91avw.pages.dev Open in urlscan Pro
188.114.96.3  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response 91avw.pages.dev/	9 KB 4 KB	83ms 50ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8389951fa07ec8b015258ecf5be07059ff66a362e34d1164c694565773021051 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 8f20bb2ab8aa9ff9-AMS content-encoding br content-type text/html; charset=utf-8 date Sat, 14 Dec 2024 19:51:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mwp8Puyybikc88UY%2FM5zhmJzrcbABK%2F9V3kITmlCDLoltoVjh6hNdE5LTAfbvenGQckgvAtEkK2GN3gzvkjualiQADvn%2B4TKed4fx7qtNq37WMD9UGrsdI8IrIrr6sf3G9U%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=11715&min_rtt=11630&rtt_var=2510&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4442&delivery_rate=50126&cwnd=12000&unsent_bytes=0&cid=63208c99c463f4fb&ts=58&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding x-content-type-options nosniff
GET H3	200	reset.min.css 91avw.pages.dev/	773 B 1 KB	201ms 201ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://91avw.pages.dev/reset.min.css Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers content-encoding br etag W/"8b6b2725239a55433f3d07570e3d45e8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HODt1YEpQB5q2X9xBFJu32OUBGxhmx%2B1v92VW3XGBeKFBJSnmtXGm8UCzOypB107sAd2Mtvl4i4cgYfa6nN53ymBgxRd85cPHIO6qQ1h8QMo%2FaTeox1A3MuSMZLQsUmSi0k%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11787&min_rtt=11630&rtt_var=1201&sent=27&recv=15&lost=0&retrans=0&sent_bytes=20431&recv_bytes=5564&delivery_rate=116435&cwnd=12000&unsent_bytes=0&cid=63208c99c463f4fb&ts=260&x=1", cfExtPri, cfHdrFlush;dur=3 date Sat, 14 Dec 2024 19:51:52 GMT content-type text/css; charset=utf-8 vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8f20bb2b19109ff9-AMS access-control-allow-origin * server cloudflare
GET H3	200	cf.js Show response so.zol.hk/	5 KB 3 KB	1284ms 539ms	Script application/javascript	104.21.80.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://so.zol.hk/cf.js Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6ddc5d72e56121f9c8fddb77d7dd85ed99c0550609963efd95054bfb56e0b5a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=43200 content-encoding gzip cf-cache-status DYNAMIC etag W/"675dc927-12e4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K723FTlhjdWjfODiVkKMhOwYJvkhBXw6uNN5nwK5Yc7RLXojfZUTrKh4H6yb3hyAvmKlAOiGldHtiYodFIpsUedoEHNAV%2ByBm5ZPj3f1ht6FsoaE%2BWK1Ew1Ruj0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f20bb2fbea5666a-AMS expires Sun, 15 Dec 2024 07:51:54 GMT alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/javascript last-modified Sat, 14 Dec 2024 18:06:31 GMT vary Accept-Encoding server cloudflare
GET H3	200	logo.png 91avw.pages.dev/	11 KB 12 KB	201ms 201ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://91avw.pages.dev/logo.png Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aeedd3aa2ea16b43f225f2dbe0d2d22c646ef4115f6f3ee7ebbaa3668cfd237d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers etag "09c4b19958969e18c733b12f4febbb35" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EJG5myqG3nhKGH5ZSr4HSDatpHT0JQuSKN6oGSDOtN9PoGacgPDzLAQ1UVJDqfjNQDJKzesUDedQ4PAdz4OQzELMNq%2BlHTbG5tX4aVpvsRPPgsnp8934%2BsPO04ge6Eu8O4%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11787&min_rtt=11630&rtt_var=1201&sent=27&recv=15&lost=0&retrans=0&sent_bytes=20431&recv_bytes=5564&delivery_rate=116435&cwnd=12000&unsent_bytes=0&cid=63208c99c463f4fb&ts=253&x=1", cfExtPri, cfHdrFlush;dur=10 date Sat, 14 Dec 2024 19:51:52 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8f20bb2b191d9ff9-AMS access-control-allow-origin * content-length 11753 server cloudflare
GET H3	200	bg.png 91avw.pages.dev/	18 KB 19 KB	189ms 189ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://91avw.pages.dev/bg.png Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1637a536fdd8337060cdd7af8bed1029acfd24ffea71145eed7db23a640c0a35 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers etag "8bf145f8792306b42478739f3a5ada83" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylgnhrcOkkPeDN%2BrWb4YJyOseHLYpf806mqHFWKoIgdtvKIK8sVg%2Bq0k9ZtSD7KKULjg3Cl9EeDC0THMYX%2FLQ2wJ20omuW3JatuNnlSqRBu01KQifhBkoZx2p6tclda%2FqGA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11787&min_rtt=11630&rtt_var=1201&sent=17&recv=15&lost=0&retrans=0&sent_bytes=8431&recv_bytes=5564&delivery_rate=116435&cwnd=12000&unsent_bytes=0&cid=63208c99c463f4fb&ts=251&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 14 Dec 2024 19:51:52 GMT content-type image/png vary Accept-Encoding priority u=2,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8f20bb2b191e9ff9-AMS access-control-allow-origin * content-length 18601 server cloudflare
GET H3	200	cf-qr.js Show response so.zol.hk/	2 KB 1 KB	1058ms 518ms	Script application/javascript	104.21.80.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://so.zol.hk/cf-qr.js Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3e95b3f818b9841785fb5c5f132b8662f9cf3f82315f15d80bf6f7855b084b1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=43200 content-encoding gzip cf-cache-status DYNAMIC etag W/"675dcb62-7ed" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPss6XVf9TTkBGbf%2BuXonblsMWu05ArdNyQwAbtEIwryrANYWBrCdUm03i1NUtCM5v5BTXtCmbVIXbfQ2D95g3DnhVRn7AB1pNs6JWDBkUMstPONoixWObtLOcI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f20bb2fbea6666a-AMS expires Sun, 15 Dec 2024 07:51:53 GMT alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/javascript last-modified Sat, 14 Dec 2024 18:16:02 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	2407 Show response 147144ac93ba44ecbgg.3adtjg.com/sc/	10 KB 10 KB	1624ms 381ms	Script text/javascript	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://147144ac93ba44ecbgg.3adtjg.com:8005/sc/2407?n=rsunpveh Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash 988b35d03413c551e884e900ff4ed2213068dc6dd997ea40d7f63622d24619cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control max-age=1800 Pragma max-age=1800 Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Sat, 14 Dec 2024 19:51:55 GMT Content-Type text/javascript; charset=utf-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H/1.1	200 OK	o.js Show response js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/	291 KB 125 KB	1373ms 567ms	Script text/plain	154.197.26.179 SONDERCLOUDLIMITE...
General Check archive.org Show headers Download Go to Full URL https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Requested by Host: so.zol.hk URL: https://so.zol.hk/cf-qr.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.197.26.179 Santo Domingo Este, Dominican Republic, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers X-Request-Id b1f707e9f9d70d550a2f849f99adea8e Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Sat, 14 Dec 2024 20:21:55 GMT Date Sat, 14 Dec 2024 19:51:55 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H3	200	o.js Show response www.xiaomalmjs.com/	306 KB 125 KB	91ms 27ms	Script text/plain	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xiaomalmjs.com/o.js Requested by Host: so.zol.hk URL: https://so.zol.hk/cf-qr.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5dafae600c38c7ec0aff875a3989f3f53802a74ca08063296a0b20c02c34684 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers content-encoding zstd cf-cache-status HIT age 2593 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9R%2BxB8j7SBte4n8Sorp13X5qkkjAd0ztIsEZq4nf1dPH0MPchKzb%2B8UyIqsn2fNPPSE9wu8iOKDWigDlleJVvCqSBH%2FY%2BOMtKr%2BJLH4Aa97AaFIwFW1u1gtRcsIUGptazp92teg%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET,PUT, DELETE, UPDATE alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 19:51:54 GMT content-type text/plain; charset=utf-8 vary Accept-Encoding last-modified Sat, 14 Dec 2024 19:08:41 GMT access-control-allow-headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 8f20bb33895dfffd-AMS access-control-allow-origin server cloudflare
GET H/1.1	200 OK	o.js Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	291 KB 125 KB	2099ms 629ms	Script text/plain	202.61.87.37 COMING-AS ABCDE G...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/o.js Requested by Host: so.zol.hk URL: https://so.zol.hk/cf-qr.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.61.87.37 , Hong Kong, ASN133201 (COMING-AS ABCDE GROUP, HK), Reverse DNS Software nginx / Resource Hash 9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers X-Request-Id e4d33183f522ecaca5831fc9cb047757 Content-Encoding gzip Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Expires Sat, 14 Dec 2024 20:21:55 GMT Date Sat, 14 Dec 2024 19:51:55 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Cache-Control max-age=1800 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin cache-status HIT Server nginx
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	97ms 24ms	Script text/javascript	104.20.3.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: so.zol.hk URL: https://so.zol.hk/cf-qr.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.3.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 36552 cf-ray 8f20bb3399dcf5eb-AMS accept-ranges bytes content-length 4547 date Sat, 14 Dec 2024 19:51:54 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H3	200	footer.png 91avw.pages.dev/	12 KB 12 KB	163ms 163ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://91avw.pages.dev/footer.png Requested by Host: 91avw.pages.dev URL: https://91avw.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d314f1d6a3be7638c32776627cbe65136cb94e4410ebc623249581009bb8814e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers etag "c5ea7b44bde398eff842675a13ff60ea" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=861aBJ82q5eUMmoNreh9hIrciXr9dpgpgV0j4VhCNH08isnQ%2B7U9fylHLRehDhhn0lS4xJGxkTfBRxZVh%2FlpV%2FKVTleR4d88GAs6HsBVlmb8WdPUY34C%2FxvPBfrG3quscXw%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12132&min_rtt=11630&rtt_var=322&sent=47&recv=31&lost=0&retrans=0&sent_bytes=42034&recv_bytes=6546&delivery_rate=1852987&cwnd=24000&unsent_bytes=0&cid=63208c99c463f4fb&ts=1513&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 14 Dec 2024 19:51:54 GMT content-type image/png vary Accept-Encoding priority u=3,i cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin cf-ray 8f20bb332b8e9ff9-AMS access-control-allow-origin * content-length 12010 server cloudflare
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	379 B 514 B	412ms 192ms	Script text/html	54.39.128.162 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4916252&@f16&@g1&@h1&@i1&@j1734205914203&@k0&@l1&@m91%E7%BD%91%E5%AE%98%E6%96%B9%E6%AD%A3%E7%89%88%E7%BD%91%E5%9D%80_%E6%9C%80%E6%96%B0%E5%85%8D%E8%B4%B9%E5%BD%B1%E8%A7%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_91%E7%BD%91%E5%AE%98%E6%96%B9%E6%AD%A3%E7%89%88%E7%BD%91%E5%9D%80%E7%94%B5%E5%BD%B1%E9%99%A2&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:30849503&@b3:1734205914&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2F91avw.pages.dev%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.128.162 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns562109.ip-54-39-128.net Software / Resource Hash bcab4d2ba916aa9df9fced86510ae8605b38a4b9b25f56b96d1deb2c37222adf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers Content-Length 379 Date Sat, 14 Dec 2024 19:51:31 GMT Content-Type text/html;charset=UTF-8 Connection close
GET H3	200	c.js Show response fw.privateadx.com/	0 733 B	199ms 27ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fw.privateadx.com/c.js Requested by Host: www.xiaomalmjs.com URL: https://www.xiaomalmjs.com/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cf-cache-status HIT etag "669e9c68-0" age 9777 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keeerhw9Ws6QkF4xuJpZw12XUhUxL1bH%2Fli%2B4KfQMmPqamYlDr1WeoMAm%2BvjIiECl2aIcU1NUrmHZtdgz9qZHUscP4sWWAqcUbTjJNgn2NGEvGhFLDEy5NZHyCVr3WCvygKthg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 15 Dec 2024 05:08:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12036&min_rtt=11710&rtt_var=2747&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4047&recv_bytes=4321&delivery_rate=49785&cwnd=12000&unsent_bytes=0&cid=bfd5e35b040eb877&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/javascript last-modified Mon, 22 Jul 2024 17:52:40 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f20bb353b74b89a-AMS accept-ranges bytes content-length 0 server cloudflare
GET H3	200	bid Show response www.xiaomalmjs.com/	349 B 883 B	229ms 229ms	Script application/json	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xiaomalmjs.com/bid?url=https%3A%2F%2F91avw.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=22&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=10055&rid=5be1cc1773f02c14e2c7b53a3524e9b2&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: www.xiaomalmjs.com URL: https://www.xiaomalmjs.com/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f7e7ad7d47229050e765550451accbf49db0a540c2923b15ad49d1c02ebf27b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8OeKPcihcFFUTihJxz6smBJglMyevNnwrAub1%2FohAv%2B3WRYQthwuocogiBEzcJ2MQBBdK0VNegI7k9uEQqD%2FlTLZ%2BDM6FQj65ZA3AmbBL8%2FR6TydqBYqfAcjp%2B3HRdvy8v2bLTk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET,PUT, DELETE, UPDATE access-control-allow-credentials true cf-ray 8f20bb34e966fffd-AMS access-control-allow-origin alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/json server cloudflare access-control-allow-headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H3	200	bid Show response www.xiaomalmjs.com/	349 B 884 B	232ms 232ms	Script application/json	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xiaomalmjs.com/bid?url=https%3A%2F%2F91avw.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=22&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=10059&rid=eb05d1e7c9bb0b984a390d08c85e5b85&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: www.xiaomalmjs.com URL: https://www.xiaomalmjs.com/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 791dcc9eab0721cd04ed7c3cf0791648df6291f23852a053c7fcfe003e4a5aa8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfuTRuBNoDy9tvE93SmRzw2Q%2Fs3W8G%2FAn1CXqFgGIYz%2B81JS8D9tXmxgO2TkYV%2FyfViEM%2BAj7OrKZUZvxuhbdhw9sM%2B3CaFmn%2B8vuyWrMNmEQEV9p9CV1hNke24TPp9r6wHyucs%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET,PUT, DELETE, UPDATE access-control-allow-credentials true cf-ray 8f20bb34e967fffd-AMS access-control-allow-origin alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/json server cloudflare access-control-allow-headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H2	200	/ Show response e.dtscout.com/e/	2 KB 2 KB	289ms 227ms	Script application/javascript	141.101.120.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F91avw.pages.dev%2F&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4916252&@f16&@g1&@h1&@i1&@j1734205914203&@k0&@l1&@m91%E7%BD%91%E5%AE%98%E6%96%B9%E6%AD%A3%E7%89%88%E7%BD%91%E5%9D%80_%E6%9C%80%E6%96%B0%E5%85%8D%E8%B4%B9%E5%BD%B1%E8%A7%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_91%E7%BD%91%E5%AE%98%E6%96%B9%E6%AD%A3%E7%89%88%E7%BD%91%E5%9D%80%E7%94%B5%E5%BD%B1%E9%99%A2&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:30849503&@b3:1734205914&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2F91avw.pages.dev%2F&@w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cache-control no-cache nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVN7sCg3EEdu2iptpbBxu8ggZ7ouPSaZHsieMen0q%2F5uy3q5bt0ZesoXbmE8OWMkNhdwZGaEs53b5SGcIJFO1vT8I1ttXvBuMVT4jzK5RSzWrqOeW5HCXeXjxTQnQnc%3D"}],"group":"cf-nel","max_age":604800} x-t 0.259 cf-ray 8f20bb36dff071d1-FRA expires Sat, 14 Dec 2024 19:51:53 GMT server-timing cfL4;desc="?proto=TCP&rtt=6983&min_rtt=6414&rtt_var=1818&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2297&delivery_rate=670888&cwnd=50&unsent_bytes=0&cid=af50fc1d1b98261e&ts=241&x=0" date Sat, 14 Dec 2024 19:51:54 GMT content-type application/javascript x-s mtl3 server cloudflare
GET H2	200	/ Show response t.dtscout.com/pv/	51 B 531 B	223ms 214ms	Script application/javascript	141.101.120.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=91avw.pages.dev&_ss=79v7f78wdn&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nl&_pl=d&_cbid=4rcz&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F91avw.pages.dev%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7bc16ae568bdafb839e424694fd47ca3ca3a22f8da19657abdd9b9e767e3d1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers x-c 0 cache-control no-cache content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZBd7iQvNgGxp0bNnXcBd6icBv6dPCPNHIjI6gB2kb2dJiCnycCmFRkmQP90U62X200sAALqmRUhTCAtCNyVrRkhTaIbRlhlGmCOsbIRguBFb0wDltYapgVGbgtbLBE%3D"}],"group":"cf-nel","max_age":604800} x-t 0.132 cf-ray 8f20bb3869a171d1-FRA expires Sat, 14 Dec 2024 19:51:54 GMT server-timing cfL4;desc="?proto=TCP&rtt=11392&min_rtt=6406&rtt_var=10078&sent=11&recv=12&lost=0&retrans=0&sent_bytes=5937&recv_bytes=2453&delivery_rate=670888&cwnd=53&unsent_bytes=0&cid=af50fc1d1b98261e&ts=478&x=0" date Sat, 14 Dec 2024 19:51:55 GMT content-type application/javascript server cloudflare
GET H/1.1	200 OK	2407 Show response 1503.9tjoj6.com/d/	1 KB 1 KB	907ms 436ms	XHR text/html	190.92.230.185 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://1503.9tjoj6.com:8005/d/2407?t=0.6130092428074541 Requested by Host: 147144ac93ba44ecbgg.3adtjg.com URL: https://147144ac93ba44ecbgg.3adtjg.com:8005/sc/2407?n=rsunpveh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.92.230.185 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-190-92-230-185.compute.hwclouds-dns.com Software nginx/1.18.0 / PHP/5.6.31 Resource Hash ea8df94ccd93293a0cfab03fef83788b53fafee32d36a1cb2010266d33ab8f5c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://91avw.pages.dev/ Response headers Transfer-Encoding chunked Cache-Control no-cache, must-revalidate Pragma no-cache Connection keep-alive Access-Control-Allow-Origin * P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date Sat, 14 Dec 2024 19:51:56 GMT Content-Type text/html; charset=UTF-8 X-Powered-By PHP/5.6.31 Server nginx/1.18.0
GET H3	200	c.js Show response fw.privateadx.com/	0 0	0ms 0ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fw.privateadx.com/c.js Requested by Host: js.krt3lt3j4tx0q3yhr0w8ttlm.xyz URL: https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cf-cache-status HIT etag "669e9c68-0" age 9777 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keeerhw9Ws6QkF4xuJpZw12XUhUxL1bH%2Fli%2B4KfQMmPqamYlDr1WeoMAm%2BvjIiECl2aIcU1NUrmHZtdgz9qZHUscP4sWWAqcUbTjJNgn2NGEvGhFLDEy5NZHyCVr3WCvygKthg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 15 Dec 2024 05:08:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12036&min_rtt=11710&rtt_var=2747&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4047&recv_bytes=4321&delivery_rate=49785&cwnd=12000&unsent_bytes=0&cid=bfd5e35b040eb877&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 14 Dec 2024 19:51:54 GMT content-type application/javascript last-modified Mon, 22 Jul 2024 17:52:40 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f20bb353b74b89a-AMS accept-ranges bytes content-length 0 server cloudflare
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1158ms 724ms	Script application/json	202.61.87.37 COMING-AS ABCDE G...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2F91avw.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=22&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=344&rid=0f103545643fccc2f9d629321ec77257&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.krt3lt3j4tx0q3yhr0w8ttlm.xyz URL: https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.61.87.37 , Hong Kong, ASN133201 (COMING-AS ABCDE GROUP, HK), Reverse DNS Software nginx / Resource Hash 2bc69b79846bbfbd105862b7a770fe24a4b44f26889a7a7d8a09063d87792f0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers X-Request-Id 4a841ce88272d631dd8db708cf56d951 Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Sat, 14 Dec 2024 19:51:57 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1174ms 740ms	Script application/json	202.61.87.37 COMING-AS ABCDE G...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2F91avw.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=22&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=343&rid=025eedd33b0792f366c35999e43a806f&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.krt3lt3j4tx0q3yhr0w8ttlm.xyz URL: https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.61.87.37 , Hong Kong, ASN133201 (COMING-AS ABCDE GROUP, HK), Reverse DNS Software nginx / Resource Hash d839d9898a4cc67fd5f4064631086b4fb4468ea172a0713c2aa014090201bf4d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers X-Request-Id ef17109198398aebf6dd3b3703e482fe Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Sat, 14 Dec 2024 19:51:57 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET H/1.1	200 OK	bid Show response js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	349 B 1 KB	1172ms 728ms	Script application/json	202.61.87.37 COMING-AS ABCDE G...
General Check archive.org Show headers Download Go to Full URL https://js.7oc9ak79i49u6cp4q9s8ttlm.xyz/bid?url=https%3A%2F%2F91avw.pages.dev%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-60&ws=1600x1200&gdm=8&iw=0&cpn=22&fid=b3248c41dac5521d83c9bc12e7c5cf9f&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=1339&rid=e14f180982da5401592dfdfa0dd420ba&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn= Requested by Host: js.krt3lt3j4tx0q3yhr0w8ttlm.xyz URL: https://js.krt3lt3j4tx0q3yhr0w8ttlm.xyz/o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.61.87.37 , Hong Kong, ASN133201 (COMING-AS ABCDE GROUP, HK), Reverse DNS Software nginx / Resource Hash 9147f7ca16dc1a86f9e1db690c740503d361f84965d58f6ac48e59f24dec8091 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers X-Request-Id 01818224d3c876545e90556d0de70a2e Cache-Control no-cache Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods POST, GET,PUT, DELETE, UPDATE Access-Control-Allow-Origin X-Cache MISS Content-Length 349 Date Sat, 14 Dec 2024 19:51:57 GMT Content-Type application/json Server nginx Access-Control-Allow-Headers Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
GET		2407 147144ac93ba44ecbgc.4egscv.com/d/	0 0
GET H2	200	24164030517.txt Show response g.h1v3fa.com/2023/09/	265 KB 199 KB	968ms 314ms	XHR text/plain	154.91.91.32 TERAEXCH
General Check archive.org Show headers Download Go to Full URL https://g.h1v3fa.com/2023/09/24164030517.txt Requested by Host: 147144ac93ba44ecbgg.3adtjg.com URL: https://147144ac93ba44ecbgg.3adtjg.com:8005/sc/2407?n=rsunpveh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.91.91.32 , Seychelles, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash 3465b9ca6265ccf3f0120297d0d901b84bc2a646f42d8d717b555f3ddd9640ab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cache-control max-age=2592000 content-encoding br etag W/"650ff5fe-4254c" access-control-allow-methods GET, POST, OPTIONS expires Tue, 24 Dec 2024 17:56:21 GMT access-control-allow-origin * x-cache HIT date Sat, 14 Dec 2024 19:51:57 GMT content-type text/plain last-modified Sun, 24 Sep 2023 08:40:30 GMT server NgxFence access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H3	200	favicon.ico 91avw.pages.dev/	9 KB 4 KB	48ms 48ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://91avw.pages.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8389951fa07ec8b015258ecf5be07059ff66a362e34d1164c694565773021051 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://91avw.pages.dev/ Response headers cache-control public, max-age=0, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnrh7d1Ca5%2F%2BwkuPD6CpxO6lulJsBrykcotBLHgUhdV5BW8iYjkT9VmZCwvXI9GvuAAVjF3DAEm7%2FXamNVe0%2F46Plp6zq7BAF2hdnD2sIP3MP5M2%2FK3wqrtvQ5YUAM3%2BlKA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin cf-ray 8f20bb484c549ff9-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11981&min_rtt=11589&rtt_var=447&sent=59&recv=38&lost=0&retrans=0&sent_bytes=55027&recv_bytes=7276&delivery_rate=80489&cwnd=24000&unsent_bytes=0&cid=63208c99c463f4fb&ts=4781&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 14 Dec 2024 19:51:57 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server cloudflare priority u=1,i
GET DATA	200 OK	truncated /	199 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3384ec4785eecb82ba30057fbe6fca23539ea8f60608d4c3072ed5ff1a121e4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

147144ac93ba44ecbgc.4egscv.com

URL

https://147144ac93ba44ecbgc.4egscv.com:8005/d/2407?c=1&n=rsunpveh

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| rsunpveh_is_kk object| _Hasync object| adbyunion function| chfh function| chfh2 string| _HST_cntval object| Histats function| json_5be1cc1773f02c14e2c7b53a3524e9b2 function| json_eb05d1e7c9bb0b984a390d08c85e5b85 object| _HistatsCounterGraphics_0_setValues object| _dtspv number| rsunpveh_is_ws object| wnydq7dus9 function| json_0f103545643fccc2f9d629321ec77257 function| json_025eedd33b0792f366c35999e43a806f function| json_e14f180982da5401592dfdfa0dd420ba

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstCfa4916252 Value: 1734205914203
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstCla4916252 Value: 1734205914203
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstCmu4916252 Value: 1734205914203
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstPn4916252 Value: 1
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstPt4916252 Value: 1
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstCnv4916252 Value: 1
			91avw.pages.dev/	1970-01-21 10:29:01	Name: HstCns4916252 Value: 1
			www.xiaomalmjs.com/	1970-01-21 01:47:45	Name: geo Value: %E5%8D%B0%E5%BA%A6%2F%2F%E5%85%B6%E4%BB%96
			www.xiaomalmjs.com/	1970-01-21 10:21:49	Name: oid Value: de8295e2-ba54-11ef-82ca-008cfa1c70a0
			.dtscout.com/	1970-01-21 01:43:30	Name: m Value: 1
			.dtscout.com/	1970-01-21 04:07:25	Name: df Value: 1734205914
			91avw.pages.dev/	1969-12-31 23:59:59	Name: gg_iscookie Value: 1
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 01:47:45	Name: geo Value: %E5%8D%B0%E5%BA%A6%2F%2F
			js.7oc9ak79i49u6cp4q9s8ttlm.xyz/	1970-01-21 10:21:49	Name: oid Value: dffdf9ff-ba54-11ef-88f0-a0481cb92ec8

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://91avw.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0804F14B4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://91avw.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0406D00B4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://91avw.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0F200B4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://91avw.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A020F300B4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://91avw.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00B4330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

147144ac93ba44ecbgc.4egscv.com
147144ac93ba44ecbgg.3adtjg.com
1503.9tjoj6.com
91avw.pages.dev
e.dtscout.com
fw.privateadx.com
g.h1v3fa.com
js.7oc9ak79i49u6cp4q9s8ttlm.xyz
js.krt3lt3j4tx0q3yhr0w8ttlm.xyz
s10.histats.com
s4.histats.com
so.zol.hk
t.dtscout.com
www.xiaomalmjs.com
147144ac93ba44ecbgc.4egscv.com
104.20.3.69
104.21.16.1
104.21.80.1
141.101.120.10
154.197.26.179
154.91.91.32
188.114.96.3
190.92.230.185
202.61.87.37
54.39.128.162
0f7e7ad7d47229050e765550451accbf49db0a540c2923b15ad49d1c02ebf27b
1637a536fdd8337060cdd7af8bed1029acfd24ffea71145eed7db23a640c0a35
2bc69b79846bbfbd105862b7a770fe24a4b44f26889a7a7d8a09063d87792f0d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3465b9ca6265ccf3f0120297d0d901b84bc2a646f42d8d717b555f3ddd9640ab
791dcc9eab0721cd04ed7c3cf0791648df6291f23852a053c7fcfe003e4a5aa8
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8389951fa07ec8b015258ecf5be07059ff66a362e34d1164c694565773021051
9147f7ca16dc1a86f9e1db690c740503d361f84965d58f6ac48e59f24dec8091
9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316
988b35d03413c551e884e900ff4ed2213068dc6dd997ea40d7f63622d24619cf
9de7c13b6342483d5a38c7b891d559df133de830fe56c028513c0fa6752a7164
aeedd3aa2ea16b43f225f2dbe0d2d22c646ef4115f6f3ee7ebbaa3668cfd237d
bcab4d2ba916aa9df9fced86510ae8605b38a4b9b25f56b96d1deb2c37222adf
d314f1d6a3be7638c32776627cbe65136cb94e4410ebc623249581009bb8814e
d3e95b3f818b9841785fb5c5f132b8662f9cf3f82315f15d80bf6f7855b084b1
d839d9898a4cc67fd5f4064631086b4fb4468ea172a0713c2aa014090201bf4d
db7bc16ae568bdafb839e424694fd47ca3ca3a22f8da19657abdd9b9e767e3d1
e3384ec4785eecb82ba30057fbe6fca23539ea8f60608d4c3072ed5ff1a121e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dafae600c38c7ec0aff875a3989f3f53802a74ca08063296a0b20c02c34684
e6ddc5d72e56121f9c8fddb77d7dd85ed99c0550609963efd95054bfb56e0b5a
ea8df94ccd93293a0cfab03fef83788b53fafee32d36a1cb2010266d33ab8f5c