iof4e.top Open in urlscan Pro
2606:4700:3031::ac43:b3c8  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response iof4e.top/	57 KB 14 KB	677ms 552ms	Document text/html	2606:4700:3031::ac43:b3c8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iof4e.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b3c8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80e5cdbaa87ac841324633088a8e81d3e3f0fe36be1e982db43218c243c4ee98 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8589c3896a5a558a-EWR content-encoding br content-type text/html; charset=UTF-8 date Tue, 20 Feb 2024 21:15:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak%2FeaD%2BJoqJ27jpTG5As3%2B8ctQ4wsW3kWPDaXmQiB%2Bn7KdOvm2dNzDg%2BDrxczWJwZ76LJa0Jal5rqoa%2BBOAyu7PXMF3LC4RsKsfeKDFvfFhbnEGz5QN%2B9oGb4jrXITggvPgNUyz8Ef4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	script.js Show response tongji.0i36o.xyz/js/	1 KB 1 KB	199ms 70ms	Script application/javascript	2606:4700:3034::ac43:bad3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tongji.0i36o.xyz/js/script.js Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bad3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 21406 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 20 Feb 2024 15:18:29 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oxgb%2FvGi%2BGcGePlVf1Uuk2PYZhc9kGOratAi%2BV8Wlf2N30DgbfpU5Z8U2xA01Z5%2F1RNaMFKZopdvRCk83xaYFb65qDZtODshppPFDCsjYvkmLTKsvXC2TUk%2BHe3CD5RRF8Mbzf0WWzXJK1CmtJb2"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=43200 cf-ray 8589c38ddbb24400-EWR expires Wed, 21 Feb 2024 03:18:28 GMT
GET H2	200	FRJe78R.jpg i.imgur.com/	25 KB 26 KB	117ms 23ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/FRJe78R.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 5923d81b72c76c74aeaaef2314b36fa3e1fade8de0eb5f9ae16995f2cbe25d1b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 542002 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 25739 x-served-by cache-iad-kjyo7100071-IAD last-modified Wed, 14 Feb 2024 03:50:42 GMT server cat factory 1.0 x-timer S1708463715.454988,VS0,VE1 etag "7f1f4cdb4fa346d4a2bbc9c3de2da6a4" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id 8ZaaCWkWHa3EpS9lKo6ghacdjQKwCuDRATqoHuBVtwMHz-V98rI91Q== x-cache-hits 1
GET H2	200	JQB76Wx.jpg i.imgur.com/	4 KB 4 KB	30ms 27ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/JQB76Wx.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash bad154a79143d76516f3bdaad51cdff44a8798b49b7ca60e3e84b0bde4ddb0a9 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop DFW57-P2 age 1932571 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 4310 x-served-by cache-iad-kjyo7100071-IAD last-modified Wed, 17 Jan 2024 01:53:54 GMT server cat factory 1.0 x-timer S1708463716.591424,VS0,VE1 etag "3c79e6e830b20739f584cdcdd6d4d46c" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id Ugsj-NjKvT4i9qnPY-hoIDJ2Ry7lwuLaDCug95qL52S0AcBaqm07YQ== x-cache-hits 1
GET H2	200	Y8xSg8G.jpg i.imgur.com/	4 KB 4 KB	36ms 34ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Y8xSg8G.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c5bb76c4c1672c8cc57df9693c2a44b4b9c8a28bdd97069230b88a936889baaa Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 543291 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 4048 x-served-by cache-iad-kjyo7100071-IAD last-modified Wed, 17 Jan 2024 08:23:22 GMT server cat factory 1.0 x-timer S1708463716.590962,VS0,VE1 etag "1b1451a8700232aeb27996df777f61d0" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id CTde89ZJDqfSVf0r8M33R-sFs1hPdIyPovCiUyMN8-OAgSAkGOEMbw== x-cache-hits 1
GET H2	200	mR03zoe.jpg i.imgur.com/	4 KB 4 KB	34ms 32ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/mR03zoe.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 831dc424503c5f3dc1494b7b8faafb2071fae561401f6f131bc302e77a73e9c4 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 1686435 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 3649 x-served-by cache-iad-kjyo7100071-IAD last-modified Wed, 17 Jan 2024 06:01:48 GMT server cat factory 1.0 x-timer S1708463716.590984,VS0,VE1 etag "69b724f7962f4f316bc9dc83696cf1ad" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id EDLmMiy4VsO0uU71dcUdGSOWltrnWnNfHagrvuCV7EcHOcQT9OdaSQ== x-cache-hits 1
GET H2	200	w4D5WI3.jpg i.imgur.com/	2 KB 3 KB	45ms 43ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/w4D5WI3.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 15d3cc87c907b8a3bcc99673650c2a9ca52fa7c7a6f3a3aeeb2fde63cea97bdd Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 1865400 x-cache Miss from cloudfront, HIT content-length 2465 x-served-by cache-iad-kjyo7100071-IAD last-modified Tue, 22 Nov 2022 08:07:37 GMT server cat factory 1.0 x-timer S1708463716.600927,VS0,VE5 etag "95c95caba7db1e68dbbc2ea04f6fd6f7" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id TEkFLY_WDKN00v8clBCXGEf8ELDN8jWNnAJk5muH2qXsHuqFXl_XaQ== x-cache-hits 1
GET H2	200	kBIS6YZ.jpg i.imgur.com/	4 KB 4 KB	39ms 37ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/kBIS6YZ.jpg Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 8649ea12e02f21e063ca88c5ed5537660ce856219618ef61ff803ef722e93eab Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 471046 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 3992 x-served-by cache-iad-kjyo7100071-IAD last-modified Wed, 17 Jan 2024 06:00:38 GMT server cat factory 1.0 x-timer S1708463716.600909,VS0,VE1 etag "ee40aa807c0b70bdb7eac5403c6d9b06" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id 7XvECVMpkzX05UEzbKsyEyr-4y_9dhv1oBwS3wZlt7zahyM27Y6ZZA== x-cache-hits 1
GET H2	200	jquery.min.js Show response iof4e.top/js/	94 KB 34 KB	37ms 36ms	Script application/javascript	2606:4700:3031::ac43:b3c8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iof4e.top/js/jquery.min.js Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b3c8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:15 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Mar 2023 09:13:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 16981 etag W/"640068c9-1762e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2ihOqHjSsUtQ425%2BdZXJjQRCQ90v97FgMopic%2Bu9NloLK8DinHbvSXmgE9%2BoiZ7DVnhNNze2Xz0HV74VGizJ8GbFmLRw7Ln%2Bwx0d%2BweSzSuWclu3f87thXVR3fKO04lpac5i2HIZsg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8589c38e7e23558a-EWR alt-svc h3=":443"; ma=86400 expires Wed, 21 Feb 2024 04:32:14 GMT
GET H2	200	jquery.min.js Show response 3ilxk.top/js/	94 KB 34 KB	993ms 804ms	Script application/javascript	2606:4700:3034::6815:4fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3ilxk.top/js/jquery.min.js?_=1708463715730 Requested by Host: iof4e.top URL: https://iof4e.top/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 02 Mar 2023 09:13:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"640068c9-1762e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhV1%2FnmlHfK2dLHeHb6Q3pmdzvyXl1J4%2F7YGqwtHcsYWKZsgNjPIAcZ57vOYS0oLVG5wsDkJoY%2FLxO6gsGSoC3TG5ynpzgT0S1teWQLlt%2BNxbD4BJCPGCVl5L4I1EcOEjWrohUCoyp0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8589c390ac2c4322-EWR alt-svc h3=":443"; ma=86400 expires Wed, 21 Feb 2024 09:15:16 GMT
GET H2	200	jquery.min.js Show response kz9fu.top/js/	94 KB 34 KB	414ms 269ms	Script application/javascript	2606:4700:3031::ac43:9e69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kz9fu.top/js/jquery.min.js?_=1708463715731 Requested by Host: iof4e.top URL: https://iof4e.top/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9e69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 02 Mar 2023 09:13:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"640068c9-1762e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6JMBKXSbn0o27%2Fo2JAA3pQKKrcCWR4K9CujYbo2sQUeJQ0PsZiYjcCOK59UQnTam269r%2Bl%2BQszkdwL8%2BtHa%2BwxPdGHoaCBvKoDN1S2MiiLVDoFmy9J4Rt6slTU99M5e1BVBCIKm9Co%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8589c3906e33c333-EWR alt-svc h3=":443"; ma=86400 expires Wed, 21 Feb 2024 09:15:16 GMT
GET H2	200	jquery.min.js Show response mshfx.top/js/	94 KB 34 KB	388ms 255ms	Script application/javascript	2606:4700:3032::6815:5690 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mshfx.top/js/jquery.min.js?_=1708463715732 Requested by Host: iof4e.top URL: https://iof4e.top/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5690 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 20 Feb 2024 21:15:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 02 Mar 2023 09:13:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"640068c9-1762e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUFPyAyu%2BnOXR9nsSvLUroJ0hcJfHvmfQFgaXdhQfAnJ%2BEGnzMl7Jns5Fas3bhyanTV9lvQBBJ%2Bq8nEQXUlE2rq1q6ljW99xTRHVsrt9nS%2BDlh7s1O18sZsw8NWHYxixJeF1VNz5kKM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8589c3905cf08c35-EWR alt-svc h3=":443"; ma=86400 expires Wed, 21 Feb 2024 09:15:16 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1229ms 515ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?f12f0bc4456507489b056d2d6ef1e442 Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash a080ea20a3352ea73f997213417f80ca47c06d4c787f4b38451cccebdba43e9e Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Tue, 20 Feb 2024 21:15:16 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 31f7fa08e7d89cf412a8320ab83cde5f P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11257
POST H3	202	event Show response tongji.0i36o.xyz/api/	2 B 518 B	623ms 523ms	XHR text/plain	2606:4700:3034::ac43:bad3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tongji.0i36o.xyz/api/event Requested by Host: tongji.0i36o.xyz URL: https://tongji.0i36o.xyz/js/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:bad3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://iof4e.top/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain Response headers date Tue, 20 Feb 2024 21:15:16 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoc5Rrp1i9fpwTNgcxHsFDjh1g6jP98ttJ91cRk5%2F%2B1LlznA68XVRlYcC7m9LeVnCfkEVsVYDdEgbAkogJEPVd2vZF2TP3P5fSLtC4%2BkQWYBlzb1T9GAik8zIpka4o2zxGoMkmtT0KxFmbKHmWxU"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true cf-ray 8589c3902b528cb9-EWR alt-svc h3=":443"; ma=86400 content-length 2 x-request-id F7WusrYrY4oaErQca0Bi
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	343ms 343ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1826974105&si=f12f0bc4456507489b056d2d6ef1e442&v=1.3.0&lv=1&sn=31802&r=0&ww=1600&u=https%3A%2F%2Fiof4e.top%2F%231708463716254&tt=2024%20Company%2015th%20anniversary%20Whatsapp%20Offers%2060GB%20Free%20Internet! Requested by Host: iof4e.top URL: https://iof4e.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://iof4e.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Pragma no-cache Date Tue, 20 Feb 2024 21:15:17 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| system string| p function| set_Cookie function| get_Cookie function| randomString8 function| prevent function| $ function| jQuery object| DOMString object| objServer function| checkshare function| randomString function| enviar function| tip_text function| messageToSend number| counter number| counter2 number| seconds function| hh1 function| jp object| _hmt function| plausible boolean| _bdhm_loaded_f12f0bc4456507489b056d2d6ef1e442 object| mini_tangram_log_yamlqa

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			iof4e.top/	1970-01-20 18:34:27	Name: loclang Value: en
			iof4e.top/	1970-01-20 18:34:27	Name: pics Value: %5B%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FJQB76Wx.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FY8xSg8G.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FmR03zoe.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2Fw4D5WI3.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FkBIS6YZ.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2Fz72daPI.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2F1AOpFzs.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FPYxUJIn.jpg%22%2C%22https%3A%5C%2F%5C%2Fi.imgur.com%5C%2FP2orUba.jpg%22%5D
			iof4e.top/	1970-01-20 18:34:27	Name: comments Value: %5B%22First%20I%20thought%20its%20fake%20but%20I%20received%20the%20free%2060GB%20within%205%20min.%20Thank%20you%20whatsapp%20company%2C%20for%20this%20gift.%22%2C%22I%20am%20disappointed%2C%20I%20got%2035GB%20only%21%22%2C%22Data%20Reward%20has%20the%20best%20service%20ever.%20Thank%20you%20for%20the%20free%2060GB%20you%20gave%20me%2C%20God%20bless%20you.%22%2C%22This%20is%20real%20guys%20just%20follow%20instructions.%20If%20you%20make%20a%20mistake%20you%27ll%20get%20only%2020GB.%20Thanks%20for%20the%20gift.%22%5D
			iof4e.top/	1970-01-20 18:34:27	Name: names Value: %5B%22Rejoys%20Khan%22%2C%22Monjurul%20Alam%22%2C%22Lewis%20Brave%22%2C%22Nuch%20Boyo%22%2C%22Ivansito%20Lopez%22%2C%22Joe%20Rivera%22%2C%22Rimon%20Ahmed%22%2C%22Candace%20Hughes%22%5D
			.iof4e.top/	1970-01-20 18:34:24	Name: jumpurl Value: mshfx.top
			.hm.baidu.com/	1970-01-21 04:10:23	Name: HMACCOUNT_BFESS Value: FCF34F2BF47F0EAE
			.iof4e.top/	1970-01-21 03:19:59	Name: Hm_lvt_f12f0bc4456507489b056d2d6ef1e442 Value: 1708463717
			.iof4e.top/	1969-12-31 23:59:59	Name: Hm_lpvt_f12f0bc4456507489b056d2d6ef1e442 Value: 1708463717

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://iof4e.top/#1708463716254 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://iof4e.top/#1708463716254 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ilxk.top
hm.baidu.com
i.imgur.com
iof4e.top
kz9fu.top
mshfx.top
tongji.0i36o.xyz
103.235.46.191
146.75.32.193
2606:4700:3031::ac43:9e69
2606:4700:3031::ac43:b3c8
2606:4700:3032::6815:5690
2606:4700:3034::6815:4fbc
2606:4700:3034::ac43:bad3
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
15d3cc87c907b8a3bcc99673650c2a9ca52fa7c7a6f3a3aeeb2fde63cea97bdd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
5923d81b72c76c74aeaaef2314b36fa3e1fade8de0eb5f9ae16995f2cbe25d1b
80e5cdbaa87ac841324633088a8e81d3e3f0fe36be1e982db43218c243c4ee98
831dc424503c5f3dc1494b7b8faafb2071fae561401f6f131bc302e77a73e9c4
8649ea12e02f21e063ca88c5ed5537660ce856219618ef61ff803ef722e93eab
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
a080ea20a3352ea73f997213417f80ca47c06d4c787f4b38451cccebdba43e9e
bad154a79143d76516f3bdaad51cdff44a8798b49b7ca60e3e84b0bde4ddb0a9
c5bb76c4c1672c8cc57df9693c2a44b4b9c8a28bdd97069230b88a936889baaa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda