0w7gcqm1x40.top Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://pgidhq4n9x4pmi.top/ Page URL
2. https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ Show response pgidhq4n9x4pmi.top/	952 B 899 B	1040ms 531ms	Document text/html	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8429bc4e2bf83d0727b4bc6cdbdde091d52154cd06844a4bca70f6ec80107a2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c8f4f300f10d2a4-FRA content-encoding br content-type text/html date Thu, 26 Sep 2024 00:59:06 GMT last-modified Tue, 10 Sep 2024 04:18:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YM3WWCzQakwJFuAvcdFWe7rB9IqDsYW49lQPfESjnpxKHABXLfFPmstwd5EWisR3wtOH%2F3lPCY8bB%2F%2Be3%2BkDMWCKtiyidW99%2F6lqNmQohtH02yHMxlv6EyCvHbYVz4yIg6nBkn%2BEHuO03gxJWpSGnhc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"
GET H3	200	speculation pgidhq4n9x4pmi.top/cdn-cgi/	128 B 561 B	12ms 11ms	Other application/speculationrules+json	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://pgidhq4n9x4pmi.top Referer https://pgidhq4n9x4pmi.top/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mlFHy%2F2%2Fb%2Fh4F6WdIKUdZONG%2Fbp0jF9tvmur5UEiveuC66R5%2BkvP7QIUj2KwWIjpwJSBYl1tzq4OtfIPCdXl4I0kryc8DiAxOd3nxfXKrXkAhKwgP8sy9GndutWy0%2FFq34UInBw8FMeROTdIDr4cJc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336cdbd2a4-FRA access-control-allow-origin https://pgidhq4n9x4pmi.top content-length 128 date Thu, 26 Sep 2024 00:59:06 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	common.js Show response pgidhq4n9x4pmi.top/static/js/	4 KB 2 KB	502ms 501ms	Script application/javascript	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/static/js/common.js?t=202409091529 Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e64c2562dd0311a74557526152b57a8f5a7c46fc5655e8a7edebdeecc58a42b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-f3c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCfcuVqQ3RGqg7isWSj%2B6LOpS5cmibTySgmcz2Ua8w3fRCpeitmBiz4aKN0q9uzU41ju1q0fMrt8MMSZe6s1%2FE8%2FiWl8aYTr2IIYIBZ7BwPi16h4Mb2svufDyBzyia%2B0EslZkv6oMkFrpD6DKipEOrc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336cdcd2a4-FRA date Thu, 26 Sep 2024 00:59:06 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	vue.min.js Show response pgidhq4n9x4pmi.top/static/cdn/js/	92 KB 35 KB	1353ms 1352ms	Script application/javascript	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/static/cdn/js/vue.min.js Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-16fc7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUCNpc30iJmNDCl7poNO7WcVCTIYgpKxhrvINB9BVzUnhbLrjWWzINolYusEH9RIr0i%2BjPVAEQRS2%2BfFgcVVi8FZZIzB%2BFusOSf9t6Yh9U%2F2xXd2vSn9GkFQL6qVWCCvu4k0sKFSnZmSHbGjfb6K2Hk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336cdfd2a4-FRA alt-svc h3=":443"; ma=86400 date Thu, 26 Sep 2024 00:59:07 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	axios.min.js Show response pgidhq4n9x4pmi.top/static/cdn/js/	17 KB 7 KB	813ms 813ms	Script application/javascript	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/static/cdn/js/axios.min.js Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-45b3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Kvspcf1kujIU4b1MuWw2YlPPVsPxdyWxocm6sOLKi9Z1Ao2RCtbpX2f7LKSdxp68Qm1YehILGScmdtZ1ZQ2HB%2BREExrc8kpcUZA3Y%2FEWh%2FWlbYV3kD10S2kzsP5lhekqOsHcFX31Gm%2FWFNfgP25lA4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336ce0d2a4-FRA date Thu, 26 Sep 2024 00:59:06 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	crypto-js.min.js Show response pgidhq4n9x4pmi.top/static/cdn/js/	46 KB 17 KB	1044ms 1043ms	Script application/javascript	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/static/cdn/js/crypto-js.min.js Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-b9d8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA07jfKHf11XfSiBBI0B1TWTCbI2Rtn4vVIT42uhCwz6p95UislisNUSI1thyfodrovKbogYUakvTYGsWXhP3lb9gY%2FykA4zbJ%2FpxIt1weC5K9Ayf1uqfifPPDPhwATTHlPHih5WDlYZUBKrBwusg6E%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336ce1d2a4-FRA date Thu, 26 Sep 2024 00:59:07 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	collect_301.js Show response pgidhq4n9x4pmi.top/static/js/	2 KB 1 KB	507ms 506ms	Script application/javascript	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/static/js/collect_301.js?t=202409101529 Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d32927eac4b56c3ae55bf6091b3a69614bf1aeede076e04880e751b08259a4d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-89c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njwF%2F5oL5XF72cTv9WW0b8tgpf4u%2BARuoZ9OXPWfEOEcfkkFtGK4oOVkpTEOG6sIGC9AmcnmDFeeMNeFVF81qScDM2hPuW%2FlBKXrn8k1J2cUUnnYvPvYAilNA9omFvwdodcKHjvX522g9fkjcYuFFxQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f336ce3d2a4-FRA date Thu, 26 Sep 2024 00:59:06 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
OPTIONS H/1.1	200	request api.gv86knght6r.top/fast-endecode/main/ Frame	0 0	741ms 253ms	Preflight	23.225.61.42 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://api.gv86knght6r.top/fast-endecode/main/request Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.225.61.42 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://pgidhq4n9x4pmi.top Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization Access-Control-Allow-Methods POST GET, POST, OPTIONS Access-Control-Allow-Origin * CF-Cache-Status DYNAMIC CF-RAY 8c8f4f400e42dd45-HKG Connection keep-alive Date Thu, 26 Sep 2024 00:59:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsT5kXT8ULgVIFfY%2BpeZcEUhETOCuUxoqDcVTSUe5r9oY2kePKM23xuWb0nmEhP2eCbq6DpazPlhh%2Fsgf6fLzE2eJC%2FXVzONfZxCBpF%2FdBecyyWH9yAHE4QT%2BtBovQyv2RsZ7aw%3D"}],"group":"cf-nel","max_age":604800} Server nginx/1.17.6 Transfer-Encoding chunked Vary Origin X-Application-Context fast-cloud-zull:prod:8801
POST H/1.1	200	request api.gv86knght6r.top/fast-endecode/main/	2 KB 2 KB	266ms 265ms	XHR application/json	23.225.61.42 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://api.gv86knght6r.top/fast-endecode/main/request Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/static/cdn/js/axios.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.225.61.42 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://pgidhq4n9x4pmi.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/json Response headers Transfer-Encoding chunked NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Encoding gzip CF-Cache-Status DYNAMIC Connection keep-alive Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9B%2BWLfB5PLjNCoYpCe3o%2BvGfJGyCSpCWqKwdWIOgF49ZmXLM3q8fakSpQMwCwbPSzObAWZn0nD2rfEke8ggEKPJZUG0rBQukRvF%2BVuZhx43nLiI7PK%2FoeAbHOu0hd38YHx73JKY%3D"}],"group":"cf-nel","max_age":604800} Access-Control-Allow-Methods GET, POST, OPTIONS CF-RAY 8c8f4f419ff7110b-HKG Access-Control-Allow-Origin * X-Application-Context fast-cloud-zull:prod:8801 Date Thu, 26 Sep 2024 00:59:08 GMT Content-Type application/json;charset=UTF-8 Vary Origin Server nginx/1.17.6 Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H3	200	favicon.ico pgidhq4n9x4pmi.top/	4 KB 4 KB	503ms 503ms	Other image/x-icon	2606:4700:3037::ac43:bc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pgidhq4n9x4pmi.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://pgidhq4n9x4pmi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-eb0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoGSFudqAPbICqsPRH5QN7ZHcGGx4ElzHgXdFhreexCgpSMtB9VnpaYDasq6U8whvWE3%2FmhANl1d5HuVTE6dl2RQifmcaZC8J72wpI45K3N0rxgUiInm%2B%2BkDZpUyUXIE3Z%2FyrP%2FtpdP6fJ6JwEmwJMM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f3c0afad2a4-FRA date Thu, 26 Sep 2024 00:59:08 GMT content-type image/x-icon last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	Primary Request / Show response 0w7gcqm1x40.top/	1 KB 1 KB	720ms 503ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Requested by Host: pgidhq4n9x4pmi.top URL: https://pgidhq4n9x4pmi.top/static/js/collect_301.js?t=202409101529 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 427355644694c798140f7008cc3a757323d9d79d70c65ffa26c90b659be6bb84 Request headers Referer https://pgidhq4n9x4pmi.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c8f4f43bbcb3603-FRA content-encoding br content-type text/html date Thu, 26 Sep 2024 00:59:09 GMT last-modified Tue, 10 Sep 2024 04:18:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmMelzwMOyIyKJ%2FS1s3Y8fadeo8TunfU9NMjmJu1NJs5awSEk9XmJd5Ua%2FB%2FtUDHm1lqqx%2FiegBALVoMaalN9xlyBJXEg6pKVnUdZGo6V3SvCS5BuQmckJ%2BVlyf9qcKnBTwQBtfZnPWMZCHz88o%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"
GET H3	200	speculation 0w7gcqm1x40.top/cdn-cgi/	128 B 550 B	12ms 12ms	Other application/speculationrules+json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0w7gcqm1x40.top/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://0w7gcqm1x40.top Referer https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLMyy0rpVcjvXv7o322oi33VuDIugw13%2F6dEpiZOMENNtAsc7vROBeaKIQ3WCQRSLOB5OeNUHx1uk1pnKZ%2BIslLkdFcit%2FuW5vmtSK3zwMMd6AIXx71dPh6xjEWxCL78E0W19vZtqR4Quoq390o%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f46fe023603-FRA access-control-allow-origin https://0w7gcqm1x40.top content-length 128 date Thu, 26 Sep 2024 00:59:09 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	crypto-js.min.js Show response 0w7gcqm1x40.top/static/cdn/js/	46 KB 17 KB	1040ms 1040ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0w7gcqm1x40.top/static/cdn/js/crypto-js.min.js Requested by Host: 0w7gcqm1x40.top URL: https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-b9d8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onlDQcL1LpabB2RUv%2FUHJwOxNHVY0X%2BQ03D4YlfUZyJGJXXMSqfPDmRrkpIFNzjTLSa%2B63nDocKyPs7AXlz8C%2ByxpB75Pt%2B5LV10cKy266uLXOl8zEtuqQBitz%2B7OBhsnPrs4NME%2BaZ6lcRlJTw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f46fe053603-FRA date Thu, 26 Sep 2024 00:59:10 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	iframe.js Show response 0w7gcqm1x40.top/static/js/	6 KB 3 KB	558ms 558ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0w7gcqm1x40.top/static/js/iframe.js?t=202409101529 Requested by Host: 0w7gcqm1x40.top URL: https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c03ea32aee9865eba7291d6340518e820a5b1f11b2208e4c1b4a168c179ee9a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-1793" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQnrd%2FSBSZEQkIbxlHyzBhXsSD3%2Fh9cQjKcIcijro6QFrOBQpoZSlw90PQeT0KfkoxgFDcRBvmt%2Fg4scu50E44mpDcZl2wmbf6Tq3pa8gDFRDcYP69HFR%2BlmqXFInbRUZSkeDt4muY8uB%2Fi%2FqTs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f46fe063603-FRA date Thu, 26 Sep 2024 00:59:09 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
OPTIONS		request api.gv86knght6r.top/fast-endecode/main/ Frame	0 0
POST		request api.gv86knght6r.top/fast-endecode/main/	0 0
GET H3	200	favicon.ico 0w7gcqm1x40.top/	4 KB 4 KB	556ms 556ms	Other image/x-icon	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0w7gcqm1x40.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66dfc8a8-eb0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlIbnxYZnwEehRdlMXfDKNP29w%2Bd7rJzN%2FdpkuPw5uXRETF6eMRQYmfcHsjd%2Ba2xKDRFVKgkRYUkpwSo8%2BRH3x9bfhmPxDYUZAUff8KV0Sm8DYCoGB8pdWDDNDZzLhHsyCMnwVgEWsfRntKHx0k%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8f4f4d99973603-FRA date Thu, 26 Sep 2024 00:59:10 GMT content-type image/x-icon last-modified Tue, 10 Sep 2024 04:18:48 GMT vary Accept-Encoding server cloudflare
POST		request gemini.9tb8zxucivb.top/fast-endecode/main/	0 0
OPTIONS H3	403	request gemini.9tb8zxucivb.top/fast-endecode/main/ Frame	0 0	34ms 12ms	Preflight text/html	2606:4700:3037::ac43:984b
General Check archive.org Show headers Download Go to Full URL https://gemini.9tb8zxucivb.top/fast-endecode/main/request Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:984b -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://0w7gcqm1x40.top Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control max-age=15 cf-ray 8c8f4f588c58d276-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 26 Sep 2024 00:59:12 GMT expires Thu, 26 Sep 2024 00:59:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBXxTvtI2E81p4xH5DPOdrBlZvlkcYOFvFeP%2FoUkeH7KWzXNUAr9S4zU3cD%2BCJQZrYKM1wPutsu8%2Fglq2679J7HHiS3Nbsp1Pn5qA%2BDwAsEhNq%2B%2FSrAsH4Q3qIs3HPKIEI7JeQZFSTkYk%2F5iWHYLnSwI9%2BrV"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
POST H/1.1	200	request Show response api.xv1sehk8tac.top/fast-endecode/main/	2 KB 2 KB	274ms 273ms	Fetch application/json	192.151.192.66
General Check archive.org Show headers Download Go to Full URL https://api.xv1sehk8tac.top/fast-endecode/main/request Requested by Host: 0w7gcqm1x40.top URL: https://0w7gcqm1x40.top/static/js/iframe.js?t=202409101529 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 192.151.192.66 -, , ASN (), Reverse DNS Software nginx/1.17.6 / Resource Hash ed646ebded2fc5effa237c6e7ed1bf1a4c58eb4e0ac862a22e2859a2d41cc260 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://0w7gcqm1x40.top/ Response headers Transfer-Encoding chunked NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Encoding gzip CF-Cache-Status DYNAMIC Connection keep-alive Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5QoG0rPRn5lu0P1LJwAkIoyogcm%2BInIfQVsd17TqelvJPArrNfcCcPF0fj%2FWWLv7AVyrro7CvHNldRxGDfClemDWC5FpON8AZZ3VyuyL4HKzmtDEQHWdKt%2BpGXs3LvtSkIXqs0%3D"}],"group":"cf-nel","max_age":604800} Access-Control-Allow-Methods GET, POST, OPTIONS CF-RAY 8c8f4f64de3f20e4-HKG Access-Control-Allow-Origin * X-Application-Context fast-cloud-zull:prod:8801 Date Thu, 26 Sep 2024 00:59:14 GMT Content-Type application/json;charset=UTF-8 Vary Origin Server nginx/1.17.6 Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
OPTIONS H/1.1	200	request api.xv1sehk8tac.top/fast-endecode/main/ Frame	0 0	798ms 255ms	Preflight	192.151.192.66
General Check archive.org Show headers Download Go to Full URL https://api.xv1sehk8tac.top/fast-endecode/main/request Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 192.151.192.66 -, , ASN (), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://0w7gcqm1x40.top Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization Access-Control-Allow-Methods POST GET, POST, OPTIONS Access-Control-Allow-Origin * CF-Cache-Status DYNAMIC CF-RAY 8c8f4f633c9c04bf-HKG Connection keep-alive Date Thu, 26 Sep 2024 00:59:13 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6AT0D2g48VBDWZy3mhzU1Gbqt442U%2BNDGIIgAUKT%2FJN0UFJtiic3BBSZKF0Mt0xzHEyJqKY7cy81gb%2F1RYBryJsnQlTw2DJ1LQwFe8ZTa4k1PdcZfr7SyQA55l1sYlhcnUroOsM%3D"}],"group":"cf-nel","max_age":604800} Server nginx/1.17.6 Transfer-Encoding chunked Vary Origin X-Application-Context fast-cloud-zull:prod:8801
GET H3	200	/ o0l6ijinqzx.top/ Frame 04B1	0 0	561ms 551ms	Document text/html	2a06:98c1:3121::9
General Check archive.org Show headers Download Go to Full URL https://o0l6ijinqzx.top/?domain=pgidhq4n9x4pmi.top Requested by Host: 0w7gcqm1x40.top URL: https://0w7gcqm1x40.top/static/js/iframe.js?t=202409101529 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://0w7gcqm1x40.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c8f4f65bbe9bba7-FRA content-encoding br content-type text/html date Thu, 26 Sep 2024 00:59:14 GMT last-modified Tue, 10 Sep 2024 04:18:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2FYRKhw%2FAwNRbkeeXVrcuiO986NjytBvlUtzRQEzCco0WV5qPWYyWMsjRNgTUFMZHovcrkYx6TYG5d6IX58yYgxrqF3%2Byn7ZcSNW7Rtgq9dETtoYqCSRs3oixAFxnsTZ1dFnfP3rym8v8n2tN0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.gv86knght6r.top

URL

https://api.gv86knght6r.top/fast-endecode/main/request

Domain

api.gv86knght6r.top

URL

https://api.gv86knght6r.top/fast-endecode/main/request

Domain

gemini.9tb8zxucivb.top

URL

https://gemini.9tb8zxucivb.top/fast-endecode/main/request

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CryptoJS object| _0x3b3d function| _0x180e object| domainList object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode object| urls function| getconfigDown

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://0w7gcqm1x40.top/?domain=pgidhq4n9x4pmi.top Message: Access to fetch at 'https://gemini.9tb8zxucivb.top/fast-endecode/main/request' from origin 'https://0w7gcqm1x40.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gemini.9tb8zxucivb.top/fast-endecode/main/request Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0w7gcqm1x40.top
api.gv86knght6r.top
api.xv1sehk8tac.top
gemini.9tb8zxucivb.top
o0l6ijinqzx.top
pgidhq4n9x4pmi.top
api.gv86knght6r.top
gemini.9tb8zxucivb.top
192.151.192.66
23.225.61.42
2606:4700:3037::ac43:984b
2606:4700:3037::ac43:bc90
2a06:98c1:3120::3
2a06:98c1:3121::9
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e
427355644694c798140f7008cc3a757323d9d79d70c65ffa26c90b659be6bb84
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989
7e64c2562dd0311a74557526152b57a8f5a7c46fc5655e8a7edebdeecc58a42b
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
a8429bc4e2bf83d0727b4bc6cdbdde091d52154cd06844a4bca70f6ec80107a2
c03ea32aee9865eba7291d6340518e820a5b1f11b2208e4c1b4a168c179ee9a9
d32927eac4b56c3ae55bf6091b3a69614bf1aeede076e04880e751b08259a4d3
ed646ebded2fc5effa237c6e7ed1bf1a4c58eb4e0ac862a22e2859a2d41cc260