ggsjzxwz.pages.dev Open in urlscan Pro
188.114.97.3  Public Scan

35 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ggsjzxwz.pages.dev/	8 KB 3 KB	127ms 57ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ggsjzxwz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee47c6e277d70c9caf1ee2c67b350b9d525babfb35d76bb4c8dc05c8fafe3950 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 8fd5a522ace7d2c3-FRA content-encoding br content-type text/html; charset=utf-8 date Sun, 05 Jan 2025 18:48:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0vpEONcUMcHpNY5driKrHpWiW%2B9Lwbu9tcsWUqXykjex6qMLSEkn%2Bkqac1%2BU7DWrTOjAXFPv68pxiv8GmV%2Fxc2l7wMil4MhgOAAY6ZY9LBHClvYJNpiFMcmxHHrLBUuMMsSNyM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=8135&min_rtt=7616&rtt_var=1929&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2388&delivery_rate=567027&cwnd=254&unsent_bytes=0&cid=9c0b6b56d8a8d135&ts=71&x=0" vary Accept-Encoding x-content-type-options nosniff
GET H2	200	head_site.js Show response www.piandd.buzz/js/	553 B 767 B	1244ms 587ms	Script application/javascript	43.203.126.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.piandd.buzz/js/head_site.js Requested by Host: ggsjzxwz.pages.dev URL: https://ggsjzxwz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.203.126.249 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-203-126-249.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 9de3680b38725daf954014442434ca938189cb08011d6f778a3c3ec9cc751026 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers strict-transport-security max-age=31536000 cache-control max-age=43200 etag "675e871d-229" expires Mon, 06 Jan 2025 06:48:53 GMT accept-ranges bytes content-length 553 date Sun, 05 Jan 2025 18:48:53 GMT content-type application/javascript last-modified Sun, 15 Dec 2024 07:37:01 GMT server nginx
GET H2	200	xc_site.js Show response www.piandd.buzz/js/	8 KB 4 KB	1213ms 567ms	Script application/javascript	43.203.126.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.piandd.buzz/js/xc_site.js Requested by Host: ggsjzxwz.pages.dev URL: https://ggsjzxwz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.203.126.249 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-203-126-249.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 48b1cf48d77f365119fdb74e6e9ee8196c705a7190ee143ecd1e946049f13bcf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers strict-transport-security max-age=31536000 cache-control max-age=43200 content-encoding gzip etag W/"677a603a-203f" expires Mon, 06 Jan 2025 06:48:53 GMT date Sun, 05 Jan 2025 18:48:53 GMT content-type application/javascript last-modified Sun, 05 Jan 2025 10:34:34 GMT server nginx vary Accept-Encoding
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	129ms 51ms	Script text/javascript	104.20.3.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/head_site.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.3.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 53001 cf-ray 8fd5a52b5d28dcbe-FRA accept-ranges bytes content-length 4547 date Sun, 05 Jan 2025 18:48:54 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	o.js Show response js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/	291 KB 125 KB	1321ms 784ms	Script text/plain	149.30.247.44 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/xc_site.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.44 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers X-Request-Id abd7e4e9e7da9c001b3ba52c82207498 Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Sun, 05 Jan 2025 19:18:55 GMT Date Sun, 05 Jan 2025 18:48:55 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H/1.1	200 OK	o.js Show response js.llpn8qi7kncc6r8sweqattlm.xyz/	291 KB 125 KB	1075ms 514ms	Script text/plain	149.30.247.95 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/xc_site.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.95 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers X-Request-Id 257cfda5d4e4aa3fd512e5a1ee84a232 Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Sun, 05 Jan 2025 19:18:54 GMT Date Sun, 05 Jan 2025 18:48:54 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H/1.1	200 OK	5154 Show response 5e848ea3acf56d81gg.3adtjg.com/sc/	10 KB 10 KB	1210ms 509ms	Script text/javascript	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://5e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Requested by Host: ggsjzxwz.pages.dev URL: https://ggsjzxwz.pages.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash fdc1246b403f89de44d6501094045e8bfb8f59c109c8e41b2523d21856136cb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control max-age=1800 Pragma max-age=1800 Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Sun, 05 Jan 2025 18:48:55 GMT Content-Type text/javascript; charset=utf-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	50 B 184 B	492ms 204ms	Script text/html	149.56.240.130 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4916520&@f16&@g1&@h1&@i1&@j1736102934347&@k0&@l1&@m%E5%98%8E%E5%98%8E%E6%89%8B%E6%9C%BA%E5%9C%A8%E7%BA%BF%E7%BD%91%E7%AB%99_%E6%89%8B%E6%9C%BA%E5%9C%A8%E7%BA%BF%E7%94%B5%E5%BD%B1-%E6%89%8B%E6%9C%BA%E9%AB%98%E6%B8%85%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%E7%9C%8B&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:37673970&@b3:1736102934&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fggsjzxwz.pages.dev%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.130 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534298.ip-149-56-240.net Software / Resource Hash 39d883662079d9eab323bec52a1825286ee43c5bbeb4679c056fb53b68bbcaef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers Content-Length 50 Date Sun, 05 Jan 2025 18:49:01 GMT Content-Type text/html;charset=UTF-8 Connection close
GET H/1.1	200 OK	5154 Show response 0602.9tjoj6.com/d/	1 KB 1 KB	951ms 452ms	XHR text/html	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://0602.9tjoj6.com:8005/d/5154?t=0.462849613255532 Requested by Host: 5e848ea3acf56d81gg.3adtjg.com URL: https://5e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash 801773229eee2e8505f135ffab3d1192040b85b1b093f603b842be2bb2cbf704 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://ggsjzxwz.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control no-cache, must-revalidate Pragma no-cache Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Sun, 05 Jan 2025 18:48:56 GMT Content-Type text/html; charset=UTF-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H3	200	c.js Show response fw.privateadx.com/	0 738 B	84ms 45ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fw.privateadx.com/c.js Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers cf-cache-status HIT etag "669e9c68-0" age 29656 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7iQJI8ripP92Sq1LEghmXBtzFZKoazzK%2BvC28z2dfReR6xFPHu1zSlVGjsAX62xlh%2BD1EbV5GjWW%2B%2BkH2gNNuVUy2zOEwPXLDrKu1zkdjSEeiqM6rzQEs2iHag2KBp8TsjloQ%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 05 Jan 2025 22:34:39 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22127&min_rtt=22046&rtt_var=8325&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4041&recv_bytes=4233&delivery_rate=131733&cwnd=12000&unsent_bytes=0&cid=1a1481413a586523&ts=39&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 05 Jan 2025 18:48:55 GMT content-type application/javascript last-modified Mon, 22 Jul 2024 17:52:40 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8fd5a5355f13d2e2-FRA accept-ranges bytes content-length 0 server cloudflare
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1625ms 848ms	Script application/json	149.30.247.187 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2Fggsjzxwz.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=30&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=1368&rid=5dc42eca0052a7b3673f517243670956&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.187 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 0a59e02ec53f39af914fbc955307d99b11a9919e37eebcec2b8368f4e463abc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers X-Request-Id 5ca5811946a5028aaea57e048f470661 Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Sun, 05 Jan 2025 18:48:57 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1358ms 586ms	Script application/json	149.30.247.187 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2Fggsjzxwz.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=30&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=1276&rid=8e45835610cc20748045014580b13fa8&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.187 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 4f6b6b3337e503e644cb3b29faf760d532c26804f890757e96fc3963a7eb2233 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers X-Request-Id db0e30e1e88dab849b1c7b81c2f10479 Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Sun, 05 Jan 2025 18:48:57 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H2	200	24164250640.txt Show response g.h1v3fa.com/2023/09/	231 KB 173 KB	899ms 337ms	XHR text/plain	154.91.91.34 TERAEXCH
General Check archive.org Show headers Download Go to Full URL https://g.h1v3fa.com/2023/09/24164250640.txt Requested by Host: 5e848ea3acf56d81gg.3adtjg.com URL: https://5e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.91.91.34 , Seychelles, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash 4aa549c8cec3dc1ac99f1d81aa86d9d1e14655e76e574bd4d99bd6df5789577c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers cache-control max-age=2592000 content-encoding br etag W/"650ff68a-39acc" access-control-allow-methods GET, POST, OPTIONS expires Tue, 28 Jan 2025 17:21:31 GMT access-control-allow-origin * x-cache HIT date Sun, 05 Jan 2025 18:48:57 GMT content-type text/plain last-modified Sun, 24 Sep 2023 08:42:50 GMT server NgxFence access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET		5154 5e848ea3acf56d81gc.4egscv.com/d/	0 0
GET DATA	200 OK	truncated /	173 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e72abcd6ee8195edf8dfe1b7cc8650aac682b7111ed0fe95a514b76201509658 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	favicon.ico ggsjzxwz.pages.dev/	8 KB 3 KB	69ms 68ms	Other text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ggsjzxwz.pages.dev/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee47c6e277d70c9caf1ee2c67b350b9d525babfb35d76bb4c8dc05c8fafe3950 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ggsjzxwz.pages.dev/ Response headers cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRO5qN8mBaj3tGaxyzP2nQcy2hlJhqlt7sIzlQ96MnqCZ7iZCUGpsSlzyQ0tT73aFHZP0hGElCLk590Q8swAuvIxX0%2F1EJcSL4Tp67Py5Y6Faz%2FKcliiYgegrJq35sp3PbTwWUI%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin cf-ray 8fd5a5411d29d2c3-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=7999&min_rtt=7616&rtt_var=1015&sent=13&recv=14&lost=0&retrans=0&sent_bytes=7023&recv_bytes=2676&delivery_rate=1081269&cwnd=256&unsent_bytes=0&cid=9c0b6b56d8a8d135&ts=4955&x=0" date Sun, 05 Jan 2025 18:48:57 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

5e848ea3acf56d81gc.4egscv.com

URL

https://5e848ea3acf56d81gc.4egscv.com:8005/d/5154?c=1&n=lzfrscdv

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _Hasync object| adbyunion number| lzfrscdv_is_kk function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues number| lzfrscdv_is_ws object| w8kf49ydke function| json_5dc42eca0052a7b3673f517243670956 function| json_8e45835610cc20748045014580b13fa8

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstCfa4916520 Value: 1736102934347
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstCla4916520 Value: 1736102934347
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstCmu4916520 Value: 1736102934347
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstPn4916520 Value: 1
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstPt4916520 Value: 1
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstCnv4916520 Value: 1
			ggsjzxwz.pages.dev/	1970-01-21 11:00:38	Name: HstCns4916520 Value: 1
			ggsjzxwz.pages.dev/	1969-12-31 23:59:59	Name: gg_iscookie Value: 1
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 02:19:22	Name: geo Value: %E8%8B%B1%E5%9B%BD%2F%2F
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 10:53:26	Name: oid Value: b84c5f9f-cb95-11ef-88f0-a0481cb92ec8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ggsjzxwz.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E08B06C4080000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ggsjzxwz.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0204D08C4080000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0602.9tjoj6.com
5e848ea3acf56d81gc.4egscv.com
5e848ea3acf56d81gg.3adtjg.com
fw.privateadx.com
g.h1v3fa.com
ggsjzxwz.pages.dev
js.7oc9ak79i49u6cp4q9s8ttlm.xyz
js.krt3lt3j4tx0q3yhr0w8ttlm.xyz
js.llpn8qi7kncc6r8sweqattlm.xyz
s10.histats.com
s4.histats.com
www.piandd.buzz
5e848ea3acf56d81gc.4egscv.com
104.20.3.69
149.30.247.187
149.30.247.44
149.30.247.95
149.56.240.130
154.91.91.34
188.114.96.3
188.114.97.3
190.92.230.185
43.203.126.249
0a59e02ec53f39af914fbc955307d99b11a9919e37eebcec2b8368f4e463abc4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
39d883662079d9eab323bec52a1825286ee43c5bbeb4679c056fb53b68bbcaef
48b1cf48d77f365119fdb74e6e9ee8196c705a7190ee143ecd1e946049f13bcf
4aa549c8cec3dc1ac99f1d81aa86d9d1e14655e76e574bd4d99bd6df5789577c
4f6b6b3337e503e644cb3b29faf760d532c26804f890757e96fc3963a7eb2233
801773229eee2e8505f135ffab3d1192040b85b1b093f603b842be2bb2cbf704
9de3680b38725daf954014442434ca938189cb08011d6f778a3c3ec9cc751026
9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72abcd6ee8195edf8dfe1b7cc8650aac682b7111ed0fe95a514b76201509658
ee47c6e277d70c9caf1ee2c67b350b9d525babfb35d76bb4c8dc05c8fafe3950
fdc1246b403f89de44d6501094045e8bfb8f59c109c8e41b2523d21856136cb9