Submitted URL: https://xx97.xyz/
Effective URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Submission: On June 30 via api from US — Scanned from NL

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 32 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is pwa.mgwg8719.xyz.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time pwa.mgwg8719.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
16 188.114.97.3 13335 (CLOUDFLAR...)
14 138.113.27.9 54994 (ML-1432-5...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
32 4
Apex Domain
Subdomains
Transfer
14 rvrz5024.xyz
img.rvrz5024.xyz
192 KB
13 mgwg8719.xyz
pwa.mgwg8719.xyz
276 KB
3 xiaoou.org
umami.xiaoou.org
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
95 KB
1 xx97.xyz
xx97.xyz
532 B
32 6
Domain Requested by
14 img.rvrz5024.xyz pwa.mgwg8719.xyz
13 pwa.mgwg8719.xyz pwa.mgwg8719.xyz
3 umami.xiaoou.org pwa.mgwg8719.xyz
umami.xiaoou.org
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pwa.mgwg8719.xyz
1 xx97.xyz 1 redirects
32 6

This site contains no links.

Subject Issuer Validity Valid
mgwg8719.xyz
WE1
2024-06-12 -
2024-09-10
3 months crt.sh
*.ubpt2400.xyz
R3
2024-04-20 -
2024-07-19
3 months crt.sh
xiaoou.org
WE1
2024-06-12 -
2024-09-10
3 months crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Frame ID: E4AE25DB46693AB205D779CAFFD7079D
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

小欧视频

Page URL History Show full URLs

  1. https://xx97.xyz/ HTTP 302
    https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

566 kB
Transfer

3645 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xx97.xyz/ HTTP 302
    https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request offer
pwa.mgwg8719.xyz/land/
Redirect Chain
  • https://xx97.xyz/
  • https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
109 KB
15 KB
Document
General
Full URL
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
55f902b4e91c7152ed0be80c584709ab107f4cc052ca8a305e3341663c0a572f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c16417692fa037-FRA
content-encoding
br
content-type
text/html
date
Sun, 30 Jun 2024 21:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ayCjCcO74yMRjxGkCrIlS1rSLGZ2crcyA3kAMQZ3MPMhJSIMEqAMMP440VDwH4XkmUpk%2FJl5a6oeuA538zDiWCwxvi1QZfg6fSG5JkrErKZRzq%2BGoKN0kfvf1ZiL0MaJRYGl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c164132deb5d44-FRA
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 21:53:46 GMT
location
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE1LH%2F2ZowWFxlFX94zILeaKEoZyJqx1U9ZjxVMbSCbytsxJUYUUAPhB3ngNX2aqtzM6j%2FK6Nlwt1GYkjawHR2y%2BJUIyHEOc6BCesIK0ITx%2BYgVY0oiehDb1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept, Accept-Encoding
x-powered-by
Express
logo_nobg_60x60.png
pwa.mgwg8719.xyz/
2 KB
2 KB
Image
General
Full URL
https://pwa.mgwg8719.xyz/logo_nobg_60x60.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4bd5bd873b1016b1c6b046e267fcc96d459a1247b95978151319ae32dfe8d91e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Mar 2023 06:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"669-186c4f4b2be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeADV1hx8pXcmvqqrcq7IDiFPI7tLCvTNKd%2BuwBzI%2F6tgzns2PtOKWjEe69X7PmTN2YNyPok6SoGDGkIUs91iGXLxcei0hOdo01DJ5TF7RsBMG1YUgZQZ%2Fo0RCK%2FLhLnZ12D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89c1641bbf53a037-FRA
alt-svc
h3=":443"; ma=86400
content-length
1641
poster.jpg
img.rvrz5024.xyz/image/landing/offer2/
13 KB
14 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/poster.jpg
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
61025b9ad21fe3cb1ec0396c6cd23d6a7c95bbb6dfca8955295cfc839409d8fc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:46 GMT
content-security-policy
block-all-mixed-content
via
1.1 PS-JFK-01T5Z186:3 (W), 1.1 ld85:10 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C980BE6796902C
age
369461
x-px
ht PS-FRA-04r6449none
content-length
13766
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:51 GMT
server
PWS/8.3.1.0.8
etag
"d8ac0339f87301d1d0c1b9c5f92250fa"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
empty.png
pwa.mgwg8719.xyz/
934 B
1 KB
Image
General
Full URL
https://pwa.mgwg8719.xyz/empty.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
229fddae5833fe861456c225c3055d39543884e057479c03600170ae77bbb524

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Mar 2023 05:59:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"3a6-186c4f47153"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O902FXwRYKz8AgdJNppvB9GMsQfz2eDPe7o9nrOGudRIUA%2Fl3fVtu7wD%2BgKYj5Njf5lQH%2BC7Vg16RJsKUYjhiu8dii7gggy1a2cY13d7IFcLmXsejrKiOiY39yMw%2BFnVa6q6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89c1641bdf7ca037-FRA
alt-svc
h3=":443"; ma=86400
content-length
934
74549df83e2a5699.css
pwa.mgwg8719.xyz/_next/static/css/
62 KB
11 KB
Stylesheet
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/css/74549df83e2a5699.css
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
56fb1541ae5e1509d54e08c558b665ca4941b5126c8c241e37e5f8054e7957e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"f710-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BGOmThtGGhB9sPSKoPwBETZvQljkCuiHc8KLDVO46Z2toDu8Q4PIJQE3QBKv8jDIgMMBfhUz2ReBomYvS0eEwhyHYtmz%2FLbHDnvEI3MKwlFncoqEYaxAfrU4Ip9mr6wjd3C"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641bdf81a037-FRA
alt-svc
h3=":443"; ma=86400
MD165_640.mp4
img.rvrz5024.xyz/image/landing/offer2/
456 KB
0
Media
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/MD165_640.mp4
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://pwa.mgwg8719.xyz/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:46 GMT
content-security-policy
block-all-mixed-content
via
1.1 hb72:6 (W), 1.1 ld85:3 (W), 1.1 PS-FRA-04r6449:6 (W)
x-amz-request-id
17BA2C6D11495271
age
209
Content-Range
bytes 0-2269998/2269999
x-px
ms PS-FRA-04r6449none, ht ld85none
Content-Length
2269999
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:44 GMT
server
PWS/8.3.1.0.8
etag
"11dc761ed21c1ec957c007c64c3d7cc2"
access-control-max-age
7776000
vary
accept-encoding
content-type
video/mp4
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
MD165_640.mp4
img.rvrz5024.xyz/image/landing/offer2/
73 KB
73 KB
Media
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/MD165_640.mp4
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
20fec81cedab122f27b0c9930cd7a0ee5489182540f42c65bb4aee30df793d9d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://pwa.mgwg8719.xyz/
Range
bytes=2195456-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 hb72:6 (W), 1.1 ld85:3 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17BA2C6D11495271
age
1
Content-Range
bytes 2195456-2269998/2269999
x-px
ht PS-FRA-04r6449none
Content-Length
74543
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:44 GMT
server
PWS/8.3.1.0.8
etag
"11dc761ed21c1ec957c007c64c3d7cc2"
access-control-max-age
7776000
vary
accept-encoding
content-type
video/mp4
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
script.js
umami.xiaoou.org/
3 KB
2 KB
Script
General
Full URL
https://umami.xiaoou.org/script.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fd73f8d4c4e93f16a5f50cf698c68345ba696d3e893509442ba600c4d3979f
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Sat, 01 Jun 2024 15:19:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a0d-18fd461fe91"
x-dns-prefetch-control
on
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiW5RFRQiIV65H0SfeNBHkewxPc2reMn61%2BbT2Qfr9R8r5Seq3Hm1DWglR8CQ5VFynywthRQWD9gZrDnUPRGeD1C2NkNKeTUrVwbFaOPOglcBS0Vk%2F5qBIOVivJNV90ub7hi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
89c1641ebd964dac-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
275 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9WB6DQN0YD
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eae3aaea3d825810cc04b9acbf6899c122fcb0b9f764c2c711288d4c8b91189b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97008
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 21:53:47 GMT
webpack-803344c6cc63a5bf.js
pwa.mgwg8719.xyz/_next/static/chunks/
28 KB
16 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/chunks/webpack-803344c6cc63a5bf.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
84b10ada477716a5b6297507b7b68a036dfc9b7b5ce61d0ec7f5cdd281301cc2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"6f22-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKMXMpxoErttylgiAUSDKdp7DIZXYJnZGkeId594gmDA%2FxIOsjSJ1jruMuR4Hs53WtjMpmH3dFMUj1QWv%2BGiw4eyyS8c9GbiVCL2W2e0%2BExvzGYomdhazHup5eFIun17xlPN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d997ba037-FRA
alt-svc
h3=":443"; ma=86400
framework-5ec7f968e70d8a94.js
pwa.mgwg8719.xyz/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/chunks/framework-5ec7f968e70d8a94.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
37237a723129916cf9a73c4c8c01e713480b6b80f74d52a67a47027a26e4aa88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"22698-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjoOVf9iU5yHTyapkUjdFWKd73p3hMxdAXaQslScS9pXvsjoQ0psTqwDdSCJB67tjbYVs4xDUrduCTkUYBsUxN1n8RYjWKq3vVK5yPSvrYI7T6YxjzOnkfoz123UgNtFKYJA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d997fa037-FRA
alt-svc
h3=":443"; ma=86400
main-e934482243832482.js
pwa.mgwg8719.xyz/_next/static/chunks/
106 KB
31 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/chunks/main-e934482243832482.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f0485925805270382ee742cd30c42ddc0209ab7d10b4e5310a242b5c2f17c5f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1a9d7-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJW6ZcP9QkWR%2B4Qb%2F8DPhKqannCoMgX4L%2FnjwCqnT0aNB0vlT30H5EDlZVFSP5cVtS%2B5UHExz3p%2FIPhMmHVzymUdW2IKtt4T3oTFyDEGfxdJnzuLxFS6lcYNQcHWK%2BoVKOZ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d9981a037-FRA
alt-svc
h3=":443"; ma=86400
_app-d89eaf2e5e86649d.js
pwa.mgwg8719.xyz/_next/static/chunks/pages/
475 KB
132 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/chunks/pages/_app-d89eaf2e5e86649d.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5eb0667909816d496e95ae3b705be805cce7c7e4ea88c2d06a21338035504f1d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"76a3b-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XeWE60lgvU4pYsJu2Am67HKftwnyuo9ZrQEdnfgkWw5wKMsqwqHp%2FbiDuXTCPMv8PgBBQTADeHS7S%2B9x6WUCd8oFzHyJPC9WGp%2FGQ8g4EeVEGf%2FIOQUrfj4AJDdGwMmnCffM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d9982a037-FRA
alt-svc
h3=":443"; ma=86400
watch-02e2a3c334d14adf.js
pwa.mgwg8719.xyz/_next/static/chunks/pages/
26 KB
9 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/chunks/pages/watch-02e2a3c334d14adf.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cfb1496e4667a92434726b94ad143217e6becf9720f32c90de27aecb84a07616

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"69ee-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7LAFDGkWOeYnjTZLjF8oZHG5KISoTyP%2Fc%2B3FH033esuGI48sVfZHkgHwlHhtF8vYyseq8pZKI5GcFS2FD8j5%2F9CfX1yHRDVhNXbckInUTL7MWXBXij4GQaOaxM38Y50d2NJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d9984a037-FRA
alt-svc
h3=":443"; ma=86400
_buildManifest.js
pwa.mgwg8719.xyz/_next/static/JUihwX6wHUs3-4Ejfd4EX/
8 KB
3 KB
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/JUihwX6wHUs3-4Ejfd4EX/_buildManifest.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
631cc5017eaee45dd0c06b2d95dd4d6c43e00e8537b7d5b681dd7d9c6bec3533

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:46:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"20bd-19065524d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWy8sFECvqbcl7%2BUDZ%2Fx1oLbbKmSUQ2%2FcYt3S6R%2BHJ45SZ9HbHgvAxOMk2EBI0GjYu5K4v8cWPiqtI12UZ09IVTk721gWJ6Jkh9TkJ47CqhsHvscBjieQhTaA3EKqDBsBsM8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d9986a037-FRA
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
pwa.mgwg8719.xyz/_next/static/JUihwX6wHUs3-4Ejfd4EX/
88 B
569 B
Script
General
Full URL
https://pwa.mgwg8719.xyz/_next/static/JUihwX6wHUs3-4Ejfd4EX/_ssgManifest.js
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 18:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"58-19065527488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mKv2XZO30WPqtXqCA%2BwLMHoqqLFHcu0WqTVGUbt0LiBcZlSHA8TaReRrUGcyfPrNlTyL0CQXbwSqlteNaG%2BkGPYPFex%2Bc3igmvHO82MuFzA8QsxJhHpi%2FaFYef2XVX02b7I"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
89c1641d9987a037-FRA
alt-svc
h3=":443"; ma=86400
room_cn_2.webp
img.rvrz5024.xyz/image/landing/offer2/
24 KB
24 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/room_cn_2.webp
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b6b5ea8487251a1ccfa2c468de60676ee2c25f86092b40846abf33caf0dc8291
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 shb78:7 (W), 1.1 hb73:6 (W), 1.1 ld81:12 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C0410698D8CDD8
age
369462
x-px
ht PS-FRA-04r6449none
content-length
24430
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:57 GMT
server
PWS/8.3.1.0.8
etag
"4e967b5e4240afba205a177b67d86396"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
streaming.gif
pwa.mgwg8719.xyz/
9 KB
10 KB
Image
General
Full URL
https://pwa.mgwg8719.xyz/streaming.gif
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2942445064008fdb2d35ce8c740d46bed4bba75b21d9464b7a44485aded4600a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Mar 2023 06:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"241e-186c4f4b2be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSekN6Oy%2BphSwmne%2BVxqTtup1dWOTQcHcmGp1NtGo%2FuKbZJ%2B9DSqOEi%2B%2BrysXQ6bs1BItUEAlGp2wccz81ycjLa4P9TtutZ%2F5QbPGKf%2BxGHMjqVudMfvZdG%2BNxztmf8K0S33"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89c1641e6a74a037-FRA
alt-svc
h3=":443"; ma=86400
content-length
9246
country_cn.png
img.rvrz5024.xyz/image/landing/offer2/
777 B
1 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/country_cn.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
78f68c15e9b5cb808489f9d1fbfcfcdd1c01ea09fa11ef11de47e08accb84944
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 shb75:3 (W), 1.1 shb79:0 (W), 1.1 ld82:1 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C1C4D3A03485D2
age
369462
x-px
ht PS-FRA-04r6449none
content-length
777
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:48 GMT
server
PWS/8.3.1.0.8
etag
"56d09fb98da0130bc6276a4dcd4d526b"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
room_asian_2.webp
img.rvrz5024.xyz/image/landing/offer2/
23 KB
24 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/room_asian_2.webp
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
951e4c7048415235b3b2fc5238cb0776b3e3ceb1331b30c50e5fa49cef8e0684
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 PS-JFK-01sPK201:3 (W), 1.1 PSdgflkfFRA2ho83:0 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17B958D58740BB63
age
369462
x-px
ht PS-FRA-04r6449none
content-length
23912
x-xss-protection
1; mode=block
last-modified
Sun, 03 Mar 2024 18:06:16 GMT
server
PWS/8.3.1.0.8
etag
"040f5594e5835a8d69213afbc0cbd554"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
country_ko.png
img.rvrz5024.xyz/image/landing/offer2/
1 KB
1 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/country_ko.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
25e204bc4a6809c64ee996ca17359f7ee5f91b5eac45e7b9967e3594efd28000
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 shb75:1 (W), 1.1 PSdgflkfFRA2fd90:5 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C0969760B519A6
age
369462
x-px
ht PS-FRA-04r6449none
content-length
1031
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:58 GMT
server
PWS/8.3.1.0.8
etag
"9eb1e9fd1c5fe8aacfbe6c1fbd4e5876"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
room_us_2.webp
img.rvrz5024.xyz/image/landing/offer2/
14 KB
14 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/room_us_2.webp
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ba064fbab390c1ed63114b448b0f7e425dc7a7fd7e6b35d2b5dfb9ce3f009494
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 PS-JFK-01T5Z186:4 (W), 1.1 ld85:10 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C0825980F36774
age
369462
x-px
ht PS-FRA-04r6449none
content-length
14118
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:49 GMT
server
PWS/8.3.1.0.8
etag
"cb74bc5e76ee8674de79782f8c1e819c"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
country_us.png
img.rvrz5024.xyz/image/landing/offer2/
1 KB
2 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/country_us.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
84270fbeacbddea00511a87c22a4124939b255de4f6800af5f41c41312e708fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 hb73:6 (W), 1.1 ld81:12 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C142EAF8913EB7
age
369462
x-px
ht PS-FRA-04r6449none
content-length
1302
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:43 GMT
server
PWS/8.3.1.0.8
etag
"41dc98d728b6fe0c90d8803c208c6977"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
room_russian_3.webp
img.rvrz5024.xyz/image/landing/offer2/
18 KB
18 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/room_russian_3.webp
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0fd8ed837323a635e072d9c8a62a0a34925c6e5ac8107e6b2727c6591dd64b6b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 hb73:3 (W), 1.1 PS-FRA-01KiO164:2 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C142EAFB1469A7
age
369461
x-px
ht PS-FRA-04r6449none
content-length
18366
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:46:02 GMT
server
PWS/8.3.1.0.8
etag
"f3eadfab6a0edf8ca91beb22eeb3e2dc"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
country_russia.png
img.rvrz5024.xyz/image/landing/offer2/
690 B
1 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/country_russia.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6c6b7ca0a212388c0ba28bce78c9185c291fd157ebf9349ab4fd587f1bbb146c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 shb78:5 (W), 1.1 shb75:5 (W), 1.1 ld85:3 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17B9742B9C26FF04
age
369460
x-px
ht PS-FRA-04r6449none
content-length
690
x-xss-protection
1; mode=block
last-modified
Sun, 03 Mar 2024 18:04:41 GMT
server
PWS/8.3.1.0.8
etag
"621365475f9a0eb7c88e072d4db7bde6"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
room_couple.webp
img.rvrz5024.xyz/image/landing/offer2/
16 KB
17 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/room_couple.webp
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
01e17e97c9ef34c65cbcee933ece88dfac672cfea732c356fa001c3936ac9513
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 PS-JFK-01sPK201:5 (W), 1.1 PS-JFK-01s8o183:12 (W), 1.1 PSdgflkfFRA2fd90:5 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C1C4D3E8C08FC7
age
369461
x-px
ht PS-FRA-04r6449none
content-length
16518
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:49 GMT
server
PWS/8.3.1.0.8
etag
"62f9fb7f4b08ce100f79c16447595d12"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
country_un.png
img.rvrz5024.xyz/image/landing/offer2/
2 KB
2 KB
Image
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/country_un.png
Requested by
Host: pwa.mgwg8719.xyz
URL: https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
904ed4d5486080d524e00707ddd830b6fd6e185ba229b4e9386ad636f90febbe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 PS-JFK-01T5Z186:0 (W), 1.1 PS-JFK-01T5Z186:0 (W), 1.1 PS-FRA-01KiO164:2 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17C2B7681670E479
age
369460
x-px
ht PS-FRA-04r6449none
content-length
1659
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:46:01 GMT
server
PWS/8.3.1.0.8
etag
"c1635a19ff56fc8cde1010f2607d01d5"
vary
Origin
access-control-max-age
7776000
content-type
image/jpeg
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9WB6DQN0YD&gtm=45je46q0v893360646za200&_p=1719784427117&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=908351905.1719784427&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719784427&sct=1&seg=0&dl=https%3A%2F%2Fpwa.mgwg8719.xyz%2Fland%2Foffer%3Fp%3Dpwa%26f%3D1719530261743%26campaign%3Ddefault%26source%3Ddefault%26cid%3Ddefault%26l%3Doffer&dt=%E5%B0%8F%E6%AC%A7%E8%A7%86%E9%A2%91&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2052&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9WB6DQN0YD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 21:53:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pwa.mgwg8719.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
umami.xiaoou.org/api/
56 B
595 B
Fetch
General
Full URL
https://umami.xiaoou.org/api/send
Requested by
Host: umami.xiaoou.org
URL: https://umami.xiaoou.org/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70aaaf84cb1e53c3a48aeb4bc3595824c6f1ef2d53fd1ee6d6582cddca572782
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://pwa.mgwg8719.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jun 2024 21:53:49 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-dns-prefetch-control
on
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJU36du3aOJdMOyLeN9wMEQi5JCowxCKdbbBnMXz0lxXBqMZxpE%2FyBQjuM4yYZlKzIvytD9g6VOHdO1dfQJe6tyGoz0lAsGrw%2B7Rq96hD7xSFuX8qx0y4j4X3ACmetaCTGUk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
89c1642a3dd239c8-FRA
alt-svc
h3=":443"; ma=86400
send
umami.xiaoou.org/api/
0
0
Preflight
General
Full URL
https://umami.xiaoou.org/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pwa.mgwg8719.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c164280b0939c8-FRA
content-length
0
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
date
Sun, 30 Jun 2024 21:53:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugzRYiKpgxQ9kZWAnBp%2BVQi4qXi2mzj3m3vL%2Bk%2FHcqxAGg6HgH6mwjY9Qwo%2FqIzMaPP9%2FzPlxqoa05RjYN4H6uqJ2h8y4w9NxY7ks0Atre51FZYUVroTE0o8LPkn5hWnX6MU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
x-dns-prefetch-control
on
favicon.ico
pwa.mgwg8719.xyz/
1 KB
1 KB
Other
General
Full URL
https://pwa.mgwg8719.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
269bad24044345a4f5ff051e75e4f866e39283ffdc03d5b37020b2e4c1d5cc2b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pwa.mgwg8719.xyz/land/offer?p=pwa&f=1719530261743&campaign=default&source=default&cid=default&l=offer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:49 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 26 Feb 2023 01:29:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"47e-1868b56a0d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71hACv%2BKQtL1PRlDsN9xdBZhH2jcF5VWcItS2vuqT5IWUWww%2BOfRrDe6SNiwsUFMmAthj9ri3KJjOaKZTtlmvOtw743tRG99MKtb5c7%2FjlCDCUPVA3LLKHYcjC%2FBAqXLO8%2Fs"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=14400
cf-ray
89c16427ef0ba037-FRA
alt-svc
h3=":443"; ma=86400
MD165_640.mp4
img.rvrz5024.xyz/image/landing/offer2/
2 MB
0
Media
General
Full URL
https://img.rvrz5024.xyz/image/landing/offer2/MD165_640.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.27.9 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://pwa.mgwg8719.xyz/
Range
bytes=458752-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:53:47 GMT
content-security-policy
block-all-mixed-content
via
1.1 hb72:6 (W), 1.1 ld85:3 (W), 0.0 PS-FRA-04r6449:6 (W)
x-amz-request-id
17BA2C6D11495271
age
1
Content-Range
bytes 458752-2269998/2269999
x-px
ht PS-FRA-04r6449none
Content-Length
1811247
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:45:44 GMT
server
PWS/8.3.1.0.8
etag
"11dc761ed21c1ec957c007c64c3d7cc2"
access-control-max-age
7776000
vary
accept-encoding
content-type
video/mp4
x-minio-deployment-id
043b44a4-994e-49a1-aab3-08ec263f6f5b
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| lozad function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| umami object| __SSG_MANIFEST object| __BUILD_MANIFEST object| webpackChunk_N_E object| _N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_P

2 Cookies

Domain/Path Name / Value
.mgwg8719.xyz/ Name: _ga_9WB6DQN0YD
Value: GS1.1.1719784427.1.0.1719784427.0.0.0
.mgwg8719.xyz/ Name: _ga
Value: GA1.1.908351905.1719784427

1 Console Messages

Source Level URL
Text
network error URL: https://umami.xiaoou.org/api/send
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.rvrz5024.xyz
pwa.mgwg8719.xyz
region1.google-analytics.com
umami.xiaoou.org
www.googletagmanager.com
xx97.xyz
138.113.27.9
188.114.96.3
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:80b::2008
01e17e97c9ef34c65cbcee933ece88dfac672cfea732c356fa001c3936ac9513
0fd8ed837323a635e072d9c8a62a0a34925c6e5ac8107e6b2727c6591dd64b6b
20fec81cedab122f27b0c9930cd7a0ee5489182540f42c65bb4aee30df793d9d
229fddae5833fe861456c225c3055d39543884e057479c03600170ae77bbb524
25e204bc4a6809c64ee996ca17359f7ee5f91b5eac45e7b9967e3594efd28000
269bad24044345a4f5ff051e75e4f866e39283ffdc03d5b37020b2e4c1d5cc2b
2942445064008fdb2d35ce8c740d46bed4bba75b21d9464b7a44485aded4600a
37237a723129916cf9a73c4c8c01e713480b6b80f74d52a67a47027a26e4aa88
4bd5bd873b1016b1c6b046e267fcc96d459a1247b95978151319ae32dfe8d91e
55f902b4e91c7152ed0be80c584709ab107f4cc052ca8a305e3341663c0a572f
56fb1541ae5e1509d54e08c558b665ca4941b5126c8c241e37e5f8054e7957e5
5eb0667909816d496e95ae3b705be805cce7c7e4ea88c2d06a21338035504f1d
61025b9ad21fe3cb1ec0396c6cd23d6a7c95bbb6dfca8955295cfc839409d8fc
631cc5017eaee45dd0c06b2d95dd4d6c43e00e8537b7d5b681dd7d9c6bec3533
6c6b7ca0a212388c0ba28bce78c9185c291fd157ebf9349ab4fd587f1bbb146c
70aaaf84cb1e53c3a48aeb4bc3595824c6f1ef2d53fd1ee6d6582cddca572782
70fd73f8d4c4e93f16a5f50cf698c68345ba696d3e893509442ba600c4d3979f
78f68c15e9b5cb808489f9d1fbfcfcdd1c01ea09fa11ef11de47e08accb84944
84270fbeacbddea00511a87c22a4124939b255de4f6800af5f41c41312e708fa
84b10ada477716a5b6297507b7b68a036dfc9b7b5ce61d0ec7f5cdd281301cc2
904ed4d5486080d524e00707ddd830b6fd6e185ba229b4e9386ad636f90febbe
951e4c7048415235b3b2fc5238cb0776b3e3ceb1331b30c50e5fa49cef8e0684
a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591
b6b5ea8487251a1ccfa2c468de60676ee2c25f86092b40846abf33caf0dc8291
ba064fbab390c1ed63114b448b0f7e425dc7a7fd7e6b35d2b5dfb9ce3f009494
cfb1496e4667a92434726b94ad143217e6becf9720f32c90de27aecb84a07616
eae3aaea3d825810cc04b9acbf6899c122fcb0b9f764c2c711288d4c8b91189b
f0485925805270382ee742cd30c42ddc0209ab7d10b4e5310a242b5c2f17c5f3