lwesoes.kzcbbasazu.com Open in urlscan Pro
18.173.154.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a992f.net/
Effective URL:
https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Submission: On June 07 via api (June 7th 2024, 3:23:27 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 18.173.154.110, located in United States and belongs to AMAZON-02, US. The main domain is lwesoes.kzcbbasazu.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2024. Valid for: a year.

This is the only time lwesoes.kzcbbasazu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.80.29 104.21.80.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.165.48.157 108.165.48.157	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	18.173.154.110 18.173.154.110	16509 (AMAZON-02) (AMAZON-02)
6	75.2.42.240 75.2.42.240	16509 (AMAZON-02) (AMAZON-02)
20	3

1 104.21.80.29 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a992f.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.165.48.157 (Ashburn, United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.a992f.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.173.154.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-110.muc50.r.cloudfront.net

lwesoes.kzcbbasazu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 75.2.42.240 (United States)

ASN16509 (AMAZON-02, US)
PTR: a48d7a3baeaba2a67.awsglobalaccelerator.com

2949yj.33465aaabb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kzcbbasazu.com lwesoes.kzcbbasazu.com	319 KB
6	33465aaabb.com 2949yj.33465aaabb.com — Cisco Umbrella Rank: 442545	54 KB
6	a992f.net 1 redirects a992f.net www.a992f.net	33 KB
20	3

	Domain	Requested by
9	lwesoes.kzcbbasazu.com	www.a992f.net lwesoes.kzcbbasazu.com
6	2949yj.33465aaabb.com	lwesoes.kzcbbasazu.com
5	www.a992f.net	www.a992f.net
1	a992f.net	1 redirects
20	4

This site contains no links.

Subject Issuer	Validity	Valid
www.a992f.net R10	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.guf7fup3sg7.com Amazon RSA 2048 M02	`2024-02-22` - `2025-03-23`	a year	crt.sh
*.livehelp100service.com Amazon RSA 2048 M01	`2023-08-11` - `2024-09-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Frame ID: F10EF4080AC8F3A817D7BA9580380A32
Requests: 12 HTTP requests in this frame

Frame: https://lwesoes.kzcbbasazu.com/visitorside/js/common.8e4fae38.js
Frame ID: FAA37B68A85F55823C6A96053005D5AE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

https://a992f.net/ HTTP 301
https://www.a992f.net/ Page URL
https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0... Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

405 kB
Transfer

1015 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a992f.net/ HTTP 301
https://www.a992f.net/ Page URL
https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://a992f.net/ HTTP 301
https://www.a992f.net/

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.a992f.net/
Redirect Chain

https://a992f.net/
https://www.a992f.net/

3 KB
2 KB

2380ms
573ms

Document
text/html

108.165.48.157
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.a992f.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.165.48.157 Ashburn, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

4061cb2fa1343557da0758dc6e67d47af3ed6a94f3a611bd750ef2d5d6d3a120

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1536
content-type: text/html
date: Fri, 07 Jun 2024 15:23:22 GMT
etag: "7d4da6c18e5d91:0"
last-modified: Tue, 12 Sep 2023 01:25:43 GMT
server: ****
strict-transport-security: max-age=0; preload
vary: Accept-Encoding
x-cache: BYPASS
x-request-id: 5b24ad687003cea4b5ed768f497b74ae

Redirect headers

cache-control: max-age=3600
cf-ray: 8901a489cbec8f3d-FRA
content-length: 167
content-type: text/html
date: Fri, 07 Jun 2024 15:23:19 GMT
expires: Fri, 07 Jun 2024 16:23:19 GMT
location: https://www.a992f.net
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3NrxsjqGdlYnZA6ekheGfz0xvhKb0o76eLo%2BfbBwVggWzmIdrQLcU0XYZTsjb2mGuPK7uZOKSXz5QtnxqVjo7WB7EerjLV84%2BfOJdTnotngQu6gPjG41xhdgys%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.8b7165c9.js Show response
www.a992f.net/dist/ 59 KB
28 KB 523ms
523ms Script
application/javascript 108.165.48.157
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.a992f.net/dist/index.8b7165c9.js

Requested by

Host: www.a992f.net
URL: https://www.a992f.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.165.48.157 Ashburn, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

0227a04e716b1bbdf925f12f2c1e2d2101f5dc63f2d336ba6b40b8e276534ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.a992f.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:22 GMT
content-encoding: gzip
strict-transport-security: max-age=0; preload
last-modified: Tue, 12 Sep 2023 01:25:43 GMT
server: ****
etag: "89e9afc18e5d91:0"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27856
x-request-id: 0182c0b473266a87bc5ff1e0d4580350

GET
H2 200 smartdomain_login.json Show response
www.a992f.net/interface/zh-CN/account/ 200 B
529 B 393ms
392ms Fetch
text/html 108.165.48.157
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.a992f.net/interface/zh-CN/account/smartdomain_login.json?t=1717773803

Requested by

Host: www.a992f.net
URL: https://www.a992f.net/dist/index.8b7165c9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.165.48.157 Ashburn, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

91529d1e90a78a9b5b12a1abd334db5805d737d2020df782d2ccc2e7f47587b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.a992f.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 15:23:23 GMT
content-encoding: gzip
strict-transport-security: max-age=0; preload
server: ****
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/html; charset=utf-8
cache-control: private
accept-ranges: bytes
content-length: 299
x-request-id: 516f60a996f678a0b93cfa61905e58b6

GET
H2 404 favicon.ico
www.a992f.net/ 1 KB
881 B 428ms
428ms Other
text/html 108.165.48.157
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.a992f.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.165.48.157 Ashburn, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.a992f.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:23 GMT
strict-transport-security: max-age=0; preload
content-encoding: gzip
server: ****
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
x-request-id: bcae73baec954abef48065f89e19d02f

GET
H2 200 cs_data.js
www.a992f.net/ 3 KB
1 KB 379ms
379ms Script
application/javascript 108.165.48.157
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.a992f.net/cs_data.js?v=1717773803729

Requested by

Host: www.a992f.net
URL: https://www.a992f.net/dist/index.8b7165c9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.165.48.157 Ashburn, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.a992f.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:24 GMT
content-encoding: gzip
strict-transport-security: max-age=0; preload
last-modified: Wed, 05 Jun 2024 23:50:37 GMT
server: ****
etag: "8084d129a3b7da1:0"
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
accept-ranges: bytes
content-length: 1207
x-request-id: 12e79b3a73227aa03587412d20fce929

GET
H2 200 Primary Request 1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Show response
lwesoes.kzcbbasazu.com/ 18 KB
9 KB 505ms
301ms Document
text/html 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32

Requested by

Host: www.a992f.net
URL: https://www.a992f.net/dist/index.8b7165c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

0bd675947ba0f1c6850137784e00ef5421a084164dfd2196defbd61081f7cabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.a992f.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 15:23:24 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-id: JWFOxvzjTn-u6UeJKMaQ-Ck6E_9XHh5ht5S82rySW25099ENJwB2TA==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

GET
H2 200 livechat.ashx Show response
lwesoes.kzcbbasazu.com/ 2 KB
1 KB 57ms
57ms Script
application/x-javascript 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/livechat.ashx?siteId=5000914

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

Kestrel /

Resource Hash

95a602c7cf40feb8f59b15cae6b3afdd28fecd2fb72b3942c36766b9fa0172f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: MUC50-P3
age: 55876
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
x-amz-cf-id: qaQH95ErzyMhSjyslqL4LBnwc9x8Cd5tOtr5gMZESfiauTXdJj43Gg==

GET
H2 200 common.8e4fae38.js Show response
lwesoes.kzcbbasazu.com/visitorside/js/ Frame FAA3 79 KB
29 KB 64ms
63ms Script
application/javascript 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/js/common.8e4fae38.js

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/livechat.ashx?siteId=5000914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

13f2d29d21ebe5ecafb0f83ca4a6b1b6dc6816490ac6d684ce75d26d6ea3f55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Origin: https://lwesoes.kzcbbasazu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 47755
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: W/"664c6849-13dda"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: rFZzxbd9rPNB0malm1h1yefepo6fHJq8CeisaSZBp9m6HB0g43uP6g==

GET
H2 200 vendor.c1318fdb.js Show response
lwesoes.kzcbbasazu.com/visitorside/js/ Frame FAA3 112 KB
35 KB 104ms
104ms Script
application/javascript 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/js/vendor.c1318fdb.js

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/livechat.ashx?siteId=5000914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

fae7b25ccc94864994d290b63a842a1cd1113278a53898333a3813afd447a1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Origin: https://lwesoes.kzcbbasazu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 48117
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: W/"664c6849-1bed1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 0cIxzCv5RiLwJi48cd3ddgheuagp826jQi40Wl7DBj67BNz47fbRBQ==

GET
H2 200 bundle.0c83fbae.js Show response
lwesoes.kzcbbasazu.com/visitorside/js/ Frame FAA3 562 KB
130 KB 197ms
197ms Script
application/javascript 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/livechat.ashx?siteId=5000914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

17effd046c50fd9c98ad98f045efa891dc71d2decfc0a0ff8da5787e83bed155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Origin: https://lwesoes.kzcbbasazu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:01:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 48120
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: W/"664c6849-8c714"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Lx6TxFLNV4Omj-JNqKZTBDF9vXmmlc77tZB3P_Bvu5vBeE8CJvmzsg==

POST
H2 200 visitor.ashx Show response
2949yj.33465aaabb.com/ Frame FAA3 1 KB
1 KB 817ms
261ms XHR
text/json 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2949yj.33465aaabb.com/visitor.ashx?siteId=5000914

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

c7b020e443fd64fa2aed63602d72f4f177caee41bf64ca304aa36492fc86c40c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 15:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: https://lwesoes.kzcbbasazu.com
content-type: text/json
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
lwesoes.kzcbbasazu.com/ 0
231 B 916ms
915ms Other
text/plain 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwesoes.kzcbbasazu.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-110.muc50.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:25 GMT
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: MUC50-P3
x-cache: Error from cloudfront
content-type: text/plain; charset=utf-8
content-length: 0
x-amz-cf-id: HGmL75PV4f0wKQLkd4qX5Lrn8q71F_HeqDMZE6IwdAO3ZKA-2nkg1w==

POST
H2 200 visitor.ashx Show response
2949yj.33465aaabb.com/ Frame FAA3 1 KB
1 KB 265ms
264ms XHR
text/json 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2949yj.33465aaabb.com/visitor.ashx?siteId=5000914

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

174802b069058300a686ad904493658b98df10e0159773fa8387197ab4ca31af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 15:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: https://lwesoes.kzcbbasazu.com
content-type: text/json
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 campaign.ashx Show response
2949yj.33465aaabb.com/ Frame FAA3 16 KB
8 KB 774ms
258ms XHR
text/json 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2949yj.33465aaabb.com/campaign.ashx?siteId=5000914&campaignId=a9010000-0000-0000-0000-008e004c4ed2&lastUpdateTime=00000000116A38BD

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

a3f841bf2a928943186ac9311464ac5556d11da03c0798e7c3c70b5c012af043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/json
access-control-allow-origin: *
cache-control: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 background2.png
lwesoes.kzcbbasazu.com/visitorside/images/ 28 KB
28 KB 72ms
72ms Image
image/png 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/images/background2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

67346fed0124058e785e6ac302219254820a615882533cd8e865738fe4a06499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:04:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 33553
x-cache: Hit from cloudfront
content-length: 28258
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: "664c6849-6e62"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: -khM0DnptIlIB1iwuOSJoA1vcbJJMHmiM9phraBfvV9_HgjvUrPk6A==

GET
H2 200 sourcesanspro-regular.woff
lwesoes.kzcbbasazu.com/visitorside/fonts/ 43 KB
43 KB 55ms
55ms Font
font/woff 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/fonts/sourcesanspro-regular.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

e626366becf63ad185965f8d124fb9f8451ab62c8999b3dfb701540be9dd2bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Origin: https://lwesoes.kzcbbasazu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:00:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 33804
x-cache: Hit from cloudfront
content-length: 43820
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: "664c6849-ab2c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: X2heabP9mO8POCIpDrknAScXDcMFIVOf5EvVdcomgKOpTqywRzynXg==

GET
H2 200 DBImage.ashx
2949yj.33465aaabb.com/DBResource/ 41 KB
41 KB 261ms
259ms Image
image/jpeg 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2949yj.33465aaabb.com/DBResource/DBImage.ashx?campaignId=a9010000-0000-0000-0000-008e004c4ed2&imgType=1&ver=00000000116A38BD&siteId=5000914

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

d23ee07cf8b450a8baaeb0e1a52fa12bd624919b8a25c4cda09ef9e03db2bc6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:23:27 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-xss-protection: 1; mode=block

POST
H2 200 visitor.ashx Show response
2949yj.33465aaabb.com/ Frame FAA3 2 KB
1 KB 293ms
292ms XHR
text/json 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2949yj.33465aaabb.com/visitor.ashx?siteId=5000914&visitorGuid=5836cecb-4ef6-41b9-86bc-42afda6c19cf

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

c2c90348db35cb1c79c91136579fd6585bc78fb7f636daa26884e8f0947d8179

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 15:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: https://lwesoes.kzcbbasazu.com
content-type: text/json
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 sourcesanspro-semibold.woff
lwesoes.kzcbbasazu.com/visitorside/fonts/ 43 KB
43 KB 58ms
58ms Font
font/woff 18.173.154.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lwesoes.kzcbbasazu.com/visitorside/fonts/sourcesanspro-semibold.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-110.muc50.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

c7c0bb0b9b474fc13b57e44b83aaf839c1f261e7728c3c443d9cd7c8603b472f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32
Origin: https://lwesoes.kzcbbasazu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 30997
x-cache: Hit from cloudfront
content-length: 43584
last-modified: Tue, 21 May 2024 09:24:25 GMT
server: nginx/1.22.1
etag: "664c6849-aa40"
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 7V3wi7Mt4j0aRYKCKpL_jwdmrsSR9tEdj4tTUUfg6jvzKENkT-vKiQ==

POST
H2 200 visitor.ashx Show response
2949yj.33465aaabb.com/ Frame FAA3 29 B
466 B 261ms
261ms XHR
text/json 75.2.42.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2949yj.33465aaabb.com/visitor.ashx?siteId=5000914&visitorGuid=5836cecb-4ef6-41b9-86bc-42afda6c19cf

Requested by

Host: lwesoes.kzcbbasazu.com
URL: https://lwesoes.kzcbbasazu.com/visitorside/js/bundle.0c83fbae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.42.240 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a48d7a3baeaba2a67.awsglobalaccelerator.com

Software

Resource Hash

be60180c0aed0469e228febaea642e05d251bd373f37f802bc0af021f3143227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://lwesoes.kzcbbasazu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 15:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
arrserver: chatserver1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin: https://lwesoes.kzcbbasazu.com
content-type: text/json
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.a992f.net/	1969-12-31 23:59:59	Name: session_sslproxy_server Value: ab04b1ae-c98e-4c2665a7fb7ca4a51dd91c24ddc019cca467
www.a992f.net/	1970-01-21 06:45:33	Name: UqZBpD3n3iXPAw1X Value: v1b7UxgwSDTCy
2949yj.33465aaabb.com/	1970-01-21 06:45:33	Name: visitorGuid_5000914 Value: 5836cecb-4ef6-41b9-86bc-42afda6c19cf
lwesoes.kzcbbasazu.com/	1970-01-21 06:45:33	Name: onlinehelp_visitorguid_5000914 Value: 5836cecb-4ef6-41b9-86bc-42afda6c19cf

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.a992f.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lwesoes.kzcbbasazu.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lwesoes.kzcbbasazu.com/1646c349e6d126jkfle-keli6a3990611060b04080b020604040d0f0903000a03000a8aeb0f0848cd43efd32 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2949yj.33465aaabb.com
a992f.net
lwesoes.kzcbbasazu.com
www.a992f.net
104.21.80.29
108.165.48.157
18.173.154.110
75.2.42.240
0227a04e716b1bbdf925f12f2c1e2d2101f5dc63f2d336ba6b40b8e276534ce5
0bd675947ba0f1c6850137784e00ef5421a084164dfd2196defbd61081f7cabc
13f2d29d21ebe5ecafb0f83ca4a6b1b6dc6816490ac6d684ce75d26d6ea3f55f
174802b069058300a686ad904493658b98df10e0159773fa8387197ab4ca31af
17effd046c50fd9c98ad98f045efa891dc71d2decfc0a0ff8da5787e83bed155
4061cb2fa1343557da0758dc6e67d47af3ed6a94f3a611bd750ef2d5d6d3a120
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
67346fed0124058e785e6ac302219254820a615882533cd8e865738fe4a06499
91529d1e90a78a9b5b12a1abd334db5805d737d2020df782d2ccc2e7f47587b4
95a602c7cf40feb8f59b15cae6b3afdd28fecd2fb72b3942c36766b9fa0172f7
a3f841bf2a928943186ac9311464ac5556d11da03c0798e7c3c70b5c012af043
be60180c0aed0469e228febaea642e05d251bd373f37f802bc0af021f3143227
c2c90348db35cb1c79c91136579fd6585bc78fb7f636daa26884e8f0947d8179
c7b020e443fd64fa2aed63602d72f4f177caee41bf64ca304aa36492fc86c40c
c7c0bb0b9b474fc13b57e44b83aaf839c1f261e7728c3c443d9cd7c8603b472f
d23ee07cf8b450a8baaeb0e1a52fa12bd624919b8a25c4cda09ef9e03db2bc6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e626366becf63ad185965f8d124fb9f8451ab62c8999b3dfb701540be9dd2bf5
fae7b25ccc94864994d290b63a842a1cd1113278a53898333a3813afd447a1a1

lwesoes.kzcbbasazu.com Open in urlscan Pro 18.173.154.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

405 kBTransfer

1015 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

6 Console Messages

Security Headers

Indicators

lwesoes.kzcbbasazu.com Open in urlscan Pro
18.173.154.110 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

405 kB
Transfer

1015 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions