urlscan.io logo urlscan.io
SecurityTrails logo

lvregion-net.preview-domain.com Open in urlscan Pro
2606:4700::6812:1878  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qrsh.at/387?/meme/3770637
Effective URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Submission Tags: phishing
Submission: On June 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:1878, located in United States and belongs to CLOUDFLARENET, US. The main domain is lvregion-net.preview-domain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time lvregion-net.preview-domain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.214.197.69 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
18 2606:4700::68... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
18 preview-domain.com
lvregion-net.preview-domain.com
152 KB
1 eazy.co
eazy.co
786 B
1 qrsh.at
qrsh.at
334 B
18 3
Domain Requested by
18 lvregion-net.preview-domain.com lvregion-net.preview-domain.com
1 eazy.co 1 redirects
1 qrsh.at 1 redirects
18 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Frame ID: 5E28F64F87E5E835A8EFDBC346C18862
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://qrsh.at/387?/meme/3770637 HTTP 302
    https://eazy.co/abUi9?/dvspopdsvopvdsopvdsop HTTP 301
    https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL
  2. https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL
  3. https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

152 kB
Transfer

244 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qrsh.at/387?/meme/3770637 HTTP 302
    https://eazy.co/abUi9?/dvspopdsvopvdsopvdsop HTTP 301
    https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL
  2. https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL
  3. https://lvregion-net.preview-domain.com/tgf/Et/Home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://qrsh.at/387?/meme/3770637 HTTP 302
  • https://eazy.co/abUi9?/dvspopdsvopvdsopvdsop HTTP 301
  • https://lvregion-net.preview-domain.com/tgf/Et/Home/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lvregion-net.preview-domain.com/tgf/Et/Home/
Redirect Chain
  • https://qrsh.at/387?/meme/3770637
  • https://eazy.co/abUi9?/dvspopdsvopvdsopvdsop
  • https://lvregion-net.preview-domain.com/tgf/Et/Home/
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ded72edacf5029914164db0acee8d257b012fe50e649723018fcf314ebdb057
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
lvregion-net.preview-domain.com
:scheme
https
:path
/tgf/Et/Home/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:07 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
0ab24dac3700004ec7a917a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65fd7ef38e114ec7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 15 Jun 2021 17:25:07 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
set-cookie
PHPSESSID=5599c9e493b46c5c1c27204b9ebd9044; path=/ short_abUi9=1; expires=Tue, 15-Jun-2021 18:00:44 GMT; Max-Age=1800; path=/; HttpOnly
location
https://lvregion-net.preview-domain.com/tgf/Et/Home/
cf-cache-status
DYNAMIC
cf-request-id
0ab24da62200002bad9ca3a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ThgM%2B3BqQL5hqvaKLaYkCp5N55Bcnx5pfUGEkAagnKV%2Fm80KBg1RjTD2Xrh1J04AD9P%2BW5gHzpHTbaPhDnyDMwKa6Kx%2FHBbtfi4wL0REmLTbCYXUYaRqKGwf6hoKOkzP%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65fd7ee9cc212bad-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
v1
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7ef38e114ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3033e403869dbf60d5691b78c93972d10e27f45f5744a67c6b2bec722bc2e17d

Request headers

:path
/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7ef38e114ec7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:07 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
65fd7ef3ea004a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dac7500004a6ed88db000000001
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/ 		42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7ef38e114ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7ef38e114ec7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7ef3e9f94a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:07 GMT
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7ef38e114ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7ef38e114ec7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7ef3e9fe4a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:07 GMT
b884ef36f3bf6e6
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/ 		34 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/b884ef36f3bf6e6
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7ef38e114ec7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2518454cdea781a49c65930b8c842f58b3cad1ddba9f30c05cc1801c473d3839

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
cf_chl_2=b884ef36f3bf6e6; cf_chl_prog=e
content-length
1997
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/b884ef36f3bf6e6
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
b884ef36f3bf6e6
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
b884ef36f3bf6e6
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:08 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_b884ef36f3bf6e6=da86480ff239f16;SameSite=Strict;Secure;HttpOnly
cf-ray
65fd7ef4dc254a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dad0500004a6e0c8bf000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e5e6f9d743757d9081519ce7b30dc26cff0b0231d6e65d24812d556f43d6319

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
b884ef36f3bf6e6
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/b884ef36f3bf6e6
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7ef38e114ec7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fe1501a3db5917f3c86904bfd7486860e9ba3d96d6968df758d3b5627596a2

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
cf_chl_seq_b884ef36f3bf6e6=da86480ff239f16; cf_chl_2=b884ef36f3bf6e6; cf_chl_prog=a6
content-length
18354
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7005702439596433:1623775881:44f0a63eb2d70461b71b68b507c7a19b5c0cef1dcab5291802996b4bfe55f221/65fd7ef38e114ec7/b884ef36f3bf6e6
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
b884ef36f3bf6e6
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
b884ef36f3bf6e6
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:09 GMT
content-encoding
gzip
server
cloudflare
cf_chl_out
YvUtGDw7wuTXpqkAjOn7C5KfIpDrJucsqCsHUD/e0e/mSqYqH2tx0QbXV2h8NtEOuwdHRI+qHKT+iWPRv7yJRc20+aPG2M+30TL+TAeIckQV4T9YBV8KKHVuVmvPwOrGu0PSknxpvNKoaFX94kJIqK3kYfyxMY0FhRRLzJdeofw=$BGkHRzxObnrZiPThRrK7Ew==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_b884ef36f3bf6e6=;Expires=Mon, 14 Jun 2021 17:25:08 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray
65fd7efb2d8b4a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24db0fc00004a6e3e06e000000001
/
lvregion-net.preview-domain.com/tgf/Et/Home/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/tgf/Et/Home/
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a33b9f0e83d9a96b93af0ec16eb01c0cd6f34db10d8d73e2711c6a650f5e15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
lvregion-net.preview-domain.com
:scheme
https
:path
/tgf/Et/Home/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cf_chl_prog=F9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/

Response headers

date
Tue, 15 Jun 2021 17:25:11 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
0ab24dbc8b00004ec7ca212000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65fd7f0dae524ec7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
v1
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f0dae524ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3422ec16295397f4728ba302aa57e99e8aa86c00ffbcb776444bf909ed79dc2e

Request headers

:path
/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f0dae524ec7
pragma
no-cache
cookie
cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:12 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
65fd7f0dd9604a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dbca800004a6e2612d000000001
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7f0dae524ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7f0dae524ec7
pragma
no-cache
cookie
cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7f0dd9634a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:11 GMT
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7f0dae524ec7
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7f0dae524ec7
pragma
no-cache
cookie
cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7f0dd9654a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:11 GMT
496333d66f3e330
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/ 		39 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/496333d66f3e330
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f0dae524ec7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b3fcb748c5c12b5253d38c80195ade64a910c248686cc9287c9db67b352d4a

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
cf_chl_2=496333d66f3e330; cf_chl_prog=e
content-length
2002
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/496333d66f3e330
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
496333d66f3e330
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
496333d66f3e330
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:12 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_496333d66f3e330=f6de61363d25898;SameSite=Strict;Secure;HttpOnly
cf-ray
65fd7f0e4b234a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dbcf000004a6e2d0ec000000001
496333d66f3e330
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/496333d66f3e330
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f0dae524ec7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f41765e9f6f1da3addd59f345fc38099807f139cba7ebc48fdeb860779c8e4

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
cf_chl_seq_496333d66f3e330=f6de61363d25898; cf_chl_2=496333d66f3e330; cf_chl_prog=b0
content-length
18787
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.23156306233668011:1623775885:e9887c7c5243b26f8952d7ec0194944192007a5d821c67f85e21240f1f2618b5/65fd7f0dae524ec7/496333d66f3e330
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
496333d66f3e330
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
496333d66f3e330
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:12 GMT
content-encoding
gzip
server
cloudflare
cf_chl_out
DpUcr8j351lPLTcVi9Cl0RAaROdCr1PXZ4Jmj11asJ2tRuBV3AZ+IMJujaQwJNJYLK1wG6yu3oZK0NgvbRij01BruvzuNSMe1oq5UGnKz1s4PbkTRBW5o7Y9L4RcX3uDBwSPrcjaQrO9ORk0Jz9SyQb3FitKFpnQG2vGqmJtey8=$uCp/rgAQJ4dLwU2hcFqKbg==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_496333d66f3e330=;Expires=Mon, 14 Jun 2021 17:25:12 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray
65fd7f110a974a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dbea400004a6eef961000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
Primary Request /
lvregion-net.preview-domain.com/tgf/Et/Home/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/tgf/Et/Home/
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f63a2f0c92a7bf043ca68a5870fbfdd7e61abd40cf665590fd2ddc1a6ac2f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
lvregion-net.preview-domain.com
:scheme
https
:path
/tgf/Et/Home/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cf_chl_2=496333d66f3e330; cf_chl_prog=F9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
0ab24dcc7b00004a6e00355000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65fd7f272f6e4a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
v1
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f272f6e4a6e
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0137d60ddfa5e36cf619972b2cf54b94750f8da2df69493fa266a3bec8c9d38e

Request headers

:path
/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f272f6e4a6e
pragma
no-cache
cookie
cf_chl_2=496333d66f3e330; cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
65fd7f275fcb4a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dcc9200004a6edb0ab000000001
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7f272f6e4a6e
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65fd7f272f6e4a6e
pragma
no-cache
cookie
cf_chl_2=496333d66f3e330; cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7f275fce4a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:16 GMT
transparent.gif
lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7f272f6e4a6e
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/tgf/Et/Home/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65fd7f272f6e4a6e
pragma
no-cache
cookie
cf_chl_2=496333d66f3e330; cf_chl_prog=F9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 15:57:17 GMT
server
cloudflare
etag
"60bf935d-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200 public
accept-ranges
bytes
cf-ray
65fd7f275fcf4a6e-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 15 Jun 2021 19:25:16 GMT
bbe6b91e03a4510
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/ 		30 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/bbe6b91e03a4510
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f272f6e4a6e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554e616830c5d6bee127e51ee59e125f05b352470d69b0703d8124d26e6810ac

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
cf_chl_2=bbe6b91e03a4510; cf_chl_prog=e
content-length
1980
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/bbe6b91e03a4510
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
bbe6b91e03a4510
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
bbe6b91e03a4510
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
set-cookie
cf_chl_seq_bbe6b91e03a4510=9affeb2f0afa201;SameSite=Strict;Secure;HttpOnly
cf-ray
65fd7f27c8fe4a6e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ab24dccd900004a6e45bed000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be5984462aab791d16bac6cbab3197fdef1461bf63aa30babd4a92019fcfeebe

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
bbe6b91e03a4510
lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/ 		15 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/bbe6b91e03a4510
Requested by
Host: lvregion-net.preview-domain.com
URL: https://lvregion-net.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65fd7f272f6e4a6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Request headers

sec-fetch-mode
cors
origin
https://lvregion-net.preview-domain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
content-length
17712
:path
/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4343523807683325:1623775886:89bd8860f347fd5fa71ae000d4e01cedcc46b1d5ba63288a31693d3196580e1d/65fd7f272f6e4a6e/bbe6b91e03a4510
pragma
no-cache
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
lvregion-net.preview-domain.com
referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
:scheme
https
sec-fetch-site
same-origin
cf-challenge
bbe6b91e03a4510
:method
POST
Referer
https://lvregion-net.preview-domain.com/tgf/Et/Home/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
CF-Challenge
bbe6b91e03a4510
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 17:25:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cf-ray
65fd7f2b1ffc4ec7-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15
cf-request-id
0ab24dcef100004ec7cc96e000000001
cf_chl_out
RPzFQBCr5oX21fxzsOU/YGH7B+p0QGZBBTln0Nfb4HI=$I2csJ3THhtvg7RNpoh91nQ==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
lvregion-net.preview-domain.com/ Name: cf_chl_prog
Value: e
lvregion-net.preview-domain.com/ Name: cf_chl_2
Value: bbe6b91e03a4510

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN