mhwqhg.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mhwqhg.com/
Submission: On June 28 via api (June 28th 2024, 3:32:49 am UTC) from US — Scanned from NL

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 11 domains to perform 31 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is mhwqhg.com.
TLS certificate: Issued by WE1 on June 27th 2024. Valid for: 3 months.

This is the only time mhwqhg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.157.31 172.67.157.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	52.95.179.62 52.95.179.62	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	43.152.26.80 43.152.26.80	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
10	2.18.64.26 2.18.64.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.96.80.159 34.96.80.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.67.202.152 172.67.202.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	43.132.32.56 43.132.32.56	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	240e:cf:8800:... 240e:cf:8800:53:3::3db	134238 (CT-JIANGX...) (CT-JIANGXI-IDC CHINANET Jiangx province IDC network)
1	2409:8c20:5c6... 2409:8c20:5c64:2000::5	56046 (CMNET-JIA...) (CMNET-JIANGSU-AP China Mobile communications corporation)
31	12

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

mhwqhg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.157.31 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vofzhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.179.62 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

appdv76.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.26.80 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.80.159 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.80.96.34.bc.googleusercontent.com

cdn.adjust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.202.152 (United States)

ASN13335 (CLOUDFLARENET, US)

game99.feiwindevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.132.32.56 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

api.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:cf:8800:53:3::3db (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)

s4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2409:8c20:5c64:2000::5 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)

z3.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	245 KB
8	vofzhq.com www.vofzhq.com	2 MB
3	cnzz.com s4.cnzz.com — Cisco Umbrella Rank: 105463 z3.cnzz.com — Cisco Umbrella Rank: 177571 c.cnzz.com — Cisco Umbrella Rank: 74989	11 KB
2	feiwindevelopment.com game99.feiwindevelopment.com	588 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	115 KB
1	mythad.com api.mythad.com — Cisco Umbrella Rank: 32965	730 B
1	adjust.com cdn.adjust.com — Cisco Umbrella Rank: 88313	28 KB
1	kwai.net s1.kwai.net — Cisco Umbrella Rank: 21860	27 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	59 KB
1	amazonaws.com appdv76.s3.ap-southeast-3.amazonaws.com	564 B
1	mhwqhg.com mhwqhg.com	6 KB
31	11

	Domain	Requested by
10	analytics.tiktok.com	mhwqhg.com analytics.tiktok.com
8	www.vofzhq.com	mhwqhg.com
2	game99.feiwindevelopment.com	analytics.tiktok.com
2	www.googletagmanager.com	mhwqhg.com
1	c.cnzz.com	s4.cnzz.com
1	z3.cnzz.com	s4.cnzz.com
1	s4.cnzz.com	mhwqhg.com
1	api.mythad.com	analytics.tiktok.com
1	cdn.adjust.com	mhwqhg.com
1	s1.kwai.net	mhwqhg.com
1	connect.facebook.net	mhwqhg.com
1	appdv76.s3.ap-southeast-3.amazonaws.com	mhwqhg.com
1	mhwqhg.com
31	13

This site contains links to these domains. Also see Links.

Domain
juhbjt.ocbnyutpfwjs.in

Subject Issuer	Validity	Valid
mhwqhg.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
vofzhq.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2023-12-12` - `2024-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
cdn.adjust.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
feiwindevelopment.com GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2024-03-12` - `2025-04-13`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mhwqhg.com/
Frame ID: 812048533A1D72F67DCE552B2E54992B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

7276 Slots

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

33 %
IPv6

11
Domains

13
Subdomains

12
IPs

6
Countries

2354 kB
Transfer

3578 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://juhbjt.ocbnyutpfwjs.in/index?key=51368bf79888ce797f2c9f95214cafd3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mhwqhg.com/ 21 KB
6 KB 843ms
711ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mhwqhg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

600077670178fd9d95eac6e6fa465f3927325caf9bb0994b845b1a9c9ca6f63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa9c518f81bb8c-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Jun 2024 03:32:37 GMT
last-modified: Mon, 24 Jun 2024 13:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Om2Fkv5OCfPlb5tWR%2FudlhwWoh8WTu7MrbOFweAdFCg17%2ByTkGIIn0H1guBDgROSYoVYgjjz%2FSVybV2G0OKoYX7fCsQrDMQBoCyLt7%2Fk8OljsSja4bXTaPMrlULS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 200 index.css
www.vofzhq.com/resource/save2/assets/css/ 3 KB
1 KB 859ms
765ms Stylesheet
text/css 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save2/assets/css/index.css
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11527cd4feb15a6c2b7405dbdda39691215020994b91c5b709cf3a0d38bb790

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe52-ab2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a77n9RNG4vsgFpyw7bwAe6N%2Bdy1b2u8u7ruVLWFCss4yDX7kQw5KitkuSB%2B1pnOiwobm3E5Cvf1Ash6kKL8A5JdJ5FYF3A3k8QlCNDJioXgUvIwUlU%2BahFcESCqUr%2FIMKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 89aa9c56cd919950-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 15:32:38 GMT

GET
H3 200 clipboard.min.js Show response
www.vofzhq.com/resource/save2/assets/js/ 18 KB
5 KB 858ms
764ms Script
application/javascript 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save2/assets/js/clipboard.min.js
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 23 Jun 2024 10:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe55-4950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clzt%2FFvTnz6jiQlr28J2iucCZ4xizdkRI7ppwCqy5Wx8vrJGwtPHYOfYdynOA5azHLQCV6nAeLBI8YylXbQillDqGg%2BxYmaWwdshyAQTZs3cFfN89OVOM67%2BSbxn9OKc%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 89aa9c56cd979950-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 15:32:38 GMT

GET
H3 200 jquery-2.2.4.min.js Show response
www.vofzhq.com/resource/save2/assets/js/ 162 KB
46 KB 1574ms
1480ms Script
application/javascript 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save2/assets/js/jquery-2.2.4.min.js
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e177d8209998de87c94002fcc0f8f3f2d68515b0f83b9b17b7417686b5f284

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe55-289b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wo9J7ENpW4YsHWxpIExIbXf%2FUjA6sVQbHhBA9XIZvuYREjoOiFab1GoohhVDqAdrxO0uUpD6XF%2FC93Ser5ZXZZvCRBjfjPmTZYsoymbRfHSY0ykLtslBAi8Gee8AkOjknw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 89aa9c56cd989950-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 15:32:38 GMT

GET
H3 200 rem.js Show response
www.vofzhq.com/resource/save2/assets/js/ 824 B
825 B 857ms
764ms Script
application/javascript 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save2/assets/js/rem.js
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832608f04479852728b8f309472f2262ffc7fe9e858033dfebb7e6e0031f933c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe56-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1STH4GcTpeIPfVnf%2Fs1GzelsJR64wPDG8tXGh22teufolbeBT%2BbmPt91BbAh%2BxNWufMfqovu9ZuU8KrRDVcLWCB%2Fmj6yFnS1Hv5QP2vK5GFEBknlICk12yQfpjGPdG1NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 89aa9c56cd949950-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 15:32:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 433ms
67ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: mhwqhg.com
URL: https://mhwqhg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

520a34ab1d423313087c7558b1bc949b98990932a2ead07fe3ea9357633970b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49533
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 03:32:39 GMT

GET
H3 200 body.gif
www.vofzhq.com/resource/save2/assets/img/ 1 MB
1 MB 1191ms
1098ms Image
image/gif 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save2/assets/img/body.gif
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1003c5058b2c6d47ba5244d087ecd7ff0d9618246ed762d3e655554072279998

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe52-14efdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yftkOTl0X8Fz7VdMkxqHyn00J5C04wdh3JlgNcFxl3ET3YFcfBianGgnxBbHPeQz1jhT5zuArgJDyuzf4NUaj30jzyy7m81U4FmKzfcgqg261qQFwFl%2BZwco6wAObWAHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 89aa9c56cd959950-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jul 2024 03:32:38 GMT

GET
H3 200 footer.gif
www.vofzhq.com/resource/save2/assets/img/ 61 KB
60 KB 160ms
68ms Image
image/gif 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save2/assets/img/footer.gif
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f023615cde27fd440e4be85c41b61abf7f23945865fb8f983ea8f9b24220dfff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 10:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1264
etag: W/"6677fe54-f2d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmNZI%2BmFo1DQN4IUb%2FHgfjHXV3BgpVny7kRe%2FXdnZgLh%2Bn8uxllk4E%2BTZNa8l1%2BSBiktkuFkZVCtHW6gJj%2FIgkJnC530orKS1LE2%2BbBuEh0FC%2F5GK5sL0BhXJ8Fl9D59sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 89aa9c56cd969950-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jul 2024 03:11:33 GMT

GET
H3 200 kf.png
www.vofzhq.com/resource/save2/assets/img/ 47 KB
48 KB 1095ms
1074ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save2/assets/img/kf.png
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735fa5c2749fd619950da70a8727a1108486739eda12bd01bf8d2e4335068563

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe54-bdc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCyAWqP7nr0y%2Bk5YzjPUWKKOBQ%2FpOEdGkhOdG1%2BWnfiKL1cqzSDP5S1kHrkOREpCWOYJm30xm7RPF%2BaMa9QTaybKj9I5lTQ2as3CYrQFczQQAeKw05yDKAPwqc4bKerBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 89aa9c57ae099950-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jul 2024 03:32:38 GMT

GET
H/1.1 200
OK 7276.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ 157 B
564 B 1152ms
428ms Script
application/javascript 52.95.179.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.95.179.62 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c54f4fe66cbfe58cbf819a2d91432776dc9c6effa52f909321c0caf09ddd4e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 03:32:40 GMT
Last-Modified: Thu, 27 Jun 2024 17:57:03 GMT
Server: AmazonS3
x-amz-request-id: PM3Q017EMFXAD14R
ETag: "1543b39f6a430312fc48352fc12aca1b"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 157
x-amz-id-2: QE/Wz8SMKXgZTsNQFzeIST8tyi8MvxlHAH8JJz/G1S4nFFDvFOSFDVlQjmMTeeHQiDGiT5StKg8=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
66 KB 527ms
162ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNS8L2MD

Requested by

Host: mhwqhg.com
URL: https://mhwqhg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a4ea30628c31b04826880a65277b43c40650ddaada8cb2bf3ac958f91630a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67492
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 03:32:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
59 KB 320ms
52ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mhwqhg.com
URL: https://mhwqhg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jun 2024 03:32:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=12, mss=1297, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: RQsp6H/mDRXAQbx861Z7J0VUtvoGtvQ9/BYE8qUYrEinjPS94wHtbbA3aHfF9IQny5HPiX4dyGCJoSTCeHqXww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events-nr.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/custom/ 85 KB
27 KB 1146ms
287ms Script
application/javascript 43.152.26.80
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/custom/events-nr.js?sdkid=null&lib=kwaiq
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.80 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 95.211.199.148
Date: Thu, 25 Jan 2024 07:05:13 GMT
Content-Encoding: gzip
x-oss-request-id: 65B208294A66E63432B815D3
X-Cache-Lookup: Cache Hit
Content-MD5: x86LJmssF7vaKM9QVjRYhA==
kwaisign: NULL
Connection: keep-alive
Content-Length: 26745
X-Ks-Request-ID: 15661370380094048330
X-Ks-Cache: Hit from 43.152.26.80
x-oss-object-type: Normal
Last-Modified: Mon, 03 Jul 2023 07:01:20 GMT
Server: Lego Server
Etag: "C7CE8B266B2C17BBDA28CF5056345884"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 15661370380094048330
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11580523396097584336
x-oss-server-time: 120
Expires: Sat, 24 Feb 2024 07:05:13 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 585ms
173ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a37c528e33fa0ef684be21f0fbd2c591207c34c88905542438bfc6ba9ecd211a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2c00548a
date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406280332396346DE82026F5A8E000C-45B9A9445A498376-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=92
content-length: 1446
pragma: no-cache
server: nginx
x-tt-logid: 202406280332396346DE82026F5A8E000C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 92,2.20.179.90
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adf920e2c8f7459ca1dbbc403e1430bc4be604eb519ba9ce9b3141d88a5aed5fcdab4f6d445b09ef71018902a216ec263f89870cae9d8eebb9cd26f0c869dc1c89319ac09efb13d7b44f6718e7d84699fd6
expires: Fri, 28 Jun 2024 03:32:39 GMT

GET
H2 200 adjust-latest.min.js Show response
cdn.adjust.com/ 90 KB
28 KB 430ms
67ms Script
text/javascript 34.96.80.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adjust.com/adjust-latest.min.js
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.80.159 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 159.80.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:15:53 GMT
content-encoding: br
age: 224206
x-guploader-uploadid: ACJd0NqcxEa2pUvMNOpP8urzNlJsrrlvy19j8xUJoU7MMf8h20Vl5DJbvKHYCAA5E8h36wB6VlQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27900
last-modified: Mon, 30 Jan 2023 09:55:38 GMT
server: UploadServer
etag: W/"430ec09f84c88581abefb862c5f73e1e"
vary: Accept-Encoding
x-goog-generation: 1675072537889224
x-goog-hash: crc32c=SgsYWg==, md5=Qw7An4TIhYGr77hixfc+Hg==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=259200
x-goog-stored-content-length: 91744
accept-ranges: none
content-type: text/javascript

GET
H2 200 main.MTZkNWZlYWU4MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
97 KB 63ms
63ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2c00556c
date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024062715344988BB13647B4F8D6326AA
x-tt-trace-id: 00-24062715344988BB13647B4F8D6326AA-5CE300D76E621DC3-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012e34d847fbaf6459e4c49675a12f29db53281241599ffa33f694b3dcb30f8fc78fff58a7d33fa5da6c7e8c2f881882bc11d8054b30157874b83f271048ead6482f573d24877c5065ddea544b4d09ddfd27e6601a9c594d7b67ddbcae81a73c02
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 98812

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 152ms
151ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CO4DTPRC77UF68P83BQG&lib=ttq
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19f37baced1c52772215a24cc2d95f0c63cb4c747600dbe5b317606e8f076472

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 46830efa.2c0055c0
date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240628033239F4B2D72BE4E70F8DA70C-733A3AE43373B3C4-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 93,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=3
content-length: 1896
pragma: no-cache
server: nginx
x-tt-logid: 20240628033239F4B2D72BE4E70F8DA70C
x-cache-remote: TCP_MISS from a23-218-222-78.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.218.222.78
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adfaea598fb49539efd1b81289d57c5b97102929b52cfed8ac0e324e5c09797cf89ddb9be6926a466bdfe277b8f7326726cd0227bdf3931d71dab1e7f7883f63478c0d8454074443ce8135b0e9495a48af97efbfb7ff9fdbf60b9233491da953ca3
expires: Fri, 28 Jun 2024 03:32:39 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 154ms
153ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNIPJBBC77U8IUSPI43G&lib=ttq
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 87cbd24fc8a9c448cb5e61a84830d7b85b01c72fb1ad28ba325047e0a1d7858f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2c0055c4
date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240628033239125E077DEB5695967D18-167993721A63F20A-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=97
content-length: 1914
pragma: no-cache
server: nginx
x-tt-logid: 20240628033239125E077DEB5695967D18
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,2.20.179.90
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adf920e2c8f7459ca1dbbc403e1430bc4beba6a74b68e27ee20b82e8ceab175aa4ffb6ab9455b45622d9791bcb4ca822dd4d5c7e43cdb67bd330cd8c720a19ea7afbb9136067ca03ebaf4014da67d8451b6
expires: Fri, 28 Jun 2024 03:32:39 GMT

GET
H2 200 main.MTZkNWZlYWU4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
99 KB 66ms
64ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CO4DTPRC77UF68P83BQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2c00567c
date: Fri, 28 Jun 2024 03:32:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240627153450A14468413FC8D65A163D
x-tt-trace-id: 00-240627153450A14468413FC8D65A163D-6A9119416D51FA8D-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a308c1f6558adffff59f27159af3f535e7cac9486f3d2090e60b0dfa73036da01e543e5e3319025c06f99400d6ff1945ee68aca7b64c63f850bb5f340f40fd47428ea43cd6dfcccc183cce0b3b7b67f534685d4b3b6746077e6e99a64dabf222
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 100288

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 334ms
0ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2c005853
date: Fri, 28 Jun 2024 03:32:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400007B05E65B9CAD80486EDE
x-tt-trace-id: 00-2405211400007B05E65B9CAD80486EDE-400B715293803C3A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017874a0935aef664d38b9a2c29dcae40eace53b0c18a95cd6e37f0e5a78c95d464bff2c84cd6cf36ca5b1dbb61279987bfbbfc383295ed68a6d7fe8c387f300402c8156a89d9a6220adf260fbbfb9d4fdd65a4c8c0c529b5204175296c6f72401
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39577

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 230ms
116ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5c2da7b6.2c0058d6
date: Fri, 28 Jun 2024 03:32:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240628033240DFBB8D81F28FF482026D-44EC05BC50E15FB7-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 113,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=26, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240628033240DFBB8D81F28FF482026D
x-cache-remote: TCP_MISS from a23-218-222-69.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.218.222.69
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adfaea598fb49539efd1b81289d57c5b9718b671f4a4fe0fc32c2ae7be9ca381dc476195e5476e5fbf3b6e9268e70be2c9bdc3eb08cc1e5d71df3544f93b498e2bf62ec9c64ebb224408f6f69bb525569bddf790d72f77cfb50ed2dbd7b93054b21
access-control-allow-headers: Authorization,*
expires: Fri, 28 Jun 2024 03:32:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 231ms
117ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1011a08d.2c0058d9
date: Fri, 28 Jun 2024 03:32:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240628033240D799BD08352F8B93685E-3A9BAD8A414975CA-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 117,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=29, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240628033240D799BD08352F8B93685E
x-cache-remote: TCP_MISS from a23-201-31-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.201.31.197
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adfaea598fb49539efd1b81289d57c5b9715a77d06b30c776802c59467fe5b99bc13851b44de448fd96c84756a79c0e268ce2681688e849ccec4958cc1835d53ef214cdf23e20a5707bb8b9a768451c6013fbb24b6c83157b696e51be9a06e2b4f9
access-control-allow-headers: Authorization,*
expires: Fri, 28 Jun 2024 03:32:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 297ms
184ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2c0058da
date: Fri, 28 Jun 2024 03:32:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240628033240430C536168DDBB8F7BE0-2344D0EC7EA6BD5B-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=96, cdn-cache; desc=MISS, edge; dur=4, origin; dur=186
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240628033240430C536168DDBB8F7BE0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 186,2.20.179.90
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adf920e2c8f7459ca1dbbc403e1430bc4be409502f1ca325da5e553f713d93ecf43c755032f0afba5706cc80685822584d84a47a4843c365370a146aa68a1720d8bb93f3a507963aa7a4cc510b15ea891b9
access-control-allow-headers: Authorization,*
expires: Fri, 28 Jun 2024 03:32:40 GMT

POST
H3 200 tiktok Show response
game99.feiwindevelopment.com/game99-platform-app/s2s/ 109 B
588 B 291ms
291ms Fetch
application/json 172.67.202.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game99.feiwindevelopment.com/game99-platform-app/s2s/tiktok
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee660b9ef1bf8766fb46c9ce9a110e8fe21ee648957fa443861b3044b9a578f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Jun 2024 03:32:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALPFC8gBnw2hliJ1w6ILqn2SfjQy6tvR0n0L4sTPQfJo8seX5IRO2EZelpH5U5Sm%2BubOYh3Ns%2FelBTFRPv%2B%2F%2Fdq%2B6hDQXC9n38hkIAnK9o%2BPVxVlqSmG8I5u7sm3Nc1dyuURxobEWboNZJX653sq"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cf-ray: 89aa9c6d69092c36-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 tiktok
game99.feiwindevelopment.com/game99-platform-app/s2s/ 0
0 759ms
663ms Preflight 172.67.202.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game99.feiwindevelopment.com/game99-platform-app/s2s/tiktok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mhwqhg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa9c695e672c36-FRA
content-length: 0
date: Fri, 28 Jun 2024 03:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lB8fusW3Ta6975%2Bfx%2BCvrByPxPX9dQS3yVa26lh3P4pMHoxeNM7RwlbdiS3iDV0Ggm%2BIsHdl6NirkEvUc%2FXxZaPvVQuAfGa8W795q7IcW45weYNIuOzI%2F2Lfk%2FXJ7e4n9J9fVWoWGqrbwKBrZPBc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200 getPixelConfig Show response
api.mythad.com/rest/n/adintl/ad/ 138 B
730 B 718ms
223ms XHR
application/json 43.132.32.56
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=null
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.56 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: 38d8acb46e0242c0ac81a71d61aa71c4cb49b1cf1b4f5195b3bc411e417a3fdc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 03:32:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://mhwqhg.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Alt-Svc: quic=":443";ma=2592000;v="43"

GET
H2 200 z.js Show response
s4.cnzz.com/ 10 KB
10 KB 2461ms
862ms Script
application/javascript 240e:cf:8800:53:3::3db
CT-JIANGXI-IDC CH...

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.cnzz.com/z.js?id=1281337420&async=1
Requested by: Host: mhwqhg.com
URL: https://mhwqhg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:cf:8800:53:3::3db , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ac38fa2145cdda6a78e7706a8d819d86067a82bddb13d02e736ab36ce8f045b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:28 GMT
via: cache43.l2cn1802[0,0,304-0,H], cache20.l2cn1802[1,0], cache3.cn3693[14,13,200-0,H], cache9.cn3693[15,0]
server: Tengine
age: 14
x-swift-cachetime: 286
etag: W/"8396211108116174756"
ali-swift-global-savetime: 1719545548
content-type: application/javascript
x-cache: HIT TCP_REFRESH_HIT dirn:-2:-2
cache-control: public, max-age=300
x-swift-savetime: Fri, 28 Jun 2024 03:32:42 GMT
timing-allow-origin: *
content-length: 10195
eagleid: 6ae1f19d17195455626644562e

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
837 B 181ms
159ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 22ed8db.2c005a0e
date: Fri, 28 Jun 2024 03:32:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406280332403C69182766D55B8E1BDC-2859C29663BC71A5-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 127,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=40, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406280332403C69182766D55B8E1BDC
x-cache-remote: TCP_MISS from a23-218-222-76.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 40,23.218.222.76
x-tt-trace-host: 01da4993ee11ca1cf6d33e21b8cb512adfaea598fb49539efd1b81289d57c5b971b4ce2590241ea292fa6f04a5d2a2b15307c6ea0c93b9e327524b1cc5421b9ea8a05813e190de720ceec71de2c2e6141bb59cb44ede62670349bf1de1f1033e6742f77e0fda02590fa2c9bf9961be302f
access-control-allow-headers: Authorization,*
expires: Fri, 28 Jun 2024 03:32:40 GMT

POST
H2 200 stat.htm
z3.cnzz.com/ 2 B
123 B 1540ms
260ms Ping
text/html 2409:8c20:5c64:2000::5
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://z3.cnzz.com/stat.htm?id=1281337420&r=&lg=nl-nl&ntime=none&cnzz_eid=902008349-1719545563-&showp=1600x1200&p=https%3A%2F%2Fmhwqhg.com%2F&t=7276%20Slots&umuuid=1905ce70828e3-0b0c25500fe974-26001f51-1d4c00-1905ce708295e3&h=1
Requested by: Host: s4.cnzz.com
URL: https://s4.cnzz.com/z.js?id=1281337420&async=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 2409:8c20:5c64:2000::5 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:44 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.js Show response
c.cnzz.com/ 906 B
883 B 1304ms
1295ms Script
application/javascript 240e:cf:8800:53:3::3db
CT-JIANGXI-IDC CH...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/c.js?web_id=1281337420&t=z
Requested by: Host: s4.cnzz.com
URL: https://s4.cnzz.com/z.js?id=1281337420&async=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:cf:8800:53:3::3db , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:29:38 GMT
via: cache10.l2cn1802[0,0,304-0,H], cache3.l2cn1802[0,0], cache3.cn3693[0,0,200-0,H], cache9.cn3693[1,0]
content-encoding: gzip
age: 186
x-swift-cachetime: 317
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 28 Jun 2024 03:29:42 GMT
content-length: 591
server: Tengine
etag: W/"17650835605665385536"
vary: accept-encoding
ali-swift-global-savetime: 1719545378
content-type: application/javascript
cache-control: public, max-age=321
timing-allow-origin: *
eagleid: 6ae1f19d17195455643344352e

GET
H3 200 favicon.ico
www.vofzhq.com/resource/save2/assets/img/ 364 KB
364 KB 2071ms
2070ms Other
image/x-icon 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save2/assets/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eafea0e6977d05bf745afdd4f3b36c665a32caa7fbd6fd2e1a444ee4a0238ded

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mhwqhg.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:32:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 10:52:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6677fe53-5ae6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQ4e7gaqjxi7NFwZZHZB3OXC8vEnxJQ0fNZaUc3MOW6nkFGu%2FCMsaGoI1F1kRXe%2FOtL9R2I%2FCLgZUaDh8I8YOZdT1%2BKXGk0D9wD%2FWBXpg%2FH%2Bl17%2FtNrYaqd2pqQ9Ar7FVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 89aa9c825b299950-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 07:00:41	Name: _ttp Value: 2iUWIzVvesPec91HfM6aMCSmIJt
.mhwqhg.com/	1970-01-21 07:00:41	Name: _tt_enable_cookie Value: 1
.mhwqhg.com/	1970-01-21 07:00:41	Name: _ttp Value: Kl5Dolh7ZusMDyEMn1Sea5WoWgb
.mythad.com/	1970-01-21 07:15:05	Name: kwai_ckid Value: 1719545561057_7331123775407090
.mhwqhg.com/	1970-01-21 02:01:10	Name: UM_distinctid Value: 1905ce70828e3-0b0c25500fe974-26001f51-1d4c00-1905ce708295e3
mhwqhg.com/	1970-01-21 02:01:10	Name: CNZZDATA1281337420 Value: 902008349-1719545563-%7C1719545563

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.mythad.com
appdv76.s3.ap-southeast-3.amazonaws.com
c.cnzz.com
cdn.adjust.com
connect.facebook.net
game99.feiwindevelopment.com
mhwqhg.com
s1.kwai.net
s4.cnzz.com
www.googletagmanager.com
www.vofzhq.com
z3.cnzz.com
172.67.157.31
172.67.202.152
188.114.96.3
2.18.64.26
2409:8c20:5c64:2000::5
240e:cf:8800:53:3::3db
2a00:1450:4001:828::2008
2a03:2880:f084:d:face:b00c:0:3
34.96.80.159
43.132.32.56
43.152.26.80
52.95.179.62
0c54f4fe66cbfe58cbf819a2d91432776dc9c6effa52f909321c0caf09ddd4e3
1003c5058b2c6d47ba5244d087ecd7ff0d9618246ed762d3e655554072279998
19f37baced1c52772215a24cc2d95f0c63cb4c747600dbe5b317606e8f076472
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df
38d8acb46e0242c0ac81a71d61aa71c4cb49b1cf1b4f5195b3bc411e417a3fdc
3a4ea30628c31b04826880a65277b43c40650ddaada8cb2bf3ac958f91630a0b
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122
4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e
520a34ab1d423313087c7558b1bc949b98990932a2ead07fe3ea9357633970b0
600077670178fd9d95eac6e6fa465f3927325caf9bb0994b845b1a9c9ca6f63a
6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92
735fa5c2749fd619950da70a8727a1108486739eda12bd01bf8d2e4335068563
832608f04479852728b8f309472f2262ffc7fe9e858033dfebb7e6e0031f933c
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
87cbd24fc8a9c448cb5e61a84830d7b85b01c72fb1ad28ba325047e0a1d7858f
9ee660b9ef1bf8766fb46c9ce9a110e8fe21ee648957fa443861b3044b9a578f
a37c528e33fa0ef684be21f0fbd2c591207c34c88905542438bfc6ba9ecd211a
ac38fa2145cdda6a78e7706a8d819d86067a82bddb13d02e736ab36ce8f045b6
c11527cd4feb15a6c2b7405dbdda39691215020994b91c5b709cf3a0d38bb790
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafea0e6977d05bf745afdd4f3b36c665a32caa7fbd6fd2e1a444ee4a0238ded
f023615cde27fd440e4be85c41b61abf7f23945865fb8f983ea8f9b24220dfff
f8e177d8209998de87c94002fcc0f8f3f2d68515b0f83b9b17b7417686b5f284

mhwqhg.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

33 %IPv6

11 Domains

13 Subdomains

12 IPs

6 Countries

2354 kBTransfer

3578 kBSize

6 Cookies

1 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mhwqhg.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

33 %
IPv6

11
Domains

13
Subdomains

12
IPs

6
Countries

2354 kB
Transfer

3578 kB
Size

6
Cookies

31 HTTP transactions
0 data transactions