urlscan.io logo urlscan.io
SecurityTrails logo

meglaton.xyz Open in urlscan Pro
137.184.243.245  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://br.ke/Paul-Biya-cadeau-d'anniversaire
Effective URL: https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Submission: On November 14 via manual from CM — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 15 domains to perform 20 HTTP transactions. The main IP is 137.184.243.245, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is meglaton.xyz.
TLS certificate: Issued by R3 on October 19th 2023. Valid for: 3 months.
This is the only time meglaton.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.10.48.89 19318 (IS-AS-1)
2 66.45.232.107 19318 (IS-AS-1)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.19.88.69 16276 (OVH)
1 3 146.75.120.193 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a04:4e42::649 54113 (FASTLY)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a01:4f8:161:... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 137.184.243.245 14061 (DIGITALOC...)
20 10
1    69.10.48.89 (Spring Lake, United States)

ASN19318 (IS-AS-1, US)
PTR: krakatau.induk.net
br.ke
2    66.45.232.107 (United States)

ASN19318 (IS-AS-1, US)
PTR: webhosting2044.is.cc
mh.giveout.buzz
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.19.88.69 (France)

ASN16276 (OVH, FR)
PTR: ns3221384.ip-162-19-88.eu
i.postimg.cc
3    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
blogger.googleusercontent.com
1    2a02:26f0:480:e::210:f109 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
imagizer.imageshack.com
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
1    2a01:4f8:161:6222::2 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
sape.ngumaz.com
2    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
raha.muusha.xyz
1    2606:4700:3036::ac43:bde2 (United States)

ASN13335 (CLOUDFLARENET, US)
flashrdr.org
1    2606:4700:3036::ac43:ce0e (United States)

ASN13335 (CLOUDFLARENET, US)
traffic-metacpa.com
3    137.184.243.245 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
meglaton.xyz
Apex Domain
Subdomains		 Transfer
3 meglaton.xyz
meglaton.xyz
319 KB
3 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11116
195 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7022
2 KB
2 muusha.xyz
raha.muusha.xyz
4 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
63 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
2 giveout.buzz
mh.giveout.buzz
9 KB
1 traffic-metacpa.com
traffic-metacpa.com
479 B
1 flashrdr.org
flashrdr.org
1 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12682
23 KB
1 ngumaz.com
sape.ngumaz.com
273 B
1 supercounters.com
widget.supercounters.com — Cisco Umbrella Rank: 103414
2 KB
1 imageshack.com
imagizer.imageshack.com — Cisco Umbrella Rank: 77234
113 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18725
165 KB
1 br.ke
br.ke
637 B
20 15
Domain Requested by
3 meglaton.xyz raha.muusha.xyz
meglaton.xyz
3 1.bp.blogspot.com mh.giveout.buzz
3 i.imgur.com 1 redirects mh.giveout.buzz
2 raha.muusha.xyz mh.giveout.buzz
raha.muusha.xyz
2 code.jquery.com mh.giveout.buzz
meglaton.xyz
2 fonts.googleapis.com mh.giveout.buzz
2 mh.giveout.buzz mh.giveout.buzz
1 traffic-metacpa.com 1 redirects
1 flashrdr.org 1 redirects
1 blogger.googleusercontent.com raha.muusha.xyz
1 sape.ngumaz.com 1 redirects
1 widget.supercounters.com mh.giveout.buzz
1 imagizer.imageshack.com mh.giveout.buzz
1 i.postimg.cc mh.giveout.buzz
1 br.ke 1 redirects
20 15

This site contains no links.

Subject Issuer Validity Valid
mh.giveout.buzz
cPanel, Inc. Certification Authority		 2023-11-07 -
2024-02-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
postimg.cc
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
imagizer.imageshack.com
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
supercounters.com
GTS CA 1P5		 2023-10-15 -
2024-01-13		 3 months crt.sh
raha.muusha.xyz
GTS CA 1D4		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
meglaton.xyz
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Frame ID: 941688CBF0DE8605B4C6B990FB34077B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Win iphone Prize | meglaton.xyz

Page URL History Show full URLs

  1. https://br.ke/Paul-Biya-cadeau-d'anniversaire HTTP 301
    https://mh.giveout.buzz/ Page URL
  2. https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
    https://raha.muusha.xyz/ Page URL
  3. https://flashrdr.org/cl/3a30bf55ace240d7?p1=&p2=&source=&site= HTTP 302
    https://traffic-metacpa.com/trclck?hash=753&pid=1034&aid=22779&keyword=5162604149&keyword3=134714 HTTP 302
    https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

64 %
IPv6

15
Domains

15
Subdomains

10
IPs

3
Countries

895 kB
Transfer

1038 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://br.ke/Paul-Biya-cadeau-d'anniversaire HTTP 301
    https://mh.giveout.buzz/ Page URL
  2. https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
    https://raha.muusha.xyz/ Page URL
  3. https://flashrdr.org/cl/3a30bf55ace240d7?p1=&p2=&source=&site= HTTP 302
    https://traffic-metacpa.com/trclck?hash=753&pid=1034&aid=22779&keyword=5162604149&keyword3=134714 HTTP 302
    https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://br.ke/Paul-Biya-cadeau-d'anniversaire HTTP 301
  • https://mh.giveout.buzz/
Request Chain 6
  • https://i.imgur.com/0UHB1f0.png HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 13
  • https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
  • https://raha.muusha.xyz/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mh.giveout.buzz/
Redirect Chain
  • https://br.ke/Paul-Biya-cadeau-d'anniversaire
  • https://mh.giveout.buzz/
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.45.232.107 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
webhosting2044.is.cc
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
8401
content-type
text/html
date
Tue, 14 Nov 2023 05:44:00 GMT
last-modified
Thu, 09 Nov 2023 21:19:52 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 05:43:55 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://mh.giveout.buzz/
Pragma
no-cache
Server
Apache
sa20gb3.js
mh.giveout.buzz/ 		170 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mh.giveout.buzz/sa20gb3.js
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.45.232.107 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
webhosting2044.is.cc
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
last-modified
Thu, 09 Nov 2023 23:34:42 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
170
expires
Tue, 21 Nov 2023 05:44:00 GMT
css2
fonts.googleapis.com/ 		2 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 04:12:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 05:44:00 GMT
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
382 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 14 Nov 2023 05:44:00 GMT
by.jpg
i.postimg.cc/ZKMzcGdJ/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/ZKMzcGdJ/by.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
last-modified
Thu, 09 Nov 2023 20:17:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
168877
expires
Thu, 31 Dec 2037 23:55:55 GMT
xp1ER6K.jpg
i.imgur.com/ 		704 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/xp1ER6K.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
21761944
x-cache
HIT, HIT
content-length
704
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-eddf8230095-FRA
last-modified
Sun, 24 Apr 2022 02:31:32 GMT
server
cat factory 1.0
x-timer
S1699940641.749582,VS0,VE0
etag
"4ea681c0204fc3156ff7b73272ee4aa7"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1477, 6
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/0UHB1f0.png
  • https://i.imgur.com/removed.png
503 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1178611
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230095-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1699940641.772405,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 213745

Redirect headers

x-cache-hits
0, 1
date
Tue, 14 Nov 2023 05:44:00 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
389
x-timer
S1699940641.758594,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kcgs7200178-IAD, cache-fra-eddf8230095-FRA
ettte.jpg
1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:16:23 GMT
x-content-type-options
nosniff
age
1657
content-disposition
inline;filename="ettte.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35100
x-xss-protection
0
server
fife
etag
"v771"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Nov 2023 05:16:23 GMT
twwr.jpg
1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/twwr.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:12:37 GMT
x-content-type-options
nosniff
age
9083
content-disposition
inline;filename="twwr.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9006
x-xss-protection
0
server
fife
etag
"v775"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Nov 2023 03:12:37 GMT
FB_IMG_15869726679037399.jpg
1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/FB_IMG_15869726679037399.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:58:30 GMT
x-content-type-options
nosniff
age
6330
content-disposition
inline;filename="FB_IMG_15869726679037399.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154558
x-xss-protection
0
server
fife
etag
"va8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Nov 2023 03:58:30 GMT
jGUvgw.jpg
imagizer.imageshack.com/img923/8602/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img923/8602/jGUvgw.jpg
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.2.8 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ops
{"quality":60}
x-varnish-ip
38.99.77.70
date
Tue, 14 Nov 2023 05:44:01 GMT
akamai-cache-status
Hit from child
xkey
imageshack.imagizer.com
x-varnish-port
17001
x-original-filesize
212346
x-original-quality
87
x-original-response-code
200
x-webp
true
content-length
114366
server
nginx/1.2.8
x-origin-fetch-time
276
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS, GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/webp
x-imagizer-host
imageshack.imagizer.com
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
cache-control
public, max-age=2075145
access-control-allow-credentials
true, true, true
x-varnish
1276405372 1175374121
x-original-resolution
1079x1060
accept-ranges
bytes
x-varnish-hits
4043
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-cache-hits
0
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3020433
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-fra-eddf8230105-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699940641.866522,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
71, 259454
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.supercounters.com/ssl/online_i.js
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mh.giveout.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Mar 2022 11:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4704
etag
W/"6220aa82-10a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9D2j9KFCMHPNbVMRbreudqQLs4zguAnIdMexztbpwOthJ4uXbRKxXYjo9mLGcw8vny03LeSvmq41rqKeOoTsk%2BdJX%2BON%2Bs2luYmTe0OjipzCQOgj4NnYpw9aqj3drdhWaOoXhKfcj4lNGcQICNo9u%2Bnh4kW3Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=300
cf-ray
825cf0adc8c99c04-FRA
alt-svc
h3=":443"; ma=86400
/
raha.muusha.xyz/
Redirect Chain
  • https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw=
  • https://raha.muusha.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://raha.muusha.xyz/
Requested by
Host: mh.giveout.buzz
URL: https://mh.giveout.buzz/sa20gb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mh.giveout.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
1341
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 05:44:01 GMT
etag
W/"cf1a4e8eb0da2c04f00a8d7065a4f536708119eab2b2e757dd46bef253a4d8c6"
expires
Tue, 14 Nov 2023 05:44:01 GMT
last-modified
Thu, 14 Sep 2023 09:39:12 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
0
date
Tue, 14 Nov 2023 05:44:01 GMT
location
https://raha.muusha.xyz/
server
nginx
x-robots-tag
noindex, nofollow
ccs.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6... 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6Q07usP0Kw3sj1sH9mvR54I-V6j53jtRNkwGEk6s_lA/s16000/ccs.gif
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://raha.muusha.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v57a"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ccs.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23041
x-xss-protection
0
expires
Wed, 15 Nov 2023 05:44:02 GMT
cookienotice.js
raha.muusha.xyz/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raha.muusha.xyz/js/cookienotice.js
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://raha.muusha.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 20:20:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 21 Nov 2023 05:44:01 GMT
Primary Request 1030
meglaton.xyz/
Redirect Chain
  • https://flashrdr.org/cl/3a30bf55ace240d7?p1=&p2=&source=&site=
  • https://traffic-metacpa.com/trclck?hash=753&pid=1034&aid=22779&keyword=5162604149&keyword3=134714
  • https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.243.245 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
bad30483b69c3f27773ab5233203eac857460f9bd3d039443c6b16364d3ac6a6

Request headers

Referer
https://raha.muusha.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 05:44:03 GMT
ETag
W/"2728-xpy9r/y/Q4a/E7geRGQjhUWBYJw"
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
825cf0b9fd7191fc-FRA
date
Tue, 14 Nov 2023 05:44:02 GMT
location
https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyqCGqaRRF599%2BfGoEYFUArcYuqssfAXkARAYHQHQK%2B2%2FUgs732%2BxwdNaPLzvJ1VlTx7PI9Db5WYDJf4stKha3YreEnzli0T1LEnR0R9dgrLyO%2B30DNMNyZkyBvW2Vz6B%2BWSTRl1Kcz62QaxBpQufAi5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
iphone-14.png
meglaton.xyz/images/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meglaton.xyz/images/iphone-14.png
Requested by
Host: meglaton.xyz
URL: https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.243.245 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
28ecb3d98a60d719cd208d83074d6c62f0755549c526a03d334c06b23c0d0f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 05:44:03 GMT
Last-Modified
Mon, 17 Apr 2023 14:24:29 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"4818a-1878f9a5697"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
295306
winner-gift.png
meglaton.xyz/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meglaton.xyz/images/winner-gift.png
Requested by
Host: meglaton.xyz
URL: https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.243.245 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
62c5aaf2c5588c5831b139ebd318d3f4cff8c9694aa2d989b388d3f7f9315275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 05:44:03 GMT
Last-Modified
Sun, 18 Sep 2022 18:43:14 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"6ab0-18351e96801"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27312
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: meglaton.xyz
URL: https://meglaton.xyz/1030?id=230af63d-a95b-41cf-9aea-22ce7df245b0&h=753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://meglaton.xyz/
Origin
https://meglaton.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:44:03 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5138443
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699940644.526478,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
454, 902079

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| ajax_call function| hitthelist string| pm_pid function| generateUkid function| sendmessage function| redirecting function| becreative

6 Cookies

Domain/Path Name / Value
br.ke/ Name: PHPSESSID
Value: 05cac4394006b44afe028b8259a500ad
br.ke/ Name: s_statistics_25
Value: 0
sape.ngumaz.com/ Name: nauid
Value: GPX0pscK18m1U1sG3VSx
sape.ngumaz.com/ Name: asgle
Value: 13605584034175404042
flashrdr.org/ Name: sbc3a30bf55ace240d7
Value: eyJpdiI6ImZuWGRpUWFjYzc0UmpRTWt2V2JvL2c9PSIsInZhbHVlIjoiRzBkcTVtUkl5dlVZVllDSkxQbWE1dz09IiwibWFjIjoiYTY3MWVjMWUwMDA0ZTgzYmI4MDk4ZThlMGJhOGNjZDExYmM3N2VmOGQ1YjZkZTA0NGEwMjY4ODc5YTI0YjkyZSIsInRhZyI6IiJ9
flashrdr.org/ Name: vis
Value: eyJpdiI6IkxzTjVTcTVyRmt1a3FMK3ZDSDVkZ1E9PSIsInZhbHVlIjoiRnpQNWNER0RQb1JEWDRPRHBvb1gzZz09IiwibWFjIjoiZTY2MGM3NmI5ZDEzZWJkOWMzOWNjMDlkZDljZDdiMjljZGNmYWRlMGFlY2JjNjRmOWQzMzdkMDU2YWZiY2QxMCIsInRhZyI6IiJ9