midasbuyshop.games Open in urlscan Pro
2606:4700:3035::6815:671 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://midasbuyshop.games/
Submission: On March 01 via api (March 1st 2023, 6:48:42 am UTC) from US — Scanned from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3035::6815:671, located in United States and belongs to CLOUDFLARENET, US. The main domain is midasbuyshop.games.
TLS certificate: Issued by GTS CA 1P5 on February 8th 2023. Valid for: 3 months.

This is the only time midasbuyshop.games was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3035::6815:671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 12	2606:4700:303... 2606:4700:3035::ac43:8222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	129.226.107.210 129.226.107.210	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	203.205.136.243 203.205.136.243	() ()
19	211.152.148.45 211.152.148.45	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	96.6.22.204 96.6.22.204	() ()
2	43.152.54.143 43.152.54.143	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	104.243.38.202 104.243.38.202	23470 (RELIABLESITE) (RELIABLESITE)
7	43.152.182.14 43.152.182.14	() ()
5	240e:97c:2f:1... 240e:97c:2f:1003::12	() ()
3	101.32.212.216 101.32.212.216	() ()
55	12

2 2606:4700:3035::6815:671 (United States)

ASN13335 (CLOUDFLARENET, US)

midasbuyshop.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3035::ac43:8222 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

5.rustt.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.226.107.210 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

kepler.captcha.qcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.136.243 (None, )

ASN- ()

3gimg.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 211.152.148.45 (Atlanta, United States)

ASN139341 (ACE-AS-AP ACE, SG)

cdn.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.6.22.204 (None, )

ASN- ()

midas.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.152.54.143 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

www.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.243.38.202 (United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 43.152.182.14 (None, )

ASN- ()

report1.midasbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 240e:97c:2f:1003::12 (None, )

ASN- ()

aegis.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 101.32.212.216 (None, )

ASN- ()

dp.telesafe.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	midasbuy.com cdn.midasbuy.com — Cisco Umbrella Rank: 321341 www.midasbuy.com — Cisco Umbrella Rank: 306384 report1.midasbuy.com	1 MB
12	rustt.me 1 redirects 5.rustt.me	231 KB
9	qq.com 3gimg.qq.com aegis.qq.com dp.telesafe.qq.com	65 KB
2	qcloud.com kepler.captcha.qcloud.com — Cisco Umbrella Rank: 368586	56 KB
2	midasbuyshop.games midasbuyshop.games	15 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12837	11 KB
1	gtimg.cn midas.gtimg.cn	21 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	21 KB
55	8

	Domain	Requested by
19	cdn.midasbuy.com	5.rustt.me cdn.midasbuy.com
12	5.rustt.me	1 redirects midasbuyshop.games 5.rustt.me cdn.midasbuy.com
7	report1.midasbuy.com	5.rustt.me
5	aegis.qq.com	5.rustt.me
3	dp.telesafe.qq.com	5.rustt.me
2	www.midasbuy.com	5.rustt.me
2	kepler.captcha.qcloud.com	5.rustt.me
2	midasbuyshop.games	midasbuyshop.games
1	i.ibb.co	5.rustt.me
1	midas.gtimg.cn	5.rustt.me
1	3gimg.qq.com	5.rustt.me
1	cdn.jsdelivr.net	midasbuyshop.games
55	12

This site contains no links.

Subject Issuer	Validity	Valid
*.midasbuyshop.games GTS CA 1P5	`2023-02-08` - `2023-05-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.rustt.me GTS CA 1P5	`2023-02-12` - `2023-05-13`	3 months	crt.sh
may28-2022-1.ias.qcloud.com DigiCert Secure Site CN CA G3	`2022-05-27` - `2023-05-30`	a year	crt.sh
*.flow.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-28` - `2023-05-30`	a year	crt.sh
*.midasbuy.com DigiCert Secure Site CN CA G3	`2022-05-06` - `2023-06-06`	a year	crt.sh
qs.888.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-28` - `2023-04-30`	a year	crt.sh
ibb.co R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
aegis.qq.com DigiCert Secure Site CN CA G3	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.jun08-2022-1.ias.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-07` - `2023-07-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://midasbuyshop.games/
Frame ID: A507FB8EF53693201FFACE4FABFC351A
Requests: 3 HTTP requests in this frame

Frame: https://5.rustt.me/jefanya-store/
Frame ID: B6B104E2830A0D53E890B71FAC4F939A
Requests: 51 HTTP requests in this frame

Frame: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07545563430138502
Frame ID: 1B6438C5323F0771ACD317F0BB5654C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG Mobile - Midasbuy

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

1935 kB
Transfer

3174 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://5.rustt.me/jefanya-store HTTP 301
https://5.rustt.me/jefanya-store/

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
midasbuyshop.games/ 3 KB
1 KB 522ms
418ms Document
text/html 2606:4700:3035::6815:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1000dc6ce14d891d1c4ca8de2c1a52009e8c0e1f166cbee0beca537e527d4f6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a0f7459cf16d519-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Mar 2023 06:48:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMUX%2FmUNyfFW%2B21NMiwbbRtuf6X37VYSSN5Tc0wiJ7Gud6JsBm5DXwCM%2BWT98qT6nzrxmYoSEY2au0%2BiY%2FQJ6Ohl1Yg%2FWObGx7rqzoYRwxJBHSIevXRV%2BPuAoqV3Za8qk4M2y5OrVdMin0s7CRUrQsM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/ 138 KB
21 KB 143ms
49ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

Requested by

Host: midasbuyshop.games
URL: https://midasbuyshop.games/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midasbuyshop.games/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 06:48:28 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 599269
x-jsd-version: 4.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21038
x-served-by: cache-fra-eddf8230071-FRA, cache-fty21383-FTY
x-jsd-version-type: version
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invisible.js Show response
midasbuyshop.games/cdn-cgi/challenge-platform/h/g/scripts/ 31 KB
13 KB 41ms
40ms Script
application/javascript 2606:4700:3035::6815:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://midasbuyshop.games/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
Requested by: Host: midasbuyshop.games
URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048abd4819215f60056bfdca12dde3f9709333c3216c43329d032d4fc4772a36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midasbuyshop.games/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:28 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SetNOXOl%2FEiE8TFHCK8gNayQZb7ZBNsnOzAg1PlTYKFiksapHziTFrQEHUtMbJCF0WajpUfrfS3IysnXMF4lpwuBCN9cE%2FxVeB7n0%2FNzWn%2BXGswRQoEE6JEXrMm1fDbwowwfdUIsZ3YmGOtWnwEr1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a0f745c9fc3d519-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
5.rustt.me/jefanya-store/ Frame B6B1
Redirect Chain

https://5.rustt.me/jefanya-store
https://5.rustt.me/jefanya-store/

204 KB
38 KB

174ms
173ms

Document
text/html

2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/jefanya-store/
Requested by: Host: midasbuyshop.games
URL: https://midasbuyshop.games/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6f14287e97cc3245de0bc8a4f7cec7c641b0e83c47ad22aad52c0686d21af5

Request headers

Referer: https://midasbuyshop.games/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a0f745ffe119af2-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Mar 2023 06:48:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvF0eSrKqeY3dafpZ4jG%2B%2FHXi0arujLC%2F3HiBsFvVefFHzxohsUqvfCaEF4oRNyrfQFbIMdrYWYV9porTyFj6zoLmVJK9%2BqshrCW2Box%2BU%2B93mHk2PNUYDnN%2BiEjsCobZSrmlRxOEys%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a0f745d4bea9af2-MIA
content-type: text/html; charset=iso-8859-1
date: Wed, 01 Mar 2023 06:48:29 GMT
location: https://5.rustt.me/jefanya-store/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIgDRUHvLnAL5OwIN%2FncIBR71HpXJbedOAq%2BS88GK6L%2B7wEqYMCAA1ln1ZIgzlAJAywF%2BoAMsCI4XlEbvsOB5navwErlq%2F%2B5SeZHOPh1TmupUXiFtEI0JuGK6AFAkyGbCvttcqHcidld"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK tencent-kepler.js Show response
kepler.captcha.qcloud.com/ Frame B6B1 147 KB
56 KB 1435ms
262ms Script
text/javascript 129.226.107.210
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.107.210 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 06:48:30 GMT
Content-Encoding: gzip
Server: tencent http server
P3P: CP=CAO PSA OUR
Content-Type: text/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56621

GET
H2 200 tfg.v1.0.18.js Show response
3gimg.qq.com/tele_safe/static/tfg/pc/ Frame B6B1 214 KB
63 KB 3027ms
251ms Script
application/javascript 203.205.136.243

General

Check archive.org

Show headers Download Go to

Full URL: https://3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.205.136.243 -, , ASN (),
Reverse DNS
Software: TencentCOS /
Resource Hash: fcb4576438361d09632849295af08f3cc448b8e104902ac1303df41a91dd4af1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 06:12:36 GMT
content-encoding: gzip
x-cos-object-type: normal
x-cache-lookup: Cache Hit
x-cos-storage-class: STANDARD_IA
content-length: 64381
x-cos-hash-crc64ecma: 13594462328696689996
last-modified: Sat, 09 Apr 2022 02:31:37 GMT
server: TencentCOS
etag: "9766758ab4540071f60a1dcde343d4e2d382b02e"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-nws-log-uuid: 3640453651290265766
accept-ranges: bytes
ip: 0.0.0.0
access-control-allow-headers: *

GET
H2 200 vendor-87839280b2.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame B6B1 236 KB
36 KB 899ms
48ms Stylesheet
text/css 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: c922214dd2b6560e226d0a36ee21c474d3d4184c7599d1baba67c4c8287af4ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Thu, 01 Apr 2021 02:25:50 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: a151b563-95d5-4d6f-a14f-311b391ac6ab
accept-ranges: bytes
content-length: 36202
expires: Wed, 01 Mar 2023 06:58:29 GMT

GET
H2 200 game_recharge_ticket_new-c9585b8432.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame B6B1 18 KB
3 KB 896ms
45ms Stylesheet
text/css 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: a406545520016ebc8913e102352c7d11b54e1f543f19c965a943ead3035a5b78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Thu, 08 Apr 2021 09:43:27 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-nws-log-uuid: 0799387c-5b08-44c2-abb6-c2c51436aac9
accept-ranges: bytes
content-length: 3106
expires: Wed, 01 Mar 2023 06:58:29 GMT

GET
H2 200 media-f6bc833bbb.html.css
cdn.midasbuy.com/oversea_web/static/css/ Frame B6B1 122 KB
21 KB 940ms
90ms Stylesheet
text/css 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: fb29d9ce7243bd6b0f2e4cb8666f831285696ee23b70de68a72f1c8d73844ef0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Fri, 02 Apr 2021 11:54:18 GMT
server: NWSs
content-type: text/css
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 3298f14d-2f15-40ca-95d3-598c6a9f8cf4
accept-ranges: bytes
content-length: 20706
expires: Wed, 01 Mar 2023 06:58:29 GMT

GET
H2 200 midas-oversea-h5page.js Show response
cdn.midasbuy.com/h5/overseah5/js/ Frame B6B1 71 KB
12 KB 770ms
47ms Script
application/javascript 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 1cc5a77bbaff50236632a41e80941f8aaca70663b572370c9ace986afa89768b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: gzip
x-cache-lookup: Hit From MemCache Gz
last-modified: Thu, 05 Jan 2023 09:24:23 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-nws-log-uuid: c15cde93-12e5-46e9-87fd-b1a571e65dd3
accept-ranges: bytes
content-length: 11963
expires: Wed, 01 Mar 2023 06:58:29 GMT

GET
H2 200 production.midas.runtime.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame B6B1 282 KB
91 KB 854ms
131ms Script
application/javascript 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 089878c4af2ccaaa206b2fff070dc068a4f0acdd17ff2de1432bb6463446d8ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Wed, 01 Mar 2023 05:51:31 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: b7f68f7a-a6a8-44a7-bdf5-6f2608033022
accept-ranges: bytes
content-length: 92388
expires: Wed, 01 Mar 2023 06:58:29 GMT

GET
H3 404 foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js
5.rustt.me/oversea_web/static/js/x-midas/ Frame B6B1 0
0 421ms
420ms Script
text/html 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/oversea_web/static/js/x-midas/foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBTS2yiJamKrULkPEMbOppogMntKe5zet5vDzbfYG3pGaRsOCoO9CgE%2ByDOudL%2B3cH8ePTIrBbfwItkJtn7ELPG1oRxyaiYs%2B4oWUemrcwAoMcf0VbP%2Fx9vVF%2Fj7SzpcU6%2FFxVtOfqLl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7a0f74636c3edae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 world.2556fe97306bdec1268d8b8a935b56c5.jpg
midas.gtimg.cn/oversea_web/static/images/flag/ Frame B6B1 21 KB
21 KB 1348ms
755ms Image
image/jpeg 96.6.22.204

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.22.204 -, , ASN (),
Reverse DNS
Software: X2S_Platform /
Resource Hash: 3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
x-cache-lookup: Hit From Upstream
last-modified: Wed, 17 Jul 2019 09:21:05 GMT
server: X2S_Platform
content-type: image/jpeg
cache-control: max-age=600
server_ip: 203.205.136.85
x-nws-log-uuid: dd9996ec-a696-446a-8926-4b5a2b8f07e2
content-length: 21503
expires: Wed, 01 Mar 2023 06:58:32 GMT

GET
H2 200 pc-logo.png
www.midasbuy.com/oversea_web/static/images/ Frame B6B1 5 KB
6 KB 420ms
33ms Image
image/png 43.152.54.143
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midasbuy.com/oversea_web/static/images/pc-logo.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.54.143 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: nginx /
Resource Hash: 607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 06:31:52 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 06:55:12 GMT
server: nginx
eo-cache-status: HIT
etag: "5da961d0-151b"
content-type: image/png
cache-control: max-age=2592000
eo-log-uuid: 3882753199843672712
accept-ranges: bytes
content-length: 5426
expires: Wed, 09 Nov 2022 06:31:52 GMT

GET
H2 200 big-new-close-icon.png
www.midasbuy.com/oversea_web/static/images/ Frame B6B1 373 B
560 B 421ms
35ms Image
image/png 43.152.54.143
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.54.143 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: nginx /
Resource Hash: fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:09:08 GMT
content-encoding: br
last-modified: Tue, 19 May 2020 08:36:36 GMT
server: nginx
eo-cache-status: HIT
etag: "5ec39a94-175"
content-type: image/png
cache-control: max-age=2592000
eo-log-uuid: 5991381448861363607
accept-ranges: bytes
content-length: 377
expires: Sat, 19 Nov 2022 08:09:08 GMT

GET
H2 200 header.bbcf2110.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame B6B1 55 KB
18 KB 46ms
45ms Script
application/javascript 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 4bcb452bf07df52c2fbd3f0a65263cd81e544cdc7d19cef7908ecb9428df15fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Wed, 10 Mar 2021 08:45:22 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 5a686d03-cd51-4b15-9ba2-272a7abf4a21
accept-ranges: bytes
content-length: 18232
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 coins.png
i.ibb.co/SRNXbB7/ Frame B6B1 11 KB
11 KB 349ms
131ms Image
image/png 104.243.38.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/SRNXbB7/coins.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: c442f760be7613d058ec178fea8b3bff2984830afa8ec523b006f52f2a41dba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
last-modified: Mon, 14 Feb 2022 16:35:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11507
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ucAtas.png
5.rustt.me/jefanya-store/img/ Frame B6B1 1 KB
2 KB 412ms
409ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/ucAtas.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f0e2f20760b6b11253664df938bee1158390f88bfe8fb49eb126567123ca58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stgp4au0U3WmbPow0XytPkeQMXE05GPDNrEuJ8ph7nQ9U2bwmAre2zEpUWj89Fl83NNqDLcPHlpuhKutvRju2RHVXaa1vGKWOb3vaqficBauxsEOl8oIJC5e1gm%2FgIwFUF66HZp7Nw7M"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd34dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1318

GET
H3 200 1.png
5.rustt.me/jefanya-store/img/product/ Frame B6B1 20 KB
20 KB 560ms
557ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/1.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65bb6c9a5a42adff26d1fe20756614c49fbaad40f3929e3898f3a760a04cd2bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKkCVwOBe4%2FskclUoCJXTqQQ3TbJmQbRNlvZMrTbLey2kUI4MLJ9s0YTsysFJ9TRZPg%2FdbBBIbZtkADN9Moo4I%2B1U1g1A04e0TpNXe6c2Le6aymxtArsV7ktOj1yW7Udpq4ZTbbnUuEa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd35dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20407

GET
H3 200 2.png
5.rustt.me/jefanya-store/img/product/ Frame B6B1 22 KB
23 KB 529ms
526ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/2.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d52dca805b5ef33f989d9d425ec8a11f8b726c98fbaca9d41d0c11c1f5fa3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceGIbhb5mmJHqRXa6FbYFY9hEOeOdbqQP5YkLoraBJ5EYloGKkoWNTdt1mePWdnTTtRpA1ZRP3o5cFXanggkOJkeov6X5fcwmA4j5LK4Cf7UtvHh8hNoMJ0IF6K1T99wKlvgmJWhG174"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd36dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22824

GET
H3 200 3.png
5.rustt.me/jefanya-store/img/product/ Frame B6B1 27 KB
28 KB 593ms
591ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/3.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83456ddf216212a3a5961bb3f687e2bab72c837200a78af6876c4ef1da705065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7ikvhiz9tW7xKebiaSuqb5Dalgy2sm07y9XyQZvazQusjnZBk3Y707rnJDBGOFtcP1P37NPXKNSsTUtgfrynSRG0s7UPj4BL0b7xQcFTHbGUB0iX%2F%2BGf1wcqdCYJKPBOczbGYGQ8nOo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd37dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27837

GET
H3 200 5.png
5.rustt.me/jefanya-store/img/product/ Frame B6B1 39 KB
39 KB 594ms
592ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/5.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e585e21100d4c2dfd20708ac23c62faf66451a6eed5c8af72c348d635aac542b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxasG%2FgbmxBEp2ed8GAnatjFyxyN%2FlLUJkG8gCCWaU0kPIIpSwcMfrW6J1d74kVKkbMhkSeg8W3kJZ0jgV4%2Fh1rzdwuW4GMGscdPsPhK5H84a0Ftg1fCNDnbUUqqN%2BNk8sG7mqv1GPQy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd38dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39489

GET
H3 200 6.png
5.rustt.me/jefanya-store/img/product/ Frame B6B1 53 KB
54 KB 720ms
717ms Image
image/png 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5.rustt.me/jefanya-store/img/product/6.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1ed74d48a857034a509b63602360ea0b39ce7c15c4df9db42619fde5815bb0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT%2FhVyKuXN%2BXZ2EBfypSEWejzqc4A7T8UUIAbWKhn9eBSOdtbb94ujAxFehcbofvHVGhSzD1l4omwnrclZALUXGBFLLH5Upk5oVdQ3uWZ4xe%2Fp2fUdOSe4SVROL0w8XPhuhhDDLB8RKi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746dbd39dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54572

GET
H2 200 guide001.png
cdn.midasbuy.com/images/apps/pubgm/ Frame B6B1 432 KB
433 KB 92ms
89ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/apps/pubgm/guide001.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 9fe15b168ab9a542ae9410fdfca0fa9101d64a4b0c40c64a8d976b26207ddd99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From MemCache, Hit From Inner Cluster
last-modified: Wed, 01 Dec 2021 10:12:01 GMT
server: NWSs
content-type: image/png
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 2e11d981-af7e-41a1-8a16-b6c25bb2ec51
accept-ranges: bytes
content-length: 442225
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 guide002.png
cdn.midasbuy.com/images/apps/pubgm/ Frame B6B1 438 KB
439 KB 93ms
91ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/apps/pubgm/guide002.png
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 01 Dec 2021 10:12:19 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://www.midasbuy.com
cache-control: max-age=600
x-nws-log-uuid: 73df5168-2d66-4e4b-8e9e-555e90cf60bb
accept-ranges: bytes
timing-allow-origin: https://www.midasbuy.com
content-length: 448284
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H3 200 email-decode.min.js Show response
5.rustt.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame B6B1 1 KB
1 KB 34ms
33ms Script
application/javascript 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5.rustt.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/jefanya-store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Feb 2023 12:06:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63fc9cbe-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qROpVKjUBMDSgX2huwYGNJBU1rhWAIB%2F3CwF9x74iMbHtUZgVZWxHRE4%2FQ7TJHMs8aD%2FDkxhKiSTKZc0L4s7wVq%2FYyZWlxFpIX726KwEM4w2iSrows%2F6hKlfNQnMrp9XeodcYNmuP2i9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7a0f746dbd2ddae9-MIA
expires: Fri, 03 Mar 2023 06:48:31 GMT

GET
H2 200 buypage.052bbaf6.js Show response
cdn.midasbuy.com/oversea_web/static/js/ Frame B6B1 152 KB
47 KB 50ms
45ms Script
application/javascript 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: b35045677941134c95267b374b2a153f9843260b4768a7472a995566e6d21508

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 10 Mar 2021 08:45:21 GMT
server: NWSs
content-type: application/javascript
cache-control: max-age=600
x-nws-log-uuid: 98854ad9-ce4c-446e-bd67-86228f968d93
accept-ranges: bytes
content-length: 47711
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 1169ms
310ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|36=https%3A%2F%2Fmidasbuyshop.games%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36|51=&r=0.7511886016237206
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 pc-logo-5f404ea479.png
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 5 KB
6 KB 230ms
229ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 4036577e-108a-4448-8c1a-05bb5eb0abab
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 5403
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 arrow-icon-54d438045f.png
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 360 B
716 B 230ms
230ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:08 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: bf274e4c-d64b-43e9-8a89-87f7d487ab3d
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 360
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 pc-fb-eade39686c.png
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 2 KB
3 KB 213ms
212ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-nws-log-uuid: 485740b9-fa0a-4f8a-9c9d-33ec441efa00
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 2407
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 1920x240.e47dbb36.jpg
cdn.midasbuy.com/images/ Frame B6B1 234 KB
235 KB 385ms
384ms Image
image/jpeg 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/images/1920x240.e47dbb36.jpg
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 4f76ffd0cea005da2a57fb7d94aca2449087bce733763d1c25f42c479ab74cfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
x-cache-lookup: Hit From Upstream, Hit From Disktank3
last-modified: Thu, 17 Nov 2022 08:47:35 GMT
server: NWSs
content-type: image/jpeg
access-control-allow-origin: https://www.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=2
x-nws-log-uuid: 55d57063-41c2-4cfd-be01-0a2a7ee7763e
accept-ranges: bytes
timing-allow-origin: https://www.midasbuy.com
content-length: 240074
expires: Wed, 01 Mar 2023 06:58:31 GMT

GET
H2 200 tab-actvie-6a7af30a7d.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame B6B1 6 KB
7 KB 213ms
212ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:17 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 1630f330-6f68-4593-9fc0-726fbecc296d
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 6303
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 help-3511261f22.png
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 768 B
1 KB 213ms
213ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/help-3511261f22.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 58a9d84a82320ae57c1f150a1c32d868459335083c0095c36504a1acb0fad2ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:29 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 7dcbbf8c-a994-4449-afe5-fe9e4ba7c2fe
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 768
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 list-active-new-0f7ecf2cdd.svg
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 615 B
974 B 213ms
213ms Image
image/svg+xml 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:31 GMT
server: NWSs
content-type: image/svg+xml
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 16fa542b-aca1-434d-9f42-30979f4e0cc4
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 615
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 card-bg-097257145b.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame B6B1 45 KB
45 KB 212ms
212ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 2e0888e8-d3a7-46a2-910f-d30854f79fbe
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 45735
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H3 200 DINMITTELSCHRIFTSTD.woff
5.rustt.me/jefanya-store/font/ Frame B6B1 24 KB
25 KB 603ms
603ms Font
font/woff 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/jefanya-store/font/DINMITTELSCHRIFTSTD.woff
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c

Request headers

Referer: https://5.rustt.me/jefanya-store/
Origin: https://5.rustt.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:32 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 08:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAwaOd6p4JKtwk3j9HFsvYHlk1Kt0AAKYxwFFA1O6J8O%2Fvcww1aQf1f9VgrhRJIR8KHdoOSPhSUud9r5dUqTYL34YDf1wtATguQxLhla6dA66YsMx0wWcFuQxD295wlYWKeqjCtMfWX3"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a0f746ddd62dae9-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24996

GET
H2 200 whitelist Show response
aegis.qq.com/aegis/ Frame B6B1 58 B
230 B 2392ms
1623ms XHR
application/json 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/aegis/whitelist?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=c489a7fa-7eef-4ffd-946b-428e62712d96&platform=100&x5Type=3&netType=100&sessionId=session-1677653311586&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty / Express
Resource Hash: bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:33 GMT
server: openresty
x-powered-by: Express
content-length: 58
etag: W/"3a-Mq+Z0YrSSADKAkwAZ0tpR8ztW14"
content-type: application/json; charset=utf-8

GET
H3 404 receiveMsg.html Show response
5.rustt.me/oversea_web/static/ Frame 1B64 315 B
647 B 710ms
709ms Document
text/html 2606:4700:3035::ac43:8222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07545563430138502
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://5.rustt.me/jefanya-store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a0f746eae0cdae9-MIA
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Wed, 01 Mar 2023 06:48:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeBk9DvDD1FY259juZin6u7DfRiXctZpO1LA2pUEsZ4C0T2EVDM1EnJrxXR8%2BIf%2BxKF6lddeEAijYd2HY5bil5h8PIsjz8TPi%2FFZwGB9fKf2kf%2B3S8LoKlLdidHG52GSDbw5SsF6bL43"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 1412ms
705ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653311717|6=1677653311717|29=0404447576727409831615827099757&rr=0.5583156829359817
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 card-active-bg-c8325e2e0e.png
cdn.midasbuy.com/oversea_web/static/images/codmicon/ Frame B6B1 111 KB
112 KB 116ms
115ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 0d2a01d8-305b-4d8d-9597-f8ae0d853c8f
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 113890
expires: Wed, 01 Mar 2023 06:58:30 GMT

GET
H2 200 feedback-icon-d5219efc94.png
cdn.midasbuy.com/oversea_web/static/images/ Frame B6B1 1 KB
2 KB 54ms
53ms Image
image/png 211.152.148.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
Requested by: Host: cdn.midasbuy.com
URL: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.152.148.45 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: NWSs /
Resource Hash: 62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:48:31 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Tue, 27 Apr 2021 10:57:27 GMT
server: NWSs
content-type: image/png
access-control-allow-origin: https://cdn.midasbuy.com
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 090706ec-0137-462c-8314-e3e0c41f990b
accept-ranges: bytes
timing-allow-origin: https://cdn.midasbuy.com
content-length: 1272
expires: Wed, 01 Mar 2023 06:58:31 GMT

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 819ms
312ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653311720|6=1677653311720|29=0404447576727409831615827099757&rr=0.9056926900251496
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 960ms
653ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653311782|6=1677653311782|29=0404447576727409831615827099757&rr=0.24364570873350377
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 204 collect Show response
aegis.qq.com/ Frame B6B1 0
274 B 671ms
670ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/collect?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=c489a7fa-7eef-4ffd-946b-428e62712d96&platform=100&x5Type=3&netType=100&sessionId=session-1677653311586&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:34 GMT
cross-origin-resource-policy: cross-origin
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS

POST
H2 200 f4 Show response
dp.telesafe.qq.com/ Frame B6B1 137 B
242 B 1632ms
281ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/f4
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf7ce37d47830289fbb44a6b087c7a2f8a1b43d12db36fb37ca2210a1e7e78e

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:35 GMT
content-length: 137
content-type: application/json; charset=utf-8

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 313ms
313ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=times%3D3039.7000007629395%26html%3D550.7999992370605%26dns%3D0%26tcp%3D0%26res%3D1954.5|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653313655|6=1677653313655|29=0404447576727409831615827099757&rr=0.1789005389300795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 204 performance Show response
aegis.qq.com/speed/ Frame B6B1 0
72 B 284ms
284ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/speed/performance?dnsLookup=0&tcp=0&ssl=0&ttfb=173&contentDownload=378&domParse=2199&resourceDownload=1864&firstScreenTiming=2912&id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=c489a7fa-7eef-4ffd-946b-428e62712d96&platform=100&x5Type=3&netType=100&sessionId=session-1677653311586&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:34 GMT
server: openresty

POST
H2 204 speed Show response
aegis.qq.com/ Frame B6B1 0
72 B 826ms
826ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/speed?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=c489a7fa-7eef-4ffd-946b-428e62712d96&platform=100&x5Type=3&netType=100&sessionId=session-1677653311586&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCMTD1QnaFOXdD15i

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:35 GMT
server: openresty

POST
H/1.1 200
OK getwt Show response
kepler.captcha.qcloud.com/ Frame B6B1 358 B
606 B 780ms
262ms XHR
text/json 129.226.107.210
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://kepler.captcha.qcloud.com/getwt
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.107.210 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: 1cad5a485c324ac23bdfef1de0b5f239f9705c2b8b9feb7370ba89e37be7f8bb

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: No-cache
Date: Wed, 01 Mar 2023 06:48:35 GMT
Server: tencent http server
Content-Type: text/json
Access-Control-Allow-Origin: *
P3P: CP=CAO PSA OUR
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358

POST
H2 200 t3 Show response
dp.telesafe.qq.com/ Frame B6B1 66 B
169 B 280ms
280ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/t3
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4f2d6897eba0fa2a5b07b9be426f0357716ab351cfef0432f83938f662aa25

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:35 GMT
content-length: 66
content-type: application/json; charset=utf-8

POST
H2 200 t3 Show response
dp.telesafe.qq.com/ Frame B6B1 66 B
169 B 279ms
278ms XHR
application/json 101.32.212.216

General

Check archive.org

Show headers Download Go to

Full URL: https://dp.telesafe.qq.com/t3
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.32.212.216 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4f2d6897eba0fa2a5b07b9be426f0357716ab351cfef0432f83938f662aa25

Request headers

Accept: application/json, text/plain, */*
Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:35 GMT
content-length: 66
content-type: application/json; charset=utf-8

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 700ms
699ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.success|8=times%3D4010|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653315731|6=1677653315731|29=0404447576727409831615827099757&rr=0.3360291068273722
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 log_data.fcg
report1.midasbuy.com/cgi-bin/ Frame B6B1 0
0 312ms
311ms Image
text/html 43.152.182.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.success|8=times%3D4014|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyshop.games%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36|38=1677653315731|6=1677653315731|29=0404447576727409831615827099757&rr=0.13969491484896124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5.rustt.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 204 speed Show response
aegis.qq.com/ Frame B6B1 0
72 B 281ms
280ms XHR
text/plain 240e:97c:2f:1003::12

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.qq.com/speed?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=c489a7fa-7eef-4ffd-946b-428e62712d96&platform=100&x5Type=3&netType=100&sessionId=session-1677653311586&from=https%3A%2F%2F5.rustt.me%2Fjefanya-store%2F&referer=https://midasbuyshop.games/
Requested by: Host: 5.rustt.me
URL: https://5.rustt.me/jefanya-store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1003::12 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5.rustt.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryTbBm9D2GvWM3yt4B

Response headers

access-control-allow-origin: *
date: Wed, 01 Mar 2023 06:48:37 GMT
server: openresty

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| __CF

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://midasbuyshop.games/(Line 3) Message: The key "" is not recognized and ignored.
network	error	URL: https://5.rustt.me/oversea_web/static/js/x-midas/foXpt24MxhVpLTWmFsULBWJ0hD79nV7v9xWmNlTyU3Bqe4AEdEhMwu9wQOZRznaiasaltyxZa4hdYZdpZTVP_4fNAGKEXIYBcBqHZ0gpIMU~.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://5.rustt.me/oversea_web/static/receiveMsg.html?buy_type_key=CURRENT_BUY_ITEM_SAVE_page_07545563430138502 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gimg.qq.com
5.rustt.me
aegis.qq.com
cdn.jsdelivr.net
cdn.midasbuy.com
dp.telesafe.qq.com
i.ibb.co
kepler.captcha.qcloud.com
midas.gtimg.cn
midasbuyshop.games
report1.midasbuy.com
www.midasbuy.com
101.32.212.216
104.243.38.202
129.226.107.210
203.205.136.243
211.152.148.45
240e:97c:2f:1003::12
2606:4700:3035::6815:671
2606:4700:3035::ac43:8222
2a04:4e42::485
43.152.182.14
43.152.54.143
96.6.22.204
048abd4819215f60056bfdca12dde3f9709333c3216c43329d032d4fc4772a36
089878c4af2ccaaa206b2fff070dc068a4f0acdd17ff2de1432bb6463446d8ce
0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0
1000dc6ce14d891d1c4ca8de2c1a52009e8c0e1f166cbee0beca537e527d4f6e
1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b
1c6f14287e97cc3245de0bc8a4f7cec7c641b0e83c47ad22aad52c0686d21af5
1cad5a485c324ac23bdfef1de0b5f239f9705c2b8b9feb7370ba89e37be7f8bb
1cc5a77bbaff50236632a41e80941f8aaca70663b572370c9ace986afa89768b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bc44ec886542faf19965c1aad8d5b273f052d76585cc5fd934ce59f1d24ebe2
362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313
3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8
46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31
4bcb452bf07df52c2fbd3f0a65263cd81e544cdc7d19cef7908ecb9428df15fd
4f76ffd0cea005da2a57fb7d94aca2449087bce733763d1c25f42c479ab74cfa
528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e
55f0e2f20760b6b11253664df938bee1158390f88bfe8fb49eb126567123ca58
58a9d84a82320ae57c1f150a1c32d868459335083c0095c36504a1acb0fad2ea
5e1ed74d48a857034a509b63602360ea0b39ce7c15c4df9db42619fde5815bb0
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985
62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575
65bb6c9a5a42adff26d1fe20756614c49fbaad40f3929e3898f3a760a04cd2bc
6b4f2d6897eba0fa2a5b07b9be426f0357716ab351cfef0432f83938f662aa25
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
83456ddf216212a3a5961bb3f687e2bab72c837200a78af6876c4ef1da705065
9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3
9d52dca805b5ef33f989d9d425ec8a11f8b726c98fbaca9d41d0c11c1f5fa3d0
9fe15b168ab9a542ae9410fdfca0fa9101d64a4b0c40c64a8d976b26207ddd99
a406545520016ebc8913e102352c7d11b54e1f543f19c965a943ead3035a5b78
a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7
b35045677941134c95267b374b2a153f9843260b4768a7472a995566e6d21508
bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e
c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c
c442f760be7613d058ec178fea8b3bff2984830afa8ec523b006f52f2a41dba2
c922214dd2b6560e226d0a36ee21c474d3d4184c7599d1baba67c4c8287af4ef
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e585e21100d4c2dfd20708ac23c62faf66451a6eed5c8af72c348d635aac542b
ecf7ce37d47830289fbb44a6b087c7a2f8a1b43d12db36fb37ca2210a1e7e78e
fb29d9ce7243bd6b0f2e4cb8666f831285696ee23b70de68a72f1c8d73844ef0
fcb4576438361d09632849295af08f3cc448b8e104902ac1303df41a91dd4af1
fea99403dd834e7b61ee51fd481e0d4fcbca047aadd57c15d405513e0b7e8a99

midasbuyshop.games Open in urlscan Pro 2606:4700:3035::6815:671 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

33 %IPv6

8 Domains

12 Subdomains

12 IPs

3 Countries

1935 kBTransfer

3174 kBSize

0 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

midasbuyshop.games Open in urlscan Pro
2606:4700:3035::6815:671 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

1935 kB
Transfer

3174 kB
Size

0
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!