mgmfdywz.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f15  Public Scan

35 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mgmfdywz.pages.dev/	8 KB 3 KB	86ms 43ms	Document text/html	2606:4700:310c::ac42:2f15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mgmfdywz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2f15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd8968ab3102f2b21fc1c46bd2ce01de8b165d54300c675a10d083c6cb45c106 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 8fe4850e7c57d9d3-FRA content-encoding br content-type text/html; charset=utf-8 date Tue, 07 Jan 2025 14:08:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6S9IagCLhoGnDP7YH%2FBm5b7tWrMr4BiwVarPQhCgWMkShTOhYQQJFKTXG%2FInY0P0VabklByw0bHtB80ohaivMmmlPC29anky54E2pqq0OEsnguWc4E0cEeTfRO8m0dtLqZSxXg%2BhwUDN12Fbl0HUiEo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=6576&min_rtt=6309&rtt_var=1155&sent=6&recv=12&lost=0&retrans=0&sent_bytes=3997&recv_bytes=2355&delivery_rate=604474&cwnd=254&unsent_bytes=0&cid=6d41448622d7e2fd&ts=54&x=0" vary Accept-Encoding x-content-type-options nosniff
GET H2	200	head_site.js Show response www.piandd.buzz/js/	553 B 766 B	752ms 238ms	Script application/javascript	43.203.126.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.piandd.buzz/js/head_site.js Requested by Host: mgmfdywz.pages.dev URL: https://mgmfdywz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.203.126.249 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-203-126-249.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 9de3680b38725daf954014442434ca938189cb08011d6f778a3c3ec9cc751026 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers strict-transport-security max-age=31536000 cache-control max-age=43200 etag "675e871d-229" expires Wed, 08 Jan 2025 02:08:26 GMT accept-ranges bytes content-length 553 date Tue, 07 Jan 2025 14:08:26 GMT content-type application/javascript last-modified Sun, 15 Dec 2024 07:37:01 GMT server nginx
GET H2	200	xc_site.js Show response www.piandd.buzz/js/	8 KB 4 KB	751ms 237ms	Script application/javascript	43.203.126.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.piandd.buzz/js/xc_site.js Requested by Host: mgmfdywz.pages.dev URL: https://mgmfdywz.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.203.126.249 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-203-126-249.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 48b1cf48d77f365119fdb74e6e9ee8196c705a7190ee143ecd1e946049f13bcf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers strict-transport-security max-age=31536000 cache-control max-age=43200 content-encoding gzip etag W/"677a603a-203f" expires Wed, 08 Jan 2025 02:08:26 GMT date Tue, 07 Jan 2025 14:08:26 GMT content-type application/javascript last-modified Sun, 05 Jan 2025 10:34:34 GMT server nginx vary Accept-Encoding
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	63ms 23ms	Script text/javascript	2606:4700:10::6814:245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/head_site.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 36171 cf-ray 8fe48513be3aa040-FRA accept-ranges bytes content-length 4547 date Tue, 07 Jan 2025 14:08:26 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	o.js Show response js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/	291 KB 125 KB	984ms 488ms	Script text/plain	149.30.247.187 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/xc_site.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.187 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers X-Request-Id 0aad4777adfa5b442a1a3333066bbba0 Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Tue, 07 Jan 2025 14:38:26 GMT Date Tue, 07 Jan 2025 14:08:26 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H/1.1	200 OK	o.js Show response js.llpn8qi7kncc6r8sweqattlm.xyz/	291 KB 125 KB	992ms 489ms	Script text/plain	149.30.247.95 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Requested by Host: www.piandd.buzz URL: https://www.piandd.buzz/js/xc_site.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.95 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers X-Request-Id 7f04a67bbcc79c9162bdb1552062b64c Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Tue, 07 Jan 2025 14:38:26 GMT Date Tue, 07 Jan 2025 14:08:26 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H/1.1	200 OK	5154 Show response 7e848ea3acf56d81gg.3adtjg.com/sc/	10 KB 10 KB	905ms 262ms	Script text/javascript	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://7e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Requested by Host: mgmfdywz.pages.dev URL: https://mgmfdywz.pages.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash d4a5f8b3d7bed8421fab561c6bffb672c82d9f0c9718701915f752388e9d3881 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control max-age=1800 Pragma max-age=1800 Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Tue, 07 Jan 2025 14:08:26 GMT Content-Type text/javascript; charset=utf-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	50 B 184 B	286ms 93ms	Script text/html	142.4.219.198 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4916520&@f16&@g1&@h1&@i1&@j1736258906224&@k0&@l1&@m%E6%9C%A8%E7%93%9C%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1%E7%BD%91%E7%AB%99_%E6%89%8B%E6%9C%BA%E5%9C%A8%E7%BA%BF%E7%94%B5%E5%BD%B1-%E6%89%8B%E6%9C%BA%E9%AB%98%E6%B8%85%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%E7%9C%8B&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:1481925&@b3:1736258906&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fmgmfdywz.pages.dev%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.4.219.198 , Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns5000868.ip-142-4-219.net Software / Resource Hash e5164b823a2060fdba8b2ed31df184b2e919e53014824440f8a4a24f13f2efa5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers Content-Length 50 Date Tue, 07 Jan 2025 14:08:26 GMT Content-Type text/html;charset=UTF-8 Connection close
GET H/1.1	200 OK	5154 Show response 0722.9tjoj6.com/d/	1 KB 1 KB	696ms 210ms	XHR text/html	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://0722.9tjoj6.com:8005/d/5154?t=0.2317945717597818 Requested by Host: 7e848ea3acf56d81gg.3adtjg.com URL: https://7e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash c5e9a6497a04da423af201504da53277548ed2dcf5ea44c5f5a0a8dcd6af4328 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://mgmfdywz.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control no-cache, must-revalidate Pragma no-cache Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Tue, 07 Jan 2025 14:08:27 GMT Content-Type text/html; charset=UTF-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H3	200	c.js Show response fw.privateadx.com/	0 737 B	63ms 18ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fw.privateadx.com/c.js Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers cf-cache-status HIT etag "669e9c68-0" age 12761 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2BRRBTjVo%2BO8wK12g7lLag%2Fhvyf4IQd0CjrzcjR7sIh%2BCC7fPyNdUSAsLWJJzUwprFGIhj%2BFiQZjtfePbKIxJyRcocawx5RFOTPAZg2q92H55oBuVW6P77gJTHLuxkSJVZF5w%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 07 Jan 2025 22:35:46 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6544&min_rtt=6443&rtt_var=1437&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4046&recv_bytes=4321&delivery_rate=90476&cwnd=12000&unsent_bytes=0&cid=8b24f134b62f9880&ts=24&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 07 Jan 2025 14:08:27 GMT content-type application/javascript last-modified Mon, 22 Jul 2024 17:52:40 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8fe4851d1ec78fca-FRA accept-ranges bytes content-length 0 server cloudflare
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1059ms 545ms	Script application/json	149.30.247.187 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2Fmgmfdywz.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=32&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=1368&rid=2e4ca1763bcdc8f5e5647b72cf020dfe&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.187 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash bce651c031159dc12ec4c90c927b8b754b979e0f1b41e7640fbc649fd8e1dce9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers X-Request-Id f1d5dba87d57d9ae81f33dcbc4903ca6 Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Tue, 07 Jan 2025 14:08:28 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1034ms 533ms	Script application/json	149.30.247.187 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2Fmgmfdywz.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=32&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=1276&rid=01b51c807d99355f2e147158ba477820&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.llpn8qi7kncc6r8sweqattlm.xyz URL: https://js.llpn8qi7kncc6r8sweqattlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.30.247.187 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 94f9ed6dd76247853f8e9a0765a211298283e9cb6ae00e3eb221670fc354b9f1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers X-Request-Id 3d73a36abc133f56d37cfd99886c92a2 Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Tue, 07 Jan 2025 14:08:28 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H2	200	15150418823.txt Show response g.h1v3fa.com/2023/09/	139 KB 104 KB	1481ms 171ms	XHR text/plain	154.91.91.49 TERAEXCH
General Check archive.org Show headers Download Go to Full URL https://g.h1v3fa.com/2023/09/15150418823.txt Requested by Host: 7e848ea3acf56d81gg.3adtjg.com URL: https://7e848ea3acf56d81gg.3adtjg.com:8005/sc/5154?n=lzfrscdv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.91.91.49 , Seychelles, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash ccee8b36194317c1206fcab46ca145966747f852c5f3805654a8e4555c396ee9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers cache-control max-age=2592000 content-encoding br etag W/"650401f2-22a48" access-control-allow-methods GET, POST, OPTIONS expires Tue, 28 Jan 2025 17:21:35 GMT access-control-allow-origin * x-cache HIT date Tue, 07 Jan 2025 14:08:29 GMT content-type text/plain last-modified Fri, 15 Sep 2023 07:04:18 GMT server NgxFence access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET		5154 7e848ea3acf56d81gc.4egscv.com/d/	0 0
GET DATA	200 OK	truncated /	104 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 645b2935cd7492dbb014eea58a80804b21e6af459cfff395e0b8cd1e1ec2cb76 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	favicon.ico mgmfdywz.pages.dev/	8 KB 3 KB	41ms 40ms	Other text/html	2606:4700:310c::ac42:2f15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mgmfdywz.pages.dev/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2f15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd8968ab3102f2b21fc1c46bd2ce01de8b165d54300c675a10d083c6cb45c106 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mgmfdywz.pages.dev/ Response headers cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u15FZruq2WnL9BsfI%2B1XJodoxq%2F6tk9IlGBP32d%2Bc5M5%2BTFUqxUh7FPs4J4w2xP4CzCyoG1DjxZ%2BUUwqRgJIYeoUpb5%2BYsNopFaOKrS20NblJtjPWUgSj7Dt%2Fcy4jLBIguhRNLcit0gP2SGs%2FsIwIEI%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin cf-ray 8fe4852daa48d9d3-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6565&min_rtt=6309&rtt_var=692&sent=10&recv=15&lost=0&retrans=0&sent_bytes=7060&recv_bytes=2642&delivery_rate=781325&cwnd=256&unsent_bytes=0&cid=6d41448622d7e2fd&ts=5034&x=0" date Tue, 07 Jan 2025 14:08:30 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

7e848ea3acf56d81gc.4egscv.com

URL

https://7e848ea3acf56d81gc.4egscv.com:8005/d/5154?c=1&n=lzfrscdv

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _Hasync object| adbyunion number| lzfrscdv_is_kk function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues number| lzfrscdv_is_ws object| aanmc72i function| json_2e4ca1763bcdc8f5e5647b72cf020dfe function| json_01b51c807d99355f2e147158ba477820

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstCfa4916520 Value: 1736258906224
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstCla4916520 Value: 1736258906224
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstCmu4916520 Value: 1736258906224
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstPn4916520 Value: 1
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstPt4916520 Value: 1
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstCnv4916520 Value: 1
			mgmfdywz.pages.dev/	1970-01-21 11:03:14	Name: HstCns4916520 Value: 1
			mgmfdywz.pages.dev/	1969-12-31 23:59:59	Name: gg_iscookie Value: 1
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 02:21:58	Name: geo Value: %E5%BE%B7%E5%9B%BD%2F%2F
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 10:56:02	Name: oid Value: de630ba6-cd00-11ef-88f0-a0481cb92ec8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://mgmfdywz.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A020C7029C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://mgmfdywz.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0C6029C200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0722.9tjoj6.com
7e848ea3acf56d81gc.4egscv.com
7e848ea3acf56d81gg.3adtjg.com
fw.privateadx.com
g.h1v3fa.com
js.7oc9ak79i49u6cp4q9s8ttlm.xyz
js.krt3lt3j4tx0q3yhr0w8ttlm.xyz
js.llpn8qi7kncc6r8sweqattlm.xyz
mgmfdywz.pages.dev
s10.histats.com
s4.histats.com
www.piandd.buzz
7e848ea3acf56d81gc.4egscv.com
142.4.219.198
149.30.247.187
149.30.247.95
154.91.91.49
188.114.96.3
190.92.230.185
2606:4700:10::6814:245
2606:4700:310c::ac42:2f15
43.203.126.249
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
48b1cf48d77f365119fdb74e6e9ee8196c705a7190ee143ecd1e946049f13bcf
645b2935cd7492dbb014eea58a80804b21e6af459cfff395e0b8cd1e1ec2cb76
94f9ed6dd76247853f8e9a0765a211298283e9cb6ae00e3eb221670fc354b9f1
9de3680b38725daf954014442434ca938189cb08011d6f778a3c3ec9cc751026
9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164
bce651c031159dc12ec4c90c927b8b754b979e0f1b41e7640fbc649fd8e1dce9
c5e9a6497a04da423af201504da53277548ed2dcf5ea44c5f5a0a8dcd6af4328
ccee8b36194317c1206fcab46ca145966747f852c5f3805654a8e4555c396ee9
d4a5f8b3d7bed8421fab561c6bffb672c82d9f0c9718701915f752388e9d3881
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5164b823a2060fdba8b2ed31df184b2e919e53014824440f8a4a24f13f2efa5
fd8968ab3102f2b21fc1c46bd2ce01de8b165d54300c675a10d083c6cb45c106