midasbuyshop.games Open in urlscan Pro
2606:4700:3036::ac43:86c2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://midasbuyshop.games/
Effective URL:
https://midasbuyshop.games/
Submission: On February 28 via api (February 28th 2023, 2:26:43 am UTC) from US — Scanned from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3036::ac43:86c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is midasbuyshop.games.
TLS certificate: Issued by GTS CA 1P5 on February 8th 2023. Valid for: 3 months.

This is the only time midasbuyshop.games was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3036::ac43:86c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	2606:4700:130... 2606:4700:130:436c:6f75:6466:6c61:7265	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	129.226.107.210 129.226.107.210	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	203.205.136.105 203.205.136.105	() ()
19	211.152.148.45 211.152.148.45	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	23.78.206.90 23.78.206.90	() ()
2	43.152.54.143 43.152.54.143	() ()
1	104.243.38.202 104.243.38.202	() ()
7	211.152.149.12 211.152.149.12	() ()
3	240e:97c:2f:1... 240e:97c:2f:1003::12	() ()
3	101.32.212.216 101.32.212.216	() ()
53	12

3 2606:4700:3036::ac43:86c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

midasbuyshop.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:130:436c:6f75:6466:6c61:7265 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

5.rustt.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.226.107.210 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

kepler.captcha.qcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.136.105 (None, )

ASN- ()

3gimg.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 211.152.148.45 (Atlanta, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

cdn.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.206.90 (None, )

ASN- ()

midas.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.152.54.143 (None, )

ASN- ()

www.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.243.38.202 (None, )

ASN- ()

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 211.152.149.12 (None, )

ASN- ()

report1.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 240e:97c:2f:1003::12 (None, )

ASN- ()

aegis.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 101.32.212.216 (None, )

ASN- ()

dp.telesafe.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	midasbuy.com cdn.midasbuy.com — Cisco Umbrella Rank: 321341 www.midasbuy.com report1.midasbuy.com	1 MB
12	rustt.me 1 redirects 5.rustt.me	230 KB
7	qq.com 3gimg.qq.com aegis.qq.com dp.telesafe.qq.com	65 KB
3	midasbuyshop.games 1 redirects midasbuyshop.games	19 KB
2	qcloud.com kepler.captcha.qcloud.com — Cisco Umbrella Rank: 368586	56 KB
1	ibb.co i.ibb.co	11 KB
1	gtimg.cn midas.gtimg.cn	21 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	22 KB
53	8

	Domain	Requested by
19	cdn.midasbuy.com	5.rustt.me cdn.midasbuy.com
12	5.rustt.me	1 redirects midasbuyshop.games 5.rustt.me cdn.midasbuy.com
7	report1.midasbuy.com	5.rustt.me
3	dp.telesafe.qq.com	5.rustt.me
3	aegis.qq.com	5.rustt.me
3	midasbuyshop.games	1 redirects midasbuyshop.games
2	www.midasbuy.com	5.rustt.me
2	kepler.captcha.qcloud.com	5.rustt.me
1	i.ibb.co	5.rustt.me
1	midas.gtimg.cn	5.rustt.me
1	3gimg.qq.com	5.rustt.me
1	cdn.jsdelivr.net	midasbuyshop.games
53	12

This site contains no links.

Subject Issuer	Validity	Valid
*.midasbuyshop.games GTS CA 1P5	`2023-02-08` - `2023-05-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.rustt.me GTS CA 1P5	`2023-02-12` - `2023-05-13`	3 months	crt.sh
may28-2022-1.ias.qcloud.com DigiCert Secure Site CN CA G3	`2022-05-27` - `2023-05-30`	a year	crt.sh
*.flow.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-28` - `2023-05-30`	a year	crt.sh
*.midasbuy.com DigiCert Secure Site CN CA G3	`2022-05-06` - `2023-06-06`	a year	crt.sh
qs.888.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-28` - `2023-04-30`	a year	crt.sh
ibb.co R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
aegis.qq.com DigiCert Secure Site CN CA G3	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.jun08-2022-1.ias.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-07` - `2023-07-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://midasbuyshop.games/
Frame ID: A6792B43296901825FAF2F4B5ACF9D46
Requests: 3 HTTP requests in this frame

Frame: https://5.rustt.me/jefanya-store/
Frame ID: A008B0ED75F32CC8B69AFCAC7C90002E
Requests: 49 HTTP requests in this frame

Frame: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07732791738400842
Frame ID: 1F129B0644DDE0295F169386CDC21930
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG Mobile - Midasbuy

Page URL History Show full URLs

http://midasbuyshop.games/ HTTP 301
https://midasbuyshop.games/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

53
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

1939 kB
Transfer

3184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://midasbuyshop.games/ HTTP 301
https://midasbuyshop.games/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://5.rustt.me/jefanya-store HTTP 301
https://5.rustt.me/jefanya-store/

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
midasbuyshop.games/
Redirect Chain

http://midasbuyshop.games/
https://midasbuyshop.games/

3 KB
1 KB

342ms
282ms

Document
text/html

2606:4700:3036::ac43:86c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:86c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1000dc6ce14d891d1c4ca8de2c1a52009e8c0e1f166cbee0beca537e527d4f6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a05b751ac5de72c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 02:26:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OeC75t2Z8IqtbRjdHd%2BMosIsB3oXnAZRNZM9xACre1zz3roCYPFrA8HO6iMGcQUy7GpO7BhqBrPK1Z81bVfqD%2B0Dhfn6MpUQLZHIJ7qIniJeYFlv%2FS20ocwi4Z2QyNCI%2BfWaQ2d782YuzpLsu%2FRLNk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a05b74fe9c4c40c-EWR
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 28 Feb 2023 02:26:33 GMT
Location: https://midasbuyshop.games/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4tyToGDvm4X24fh%2BLZbjt%2FwdUeO9h7hfZkwKb0bKqayXLJYs%2BtsDdXw0sqZnrx8bezL%2FfbDsCYkSSACLzlg6LAeN2%2Fo32d9EymNImTTxI%2B8n80ISzWutMqiw2YcO3GW%2BDMgHddVGDfo5g8e6r8fmmM%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/ 138 KB
22 KB 61ms
22ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

Requested by

Host: midasbuyshop.games
URL: https://midasbuyshop.games/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midasbuyshop.games/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 482951
x-jsd-version: 4.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6QoUQRpw5iTZ0CwfkbMeeD6Z9Afw%2F6z71pcfi0qV3inByDI0izomi%2FyoiUtjSnC6HZ1bIeHL5Ljl2qEsC07aphreHDxbwi%2F2CBNiCyZBwzEsGv%2BkdXWhVpp5H9qxkLOG9kIluUHuvwS3nS0PDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a05b7546fb4d153-BUF

GET
H2 200 invisible.js Show response
midasbuyshop.games/cdn-cgi/challenge-platform/h/g/scripts/ 40 KB
17 KB 33ms
32ms Script
application/javascript 2606:4700:3036::ac43:86c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://midasbuyshop.games/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
Requested by: Host: midasbuyshop.games
URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:86c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ecba5da9343abc8dabe3c273bd00eeb1cd0a8725b593779d846d98709e9d16c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midasbuyshop.games/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBe%2B8LgKcaCcU7akQ6By%2F%2BPSOUiKbLZsZS6i%2FEhm0L67P7MaTSPHig7wJbijoAkVeDPwM3KNUlzS79RhD8AJuxp4HdHWTpZBF0aKyk8hmzWAnYCUphNL03W3TA7%2FiiGp77DqemlkZp7QGjuUTYDML7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a05b7543f18e72c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
5.rustt.me/jefanya-store/ Frame A008
Redirect Chain

https://5.rustt.me/jefanya-store
https://5.rustt.me/jefanya-store/

204 KB
37 KB

122ms
122ms

Document
text/html

2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/jefanya-store/
Requested by: Host: midasbuyshop.games
URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6f14287e97cc3245de0bc8a4f7cec7c641b0e83c47ad22aad52c0686d21af5

Request headers

Referer: https://midasbuyshop.games/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a05b756c9b0189d-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 02:26:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNKPhzOiWmCtB0QDtYJRgEKnMgZ0XPgmuDKaJ8IGe%2F0xK%2BpU1f7kGxxCyq4kaYtJk6ivFiro5cH4DHoXbIlAZMgtzFkUEmA5Q7C6k0z4bov2ZxufNc9svbELBbBo19NCF8cIoX1nhl6l"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a05b754fd5a189d-EWR
content-type: text/html; charset=iso-8859-1
date: Tue, 28 Feb 2023 02:26:34 GMT
location: https://5.rustt.me/jefanya-store/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVIG8wkSBfqoKJGSTlieMF%2Bq9HTlm2AS9BArSUCHlCVoF%2F0dfQas6fN3kaojhXFNozf8eKOb9o1B0wo55GyQfvPAklMxGa%2BhETnG1ccb24LA2QPVy0hPR%2FwC%2BzWmnWuo89bGUAxnxeh0"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK tencent-kepler.js Show response
kepler.captcha.qcloud.com/ Frame A008 147 KB
56 KB 1825ms
232ms Script
text/javascript 129.226.107.210
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.107.210 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 02:26:36 GMT
Content-Encoding: gzip
Server: tencent http server
P3P: CP=CAO PSA OUR
Content-Type: text/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56621

GET
H2 200 tfg.v1.0.18.js Show response
3gimg.qq.com/tele_safe/static/tfg/pc/ Frame A008 214 KB
63 KB 3388ms
234ms Script
application/javascript 203.205.136.105

General

Check archive.org

Show headers Download Go to

Full URL: https://3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.205.136.105 -, , ASN (),
Reverse DNS
Software: TencentCOS /
Resource Hash: fcb4576438361d09632849295af08f3cc448b8e104902ac1303df41a91dd4af1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:25:16 GMT
x-cos-object-type: normal
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-cos-storage-class: STANDARD_IA
content-length: 64381
x-cos-hash-crc64ecma: 13594462328696689996
last-modified: Sat, 09 Apr 2022 02:31:37 GMT
server: TencentCOS
etag: "9766758ab4540071f60a1dcde343d4e2d382b02e"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-nws-log-uuid: 2501053449389345092
accept-ranges: bytes
ip: 0.0.0.0
access-control-allow-headers: *

GET
H2 200 vendor-87839280b2.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame A008 236 KB
36 KB 1663ms
39ms Stylesheet
text/css 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: c922214dd2b6560e226d0a36ee21c474d3d4184c7599d1baba67c4c8287af4ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:36 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Thu, 01 Apr 2021 02:25:50 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: ab42c93e-1d04-42b3-ac47-984a1b75e7be
accept-ranges: bytes
content-length: 36202
expires: Tue, 28 Feb 2023 02:36:36 GMT

GET
H2 200 game_recharge_ticket_new-c9585b8432.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame A008 18 KB
3 KB 1661ms
37ms Stylesheet
text/css 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: a406545520016ebc8913e102352c7d11b54e1f543f19c965a943ead3035a5b78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:36 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Thu, 08 Apr 2021 09:43:27 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-nws-log-uuid: 3cdbea38-e3da-41a3-a760-46b6bec048cb
accept-ranges: bytes
content-length: 3106
expires: Tue, 28 Feb 2023 02:36:36 GMT

GET
H2 200 media-f6bc833bbb.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame A008 122 KB
21 KB 1699ms
76ms Stylesheet
text/css 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: fb29d9ce7243bd6b0f2e4cb8666f831285696ee23b70de68a72f1c8d73844ef0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:36 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Fri, 02 Apr 2021 11:54:18 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: f64ba633-b289-4fe3-8b56-752eb45a59c8
accept-ranges: bytes
content-length: 20706
expires: Tue, 28 Feb 2023 02:36:36 GMT

GET
H2 200 midas-oversea-h5page.js Show response
cdn.midasbuy.com/h5/overseah5/js/ Frame A008 71 KB
12 KB 1701ms
78ms Script
application/javascript 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 1cc5a77bbaff50236632a41e80941f8aaca70663b572370c9ace986afa89768b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:36 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Thu, 05 Jan 2023 09:24:23 GMT
server: NWSs
content-type: application/javascript
access-control-allow-origin: https://www.midasbuy.com
cache-control: max-age=259200
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 999ea3df-d6d7-41a8-b64f-570d2845e767
accept-ranges: bytes
timing-allow-origin: https://www.midasbuy.com
content-length: 11963
expires: Fri, 03 Mar 2023 02:26:36 GMT

GET
H2 200 production.midas.runtime.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame A008 282 KB
91 KB 1728ms
109ms Script
application/javascript 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 089878c4af2ccaaa206b2fff070dc068a4f0acdd17ff2de1432bb6463446d8ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:36 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Mon, 27 Feb 2023 03:54:22 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 2cd6a814-2279-4b22-9601-0da5ec26408b
accept-ranges: bytes
content-length: 92388
expires: Tue, 28 Feb 2023 02:36:36 GMT

GET
H3 404 foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js
5.rustt.me/oversea_web/static/js/x-midas/ Frame A008 0
0 289ms
288ms Script
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/oversea_web/static/js/x-midas/foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QayXm0pvqOe7Nl6%2FHqYTIxnyVJPBVeOOUhTWutcHIZqcGu6zgU09gjsqVq%2FaZpOVEl17XQQDkEgWkmPjU639PrF4V%2B9y07zf1I2ThCClKrkmKpe%2BIvCBWLgrm1ZFrQF%2BEwXFmiBe2WLh"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7a05b7599d268c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 world.2556fe97306bdec1268d8b8a935b56c5.jpg
midas.gtimg.cn/oversea_web/static/images/flag/ Frame A008 21 KB
21 KB 630ms
249ms Image
image/jpeg 23.78.206.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.78.206.90 -, , ASN (),
Reverse DNS
Software: X2S_Platform /
Resource Hash: 3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:38 GMT
x-cache-lookup: Hit From Upstream
last-modified: Wed, 17 Jul 2019 09:21:05 GMT
server: X2S_Platform
content-type: image/jpeg
cache-control: max-age=600
server_ip: 203.205.136.85
x-nws-log-uuid: 36ce00e8-d124-4c03-9785-c5de7543e109
content-length: 21503
expires: Tue, 28 Feb 2023 02:36:38 GMT

GET
H2 200 pc-logo.png
www.midasbuy.com/oversea_web/static/images/ Frame A008 5 KB
6 KB 840ms
28ms Image
image/png 43.152.54.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midasbuy.com/oversea_web/static/images/pc-logo.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.54.143 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 07:52:10 GMT
content-encoding: br
last-modified: Fri, 18 Oct 2019 06:55:12 GMT
server: nginx
eo-cache-status: HIT
etag: "5da961d0-151b"
content-type: image/png
cache-control: max-age=2592000
eo-log-uuid: 6722831025188823797
accept-ranges: bytes
content-length: 5407
expires: Sat, 30 Jul 2022 07:52:10 GMT

GET
H2 200 big-new-close-icon.png
www.midasbuy.com/oversea_web/static/images/ Frame A008 373 B
552 B 843ms
30ms Image
image/png 43.152.54.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.54.143 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 07:52:10 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 08:36:36 GMT
server: nginx
eo-cache-status: HIT
etag: "5ec39a94-175"
content-type: image/png
cache-control: max-age=2592000
eo-log-uuid: 10863155278918080673
accept-ranges: bytes
content-length: 396
expires: Sat, 30 Jul 2022 07:52:10 GMT

GET
H2 200 header.bbcf2110.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame A008 55 KB
18 KB 46ms
46ms Script
application/javascript 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 4bcb452bf07df52c2fbd3f0a65263cd81e544cdc7d19cef7908ecb9428df15fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Wed, 10 Mar 2021 08:45:22 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 723f3730-2712-44de-af17-744fa6ca7fa6
accept-ranges: bytes
content-length: 18232
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 coins.png
i.ibb.co/SRNXbB7/ Frame A008 11 KB
11 KB 126ms
39ms Image
image/png 104.243.38.202

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/SRNXbB7/coins.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.202 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c442f760be7613d058ec178fea8b3bff2984830afa8ec523b006f52f2a41dba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
last-modified: Mon, 14 Feb 2022 16:35:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11507
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ucAtas.png
5.rustt.me/jefanya-store/img/ Frame A008 1 KB
2 KB 326ms
321ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/ucAtas.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f0e2f20760b6b11253664df938bee1158390f88bfe8fb49eb126567123ca58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KytwxuLRPiYrQYGf9FR1qhCj2EYcgF7Za2%2FFJ22brG0PwluclFLVsdnXyNopti95aGY7v80Ho%2BLDOaR%2FxSt9GirzsnZHbzRJ%2Fo6pmU7OEiu0nri9a8cTfoDHtAhxi3g6JEZlhWlPzip8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c5c8c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1318

GET
H3 200 1.png
5.rustt.me/jefanya-store/img/product/ Frame A008 20 KB
20 KB 399ms
394ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/1.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65bb6c9a5a42adff26d1fe20756614c49fbaad40f3929e3898f3a760a04cd2bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F%2BrC6ieOqXgqvWdgMGjyLkBNPsS2qNTRlG6tEV%2BfMo6sKAkFKPD%2BS4K6uhgrefBuTM%2Bkb4V3OcAfS3ed8401V7Fm3xLv4LIV0zuXfroDla0BZj%2BogKN4FkUGaEGKqiLOC0%2BdjgPcASH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c5e8c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20407

GET
H3 200 2.png
5.rustt.me/jefanya-store/img/product/ Frame A008 22 KB
23 KB 375ms
370ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/2.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d52dca805b5ef33f989d9d425ec8a11f8b726c98fbaca9d41d0c11c1f5fa3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA%2BbiI4AQhWR4tFUSfcfp9jVuztqICEV4n%2FeNp0anW%2FCahTfnYin61lA6DyvVTz32HJ2p8NPTPm0Wb4YzEGq%2BNeyKRsmOPulcdVdrdpczKBSWKPPbdUUcmoVa6yvpp9AGhF6m3cLqhCO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c618c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22824

GET
H3 200 3.png
5.rustt.me/jefanya-store/img/product/ Frame A008 27 KB
28 KB 477ms
471ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/3.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83456ddf216212a3a5961bb3f687e2bab72c837200a78af6876c4ef1da705065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5I2VqmzXpJybwGnK5RG%2FpPPjQ18FfOrlR3tt3FvB1X6rxHRFImDBFcuthNIleeaLAYb1r19GWwxMEKvyLz%2BeYiQy2SewzYf3psKjhTTBZVeXKz5I5JGNO6fq%2B9pdv5i%2FGfapfYRZxfA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c648c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27837

GET
H3 200 5.png
5.rustt.me/jefanya-store/img/product/ Frame A008 39 KB
39 KB 538ms
532ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/5.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e585e21100d4c2dfd20708ac23c62faf66451a6eed5c8af72c348d635aac542b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BirrQX3BPA8Ho9bb%2B%2BsVfYK4v%2Fkf%2BqID7Nd02pOnpP7gimJQSnVj1n6UxJNv6M0fRdif1K21TbiJOmLhX00Ap4iMpD35h%2FmgA5WYANsvSpYzsinonO7Z5Gf%2BBtBjL5NJGLri5cRZ50yb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c658c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39489

GET
H3 200 6.png
5.rustt.me/jefanya-store/img/product/ Frame A008 53 KB
54 KB 608ms
603ms Image
image/png 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/6.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1ed74d48a857034a509b63602360ea0b39ce7c15c4df9db42619fde5815bb0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmJ1GxMHXwBPbrjC1BoioW1cIIKaExjUKB6vlsMVleoZyrU0eenUmMki%2BBoq%2BzyCs8ZtJoZeSNY9HGX2WeZH7%2Bb%2BmLvA%2FzsE1vPbj7g5Rh4zubRdoq4QhigJ%2B8uVjrUzOQn7P%2FJiDRBN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b7683c688c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54572

GET
H2 200 guide001.png
cdn.midasbuy.com/images/apps/pubgm/ Frame A008 432 KB
433 KB 201ms
195ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/apps/pubgm/guide001.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 9fe15b168ab9a542ae9410fdfca0fa9101d64a4b0c40c64a8d976b26207ddd99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Wed, 01 Dec 2021 10:12:01 GMT
server: NWSs
content-type: image/png
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 88228bd7-e755-47f0-8834-0096df7ff38e
accept-ranges: bytes
content-length: 442225
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 guide002.png
cdn.midasbuy.com/images/apps/pubgm/ Frame A008 438 KB
439 KB 80ms
75ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/apps/pubgm/guide002.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 01 Dec 2021 10:12:19 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://www.midasbuy.com
cache-control: max-age=600
x-nws-log-uuid: 8f70fc2f-25f7-4ca3-8f72-1573bfa886ab
accept-ranges: bytes
timing-allow-origin: https://www.midasbuy.com
content-length: 448284
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H3 200 email-decode.min.js Show response
5.rustt.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame A008 1 KB
1 KB 29ms
23ms Script
application/javascript 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5.rustt.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 10:50:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f5f393-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXZ7o%2FjyFJW%2BKvosmC64Hp2grNk00OjakEixPamn8j8RyATyRMHEbE48cu0w2g3ZSv03wKwEmXJhNorYex2uLS4KYZ11ciCtWjk0QVcy7%2B9V07RvEfResfYYsb8nfyviGhA6xtBwRm49"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7a05b7683c598c8f-EWR
expires: Thu, 02 Mar 2023 02:26:37 GMT

GET
H2 200 buypage.052bbaf6.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame A008 152 KB
47 KB 45ms
37ms Script
application/javascript 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: b35045677941134c95267b374b2a153f9843260b4768a7472a995566e6d21508

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 10 Mar 2021 08:45:21 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-nws-log-uuid: b3811757-3786-49f9-b961-e50406122fe4
accept-ranges: bytes
content-length: 47711
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 2075ms
280ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|36=https%3A%2F%2Fmidasbuyshop.games%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36|51=&r=0.9905288062645214
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 pc-logo-5f404ea479.png
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 5 KB
6 KB 196ms
192ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 93d27df2-96c1-4814-b0e9-d75660b8b678
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 5403
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 arrow-icon-54d438045f.png
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 360 B
716 B 196ms
194ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:08 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: f6654863-d77f-47ae-8bf4-3093592ab403
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 360
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 pc-fb-eade39686c.png
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 2 KB
3 KB 227ms
226ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-nws-log-uuid: 827af937-7ea0-4f4d-b9ef-49866ebb153e
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 2407
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 whitelist Show response
aegis.qq.com/aegis/ Frame A008 58 B
230 B 1144ms
272ms XHR
application/json 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/aegis/whitelist?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=6234aa12-7e6d-4973-829a-8af034afd6c6&platform=100&x5Type=3&netType=100&sessionId=session-1677551197435&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty / Express
Resource Hash: bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:38 GMT
server: openresty
x-powered-by: Express
content-length: 58
etag: W/"3a-Mq+Z0YrSSADKAkwAZ0tpR8ztW14"
content-type: application/json; charset=utf-8

GET
H2 200 1920x240.e47dbb36.jpg
cdn.midasbuy.com/images/ Frame A008 234 KB
235 KB 331ms
330ms Image
image/jpeg 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920x240.e47dbb36.jpg
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 4f76ffd0cea005da2a57fb7d94aca2449087bce733763d1c25f42c479ab74cfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Upstream, Hit From Disktank3
last-modified: Thu, 17 Nov 2022 08:47:35 GMT
server: NWSs
content-type: image/jpeg
access-control-allow-origin: https://www.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=3
x-nws-log-uuid: e102265b-eff0-45d4-bf99-0b458f1ed1f8
accept-ranges: bytes
timing-allow-origin: https://www.midasbuy.com
content-length: 240074
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 tab-actvie-6a7af30a7d.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame A008 6 KB
7 KB 177ms
176ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:17 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 0973813e-6001-46cb-8f18-61ed7de554d8
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 6303
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 help-3511261f22.png
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 768 B
1 KB 177ms
177ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/help-3511261f22.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 58a9d84a82320ae57c1f150a1c32d868459335083c0095c36504a1acb0fad2ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:29 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: ce9beab5-d7dd-4724-9850-cea5f03e03f4
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 768
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 list-active-new-0f7ecf2cdd.svg
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 615 B
974 B 161ms
154ms Image
image/svg+xml 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:31 GMT
server: NWSs
content-type: image/svg+xml
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 84b44a50-48bc-42d1-9b49-b17ede12cd7f
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 615
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 card-bg-097257145b.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame A008 45 KB
45 KB 161ms
154ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: c054d776-e6f7-4cf2-9a0f-da8ee2f3e400
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 45735
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H3 200 DINMITTELSCHRIFTSTD.woff
5.rustt.me/jefanya-store/font/ Frame A008 24 KB
25 KB 720ms
716ms Font
font/woff 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/jefanya-store/font/DINMITTELSCHRIFTSTD.woff
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c

Request headers

Referer: https://5.rustt.me/jefanya-store/
Origin: https://5.rustt.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:38 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjODYe5VNYdj2pp7%2BWbxlYQHxg6%2BLwK1hfRBKTfAXNUuf3fzbJRTLXM%2FEJK%2FgmplQ%2FKdpMzKW03U%2Btbkwa6S9ho%2Bbf1UJ%2FSvaMNY%2FyWyWRPhDC7ibSJHcj91OpdqYnQUKafAuuxlpLGw"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a05b768bd518c8f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24996

GET
H3 404 receiveMsg.html Show response
5.rustt.me/oversea_web/static/ Frame 1F12 315 B
643 B 436ms
431ms Document
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07732791738400842
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://5.rustt.me/jefanya-store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a05b769bf2e8c8f-EWR
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 28 Feb 2023 02:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0iWbTqoQXwVNzF5F2nhpnxlmH67ZsZoniehAWBdzxkn2XE2VuZT9nMXcBItbkufsajZbYS8KVpvHyEhLDHKqbk97vy1W5BCO2by7edjzP6fP7Uv84v7Hw9Cypck9H8nyUDxgRv5qubp"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 1841ms
292ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551197604|6=1677551197604|29=0404447576727409831615827099757&rr=0.028922823008489473
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 card-active-bg-c8325e2e0e.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame A008 111 KB
112 KB 62ms
61ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:37 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: d5f81233-2a0f-471f-9af5-d75777b70db8
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 113890
expires: Tue, 28 Feb 2023 02:36:37 GMT

GET
H2 200 feedback-icon-d5219efc94.png
cdn.midasbuy.com/oversea_web/static/images/ Frame A008 1 KB
2 KB 39ms
39ms Image
image/png 211.152.148.45
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:26:38 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:27 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: caba0641-b5ec-4850-b7f4-e601f58ae382
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 1272
expires: Tue, 28 Feb 2023 02:36:38 GMT

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 1098ms
290ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551197612|6=1677551197612|29=0404447576727409831615827099757&rr=0.022953695408507002
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 895ms
287ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551197716|6=1677551197716|29=0404447576727409831615827099757&rr=0.7656368941678808
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 200 f4 Show response
dp.telesafe.qq.com/ Frame A008 137 B
242 B 1551ms
258ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/f4
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dc8ca1ffa3e43d65cb9573c2e3522fdb11a4dd044fef349d1638ddbf9928c85

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:41 GMT
content-length: 137
content-type: application/json; charset=utf-8

POST
H2 204 collect Show response
aegis.qq.com/ Frame A008 0
274 B 284ms
259ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/collect?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=6234aa12-7e6d-4973-829a-8af034afd6c6&platform=100&x5Type=3&netType=100&sessionId=session-1677551197435&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:40 GMT
cross-origin-resource-policy: cross-origin
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 271ms
268ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=times%3D4133.099998474121%26html%3D410.70000076293945%26dns%3D0%26tcp%3D0%26res%3D3316.699998855591|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551199910|6=1677551199910|29=0404447576727409831615827099757&rr=0.4673516449703077
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 204 performance Show response
aegis.qq.com/speed/ Frame A008 0
72 B 267ms
264ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/speed/performance?dnsLookup=0&tcp=0&ssl=0&ttfb=122&contentDownload=289&domParse=2658&resourceDownload=1970&firstScreenTiming=3455&id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=6234aa12-7e6d-4973-829a-8af034afd6c6&platform=100&x5Type=3&netType=100&sessionId=session-1677551197435&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:40 GMT
server: openresty

POST
H2 200 t3 Show response
dp.telesafe.qq.com/ Frame A008 65 B
168 B 257ms
255ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/t3
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b21776e8097d38b80cc7f2ac721106dc57571ccf979707c31beda0a0921db5d

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:41 GMT
content-length: 65
content-type: application/json; charset=utf-8

POST
H2 200 t3 Show response
dp.telesafe.qq.com/ Frame A008 65 B
168 B 255ms
253ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/t3
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b21776e8097d38b80cc7f2ac721106dc57571ccf979707c31beda0a0921db5d

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Feb 2023 02:26:41 GMT
content-length: 65
content-type: application/json; charset=utf-8

POST
H/1.1 200
OK getwt Show response
kepler.captcha.qcloud.com/ Frame A008 358 B
606 B 709ms
247ms XHR
text/json 129.226.107.210
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/getwt
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.107.210 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 400556d344edea64822d1638cbfb20e76e68e1509397ff9d8d34930153ac1c0f

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: No-cache
Date: Tue, 28 Feb 2023 02:26:41 GMT
Server: tencent http server
Content-Type: text/json
Access-Control-Allow-Origin: *
P3P: CP=CAO PSA OUR
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 283ms
281ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.success|8=times%3D3905|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551201518|6=1677551201518|29=0404447576727409831615827099757&rr=0.05394809056507932
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame A008 0
0 277ms
277ms Image
text/html 211.152.149.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.success|8=times%3D3915|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677551201519|6=1677551201519|29=0404447576727409831615827099757&rr=0.5286406265787593
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.149.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| __CF

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://midasbuyshop.games/(Line 3) Message: The key "" is not recognized and ignored.
network	error	URL: https://5.rustt.me/oversea_web/static/js/x-midas/foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07732791738400842 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gimg.qq.com
5.rustt.me
aegis.qq.com
cdn.jsdelivr.net
cdn.midasbuy.com
dp.telesafe.qq.com
i.ibb.co
kepler.captcha.qcloud.com
midas.gtimg.cn
midasbuyshop.games
report1.midasbuy.com
www.midasbuy.com
101.32.212.216
104.243.38.202
129.226.107.210
203.205.136.105
211.152.148.45
211.152.149.12
23.78.206.90
240e:97c:2f:1003::12
2606:4700:130:436c:6f75:6466:6c61:7265
2606:4700:3036::ac43:86c2
2606:4700::6810:5814
43.152.54.143
089878c4af2ccaaa206b2fff070dc068a4f0acdd17ff2de1432bb6463446d8ce
0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0
1000dc6ce14d891d1c4ca8de2c1a52009e8c0e1f166cbee0beca537e527d4f6e
1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b
1c6f14287e97cc3245de0bc8a4f7cec7c641b0e83c47ad22aad52c0686d21af5
1cc5a77bbaff50236632a41e80941f8aaca70663b572370c9ace986afa89768b
1ecba5da9343abc8dabe3c273bd00eeb1cd0a8725b593779d846d98709e9d16c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2
362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313
3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8
400556d344edea64822d1638cbfb20e76e68e1509397ff9d8d34930153ac1c0f
46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31
4b21776e8097d38b80cc7f2ac721106dc57571ccf979707c31beda0a0921db5d
4bcb452bf07df52c2fbd3f0a65263cd81e544cdc7d19cef7908ecb9428df15fd
4dc8ca1ffa3e43d65cb9573c2e3522fdb11a4dd044fef349d1638ddbf9928c85
4f76ffd0cea005da2a57fb7d94aca2449087bce733763d1c25f42c479ab74cfa
528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e
55f0e2f20760b6b11253664df938bee1158390f88bfe8fb49eb126567123ca58
58a9d84a82320ae57c1f150a1c32d868459335083c0095c36504a1acb0fad2ea
5e1ed74d48a857034a509b63602360ea0b39ce7c15c4df9db42619fde5815bb0
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985
62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575
65bb6c9a5a42adff26d1fe20756614c49fbaad40f3929e3898f3a760a04cd2bc
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
83456ddf216212a3a5961bb3f687e2bab72c837200a78af6876c4ef1da705065
9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3
9d52dca805b5ef33f989d9d425ec8a11f8b726c98fbaca9d41d0c11c1f5fa3d0
9fe15b168ab9a542ae9410fdfca0fa9101d64a4b0c40c64a8d976b26207ddd99
a406545520016ebc8913e102352c7d11b54e1f543f19c965a943ead3035a5b78
a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7
b35045677941134c95267b374b2a153f9843260b4768a7472a995566e6d21508
bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e
c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c
c442f760be7613d058ec178fea8b3bff2984830afa8ec523b006f52f2a41dba2
c922214dd2b6560e226d0a36ee21c474d3d4184c7599d1baba67c4c8287af4ef
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e585e21100d4c2dfd20708ac23c62faf66451a6eed5c8af72c348d635aac542b
fb29d9ce7243bd6b0f2e4cb8666f831285696ee23b70de68a72f1c8d73844ef0
fcb4576438361d09632849295af08f3cc448b8e104902ac1303df41a91dd4af1
fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

midasbuyshop.games Open in urlscan Pro 2606:4700:3036::ac43:86c2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

33 %IPv6

8 Domains

12 Subdomains

12 IPs

2 Countries

1939 kBTransfer

3184 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

midasbuyshop.games Open in urlscan Pro
2606:4700:3036::ac43:86c2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

1939 kB
Transfer

3184 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!