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKrlrnHR4l%2BJ6VMIYOzeRRw%2BCPDYJ5bO6mu4%2F77CJp%2FM5Q0bAXRiRsAjOEzQcLC%2BhFybdqHBXhg4WC1KkS%2B8ebsja76kDwo8%2FjVgOUuuYRUqacH3B2KOIp8YyqLHWb6AV1XXVymtjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
favicon.ico
lewf.tingsight.click/ 		0
488 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lewf.tingsight.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.197.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078

Response headers

cf-cache-status
HIT
age
16017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARuAhB0QLoKNG7qdxYym6PK8LUVc7%2FuPo3POLps%2FTJ4AJcZm5gYcV28oxOHcVE6C5U8VNJPElvgykiX2G%2FlOPaUIM0efin1NljWIvSZWxMcweAIRUZ4aPAQsJKIuOJYrd5Z4e1v6yA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 19:42:44 GMT
date
Mon, 30 Sep 2024 00:09:41 GMT
content-type
image/x-icon
last-modified
Thu, 26 Sep 2024 20:32:29 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8caffc515cc8ab07-SYD
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: lewf.tingsight.click
URL: https://lewf.tingsight.click/inc/v9e118mez8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://lewf.tingsight.click/

Response headers

access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrAyQknpwLw8G3j%2FHODXCS8F%2BSZESCBWCG334svuexcvTmUCQIZ7nk0Lz78xv7BrE71EvL%2F7b4brxFgQiIYdO%2F4oaMrStYUXs8v6QuJqRxxyOOgWcPewAUX97gkMvJRXVmQcBUwcFjmXOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
date
Mon, 30 Sep 2024 00:09:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8caffc520bdf5745-SYD
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint function| $ function| jQuery object| bootstrap function| datehax function| startTimer number| duration string| popUrl function| getPopUrl string| rightnow object| currentdate object| months function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| PDN string| FNP string| attrChoices string| domain string| pipeline object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| validateEmail function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder number| box_trying boolean| oneclick function| formatPhoneNumber function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| checkedList function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU function| count_p function| _saveProduct function| mfq_tags function| fadeInImgModal function| lazyLoad function| lazyLoadStartSurvey string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| cityURL string| stateURL string| languageCode string| countryCode string| questiontx string| of string| prod_var string| pname_modal function| cheers

4 Cookies

Domain/Path Name / Value
krakenvent.com/ Name: uid1404
Value: 1235179429-20240929200935-6da1dbcba0e792e3e199fbf1e1ea6419-3758
sumoned.click/ Name: PHPSESSID
Value: 5ed95c879d0dfe872a43b0c65cb46270
lewf.tingsight.click/ Name: PHPSESSID
Value: 2d5b319484f6940ba1d976b7236497ac
.tingsight.click/ Name: cf_clearance
Value: _mlcnrdhT09OCJcMfS6d3aBjamLxygp2GSQ9dDmbgpA-1727654980-1.2.1.1-xImXH8GgQWRFpg1Qmu9EHkgIAiai99dgPeAxLm3XDp8aNLwe6RxvIVb1WpkhWWyXR9fG0mB6d7DzwQ5ihlcLbG510MZYmP0QonsUaskqyFCMGdokzQDsrNONF_cjYoOowUZXcxg8twd8Ss_0wDQTWO68rtdcsWWW4fTflZwVV7D6coCtLo4UYzH73TgzX_IK8dyPwlBqPiF_2KZTrgK1he9_52hE0hoodfRRZrhk_OiXQvKoyegAqnZGmDzIj2_aTANV1AD2KQuplTa8aYGOzY08i.oZt3rInyMyEbrrTDww7oXxWdfo.3kRlr0CUP7QeXNB10nu.B4Y600MvH4Qa4VERgapB0iDW6gaJsrdqVRfpIif5PAkYI0z3W8x.ci0

1 Console Messages

Source Level URL
Text
other error URL: https://lewf.tingsight.click/luzl/thev/gtzt/wzts?60ded077987fa2bb203d086fba5ce078
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-elevostra.com
krakenvent.com
language-tool.egemenc.com
lewf.tingsight.click
sumoned.click
172.67.150.30
172.67.197.23
172.67.197.28
45.139.123.50
45.147.46.45
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1e8c411eedceb467fcf885c0ed9617899767374c013aa2e08494de528a811d88
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
44f85fd2086bc9e77c788121c879e51f32188ee9cc5ff80acccc3efdc1c5ce6f
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4cb7e43cb85192f97f8cf23a0f17af232654404cb6dc8563f962d448ae2b2fe9
5ebb4897369c139eb47377fef8c5508e8ba36f40bebcc016f9bef3639d28a506
67df5d4b8c39116066291b09e9ed074107235a446a8fb93c1cef86e784d4b670
904426131894370992ab9930bd6e618ba60b91119ed15e63b66e2fe91c3edf1e
94932b1611d6f36ea3a828f5b040d26afc82659cfe441b042896a5bc458d161c
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
d701bc839d0e45766710864418e103c5d7ab3d26cda438fc73f006095ea33357
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f786031b0170922ad2f2041e42cfd52f4d3329e3524ce1e196313623f2d9aaed
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
fc63c941fa5a58fc9545eaa30ea675f104e7f741a765d547a3929073217bcbe4