e0gtd.top
2a06:98c1:3121::3  Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
https://2f13o.top/?y=st1666299169 4yr old
Effective URL:
https://e0gtd.top/ 4yr old
Submission: On October 20 via manual (October 20th 2022, 8:59:48 pm UTC) from VE — Scanned from DE
Summary HTTP 18 Redirects  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is e0gtd.top. 4yr old
TLS certificate: Issued by E1 on September 21st 2022. Valid for: 3mo.
This is the only time e0gtd.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 2606:4700:3030::ac43:882e 13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2a00:1450:400... 2a00:1450:4001:803::200a 15169 (GOOGLE) (GOOGLE)
3 2a06:98c1:312... 2a06:98c1:3121::3 13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2606:4700::68... 2606:4700::6812:acf 13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 2606:4700::68... 2606:4700::6811:180e 13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1 199.232.192.193 199.232.192.193 54113 (FASTLY) (FASTLY)
1 151.101.12.193 151.101.12.193 54113 (FASTLY) (FASTLY)
2 103.235.46.191 103.235.46.191 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
18 8
1    2606:4700:3030::ac43:882e (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET, US)
2f13o.top 4yr old
VirusTotal SecurityTrails crt.sh Domaintools
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
ajax.googleapis.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
3    2a06:98c1:3121::3 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET, US)
e0gtd.top 4yr old
VirusTotal SecurityTrails crt.sh Domaintools
2    2606:4700::6812:acf (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
3    2606:4700::6811:180e (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    199.232.192.193 (United States) 1 redirects
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN54113 (FASTLY, US)
imgur.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    151.101.12.193 (Frankfurt am Main, Germany)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN54113 (FASTLY, US)
i.imgur.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
2    103.235.46.191 (Hong Kong)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216 13yr old
89 KB
3 e0gtd.top
e0gtd.top 4yr old
48 KB
2 imgur.com 1 redirects
imgur.com — Cisco Umbrella Rank: 4260 13yr old
i.imgur.com — Cisco Umbrella Rank: 5881 13yr old
23 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720 10yr old
41 KB
2 baidu.com
hm.baidu.com Failed — Cisco Umbrella Rank: 8526 13yr old
12 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306 10yr old
63 KB
1 2f13o.top
2f13o.top 4yr old
2 KB
0 f6aec.top Failed
f6aec.top Failed 4yr old
0 ozdg4.top Failed
ozdg4.top Failed 4yr old
0 gibet.top Failed
gibet.top Failed 4yr old
18 10
Domain Requested by
3 cdnjs.cloudflare.com e0gtd.top
cdnjs.cloudflare.com
3 e0gtd.top ajax.googleapis.com
2f13o.top
e0gtd.top
2 maxcdn.bootstrapcdn.com e0gtd.top
2 hm.baidu.com 2f13o.top
e0gtd.top
2 ajax.googleapis.com 2f13o.top
e0gtd.top
1 i.imgur.com e0gtd.top
1 imgur.com 1 redirects
1 2f13o.top
0 f6aec.top Failed ajax.googleapis.com
0 ozdg4.top Failed ajax.googleapis.com
0 gibet.top Failed ajax.googleapis.com
18 11

This site contains no links.

Subject Issuer Validity Valid
*.2f13o.top
E1		 2022-09-21 -
2022-12-20		 3mo crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3mo crt.sh
*.e0gtd.top
E1		 2022-09-21 -
2022-12-20		 3mo crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 1yr crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 1yr crt.sh

This page contains 1 frames:

Primary Page: https://e0gtd.top/
Frame ID: ABCC6FD9DECF7B366773E6AD858C419D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Presidential Youth Empowerment Scheme

Page URL History Show full URLs

  1. https://2f13o.top/?y=st1666299169 Page URL
  2. https://e0gtd.top/ Page URL

Detected technologies

(UI frameworks)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
(Analytics)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
(Font scripts)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(JavaScript libraries)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
(Miscellaneous)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Page Statistics

18
Requests

72 %
HTTPS

63 %
IPv6

10
Domains

11
Subdomains

8
IPs

3
Countries

278 kB
Transfer

706 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2f13o.top/?y=st1666299169 Page URL
  2. https://e0gtd.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://imgur.com/SjHCv5u.jpg HTTP 301
  • https://i.imgur.com/SjHCv5u.jpg

18 HTTP transactions
2 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H2 		200
 / Show response
2f13o.top/ 		4 KB
2 KB 		556ms
363ms 		Document
text/html		 2606:4700:3030::ac43:882e
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:882e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eacbd976fa452048720d4a9b5cfd99f6141bcac731359d5cae1dbc439d5c6a52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d4adf06a636963-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 20:59:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL4EFZjyOm3WViyNoWLYTa%2BoHWCICO5r%2FuB8FBmYcPfCrA0D4dKZJW5LsStWcwZGEAu0Unxnt0yq1OW4fYayPV%2FkUzwNdQegRXoTc51qOaqDkT6c1SfaHGhdhVvBUApHtt7qBOy6W3A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
GET
H2 		200
 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		61ms
16ms 		Script
text/javascript		 2a00:1450:4001:803::200a
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: 2f13o.top
URL: https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2f13o.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 08:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 08:13:47 GMT
GET

hm.js
hm.baidu.com/ 		0
0

GET

jquery.min.js
gibet.top/js/ 		0
0

GET

jquery.min.js
ozdg4.top/js/ 		0
0

GET
H2 		200
 jquery.min.js Show response
e0gtd.top/js/ 		94 KB
34 KB 		395ms
143ms 		Script
application/javascript		 2a06:98c1:3121::3
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://e0gtd.top/js/jquery.min.js?t=1666299589&_=1666299589630
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2f13o.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 10:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6315cb66-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkaNl%2FWlkJltv3K1lEODnTPmJmahqDYG%2BeI3kFXoPYl5Wyy8ILdE%2F3nKxFJhQ9yxo7MnuzuNJIOCcnizJhzck0KhoRBuaMmQW%2Bko7fF17VvVB2itEQ%2FCcbaZsUNmEpq6KbG2S4Ka9N0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
75d4adf4ec5a1ea1-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 08:59:49 GMT
GET

jquery.min.js
f6aec.top/js/ 		0
0

GET
H2 		200
 Primary Request / Show response
e0gtd.top/ 		29 KB
7 KB 		94ms
92ms 		Document
text/html		 2a06:98c1:3121::3
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://e0gtd.top/
Requested by
Host: 2f13o.top
URL: https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4419bff3be423c6e0874325be5444a869a78ac4881533672418ef5dfc41e050e

Request headers

Referer
https://2f13o.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d4adf62dfc1ea1-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 20:59:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGkzdTKyTWCD49Fwvx3fsvYWGS8lv9C%2BqA1oMhxhwld4TqC44yk1%2Foziz5v0CLXO08PG2ELNc9ED0BbU0X66b9adtsQevkxyf6DqWq%2FdvPaqz9nizND71%2FVcMnEizE6JqjJVa5hDzYA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
GET
H2 		200
 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
24 KB 		77ms
32ms 		Stylesheet
text/css		 2606:4700::6812:acf
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
23294127
cdn-cachedat
08/03/2021 15:16:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
56c78c6fab4202e1d33cd4e5b8fa2829
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75d4adf70e796922-FRA
cdn-requestpullsuccess
True
GET
H3 		200
 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		51ms
17ms 		Script
text/javascript		 2a00:1450:4001:803::200a
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 06:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 06:16:12 GMT
GET
H2 		200
 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		80ms
32ms 		Script
application/javascript		 2606:4700::6811:180e
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3268229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4OpETFPlnxGwfIg6DredN%2FSmZBvRtN7OXeq7RMm%2BDq3pbZr5nyjBCIBeEhQ43M5j16n5PbjOH061UayU%2FMXn9ZAJuBk0ctakqSbEyhJtsvxCWyPwEDjT2fDVGO7%2FDBQFV%2FfT%2FTJEC6Uf30jLA27YuS2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4adf71fcb6909-FRA
expires
Tue, 10 Oct 2023 20:59:50 GMT
GET
H2 		200
 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
17 KB 		73ms
31ms 		Script
application/javascript		 2606:4700::6812:acf
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863, 845
age
20549617
cdn-cachedat
2022-02-23 12:47:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5e4abcf7bfccf03924001516b8ed2976
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75d4adf70e7d6922-FRA
cdn-requestpullsuccess
True
GET
H2 		200
 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		77ms
30ms 		Stylesheet
text/css		 2606:4700::6811:180e
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3353473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrdaRxIq%2F3HnvfcyOof4sS1barcK9Tl69iTFK4MeSA%2Fhmq75yx9cu5MVzYvYXTiDvBL3vymzNb%2FPn5FFCGZLSyG2QA6T4ZMd1LPcbqBupdfi5pFetqPzcub781uCXSXbfk1N7GTy4V0KIxTXPXg%2F%2BmPm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4adf71fc96909-FRA
expires
Tue, 10 Oct 2023 20:59:50 GMT
GET
H3 		200
 pyes1.png
e0gtd.top/images/ 		7 KB
7 KB 		68ms
68ms 		Image
image/png		 2a06:98c1:3121::3
CLOUDFLARENET
General
Check archive.org
Download Go to Show image
Full URL
https://e0gtd.top/images/pyes1.png
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 10:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6315cb51-1b86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi0PuhyaeJaFI0YEAN%2Ft%2Frc%2Bqzz59GMspORZ7AG5zY5uTZhB0QZuqLBsJP3dFimNGqYn%2FMP%2F649gLE3zogkZZmZAMVlvKTFM%2BSyN7W7TGQG%2FESj6UHM0mzhDuggUwHhZsnCapmg%2BGi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75d4adf74bc1bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7046
expires
Sat, 19 Nov 2022 20:59:50 GMT
GET
H2 		200
 SjHCv5u.jpg
i.imgur.com/
Redirect Chain
  • https://imgur.com/SjHCv5u.jpg
  • https://i.imgur.com/SjHCv5u.jpg
22 KB
23 KB 		81ms
21ms 		Image
image/jpeg		 151.101.12.193
FASTLY
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/SjHCv5u.jpg
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e4dd24a22b497773170c65b4b00c5e8f49e4433d1d160a18ca37b295b9a53aad
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
656035
x-cache
HIT, HIT
content-length
22940
x-served-by
cache-iad-kiad7000093-IAD, cache-fra19162-FRA
last-modified
Wed, 21 Sep 2022 10:40:03 GMT
server
cat factory 1.0
x-timer
S1666299590.451174,VS0,VE2
etag
"dbe1b2b2f462c2e6115a88512b521fcd"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
4167, 1

Redirect headers

x-cache-hits
0
date
Thu, 20 Oct 2022 20:59:50 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
x-timer
S1666299590.366013,VS0,VE0
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/SjHCv5u.jpg
access-control-allow-origin
https://imgur.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-cdg20760-CDG
GET
DATA 		200
OK 		truncated
/ 		156 B
0 		Image
image/svg+xml
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
GET
DATA 		200
OK 		truncated
/ 		157 B
0 		Image
image/svg+xml
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
GET
H3 		200
 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		56ms
33ms 		Font
application/octet-stream		 2606:4700::6811:180e
CLOUDFLARENET
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://e0gtd.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:59:50 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3642023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqWoG%2Bz26kVLQx7XpfqHB20SKwfwFBE3AgdQfe5ROcSl38S6JKO3R6nAP7VeYT%2BB1ibsvGstpJ0LM7rXc0U3RJg%2FnrUnF3C%2FaIxHQEaGqm0yskhRA4yukACUR6WZYdhhCkO8EXSxf07nnO7Mw7aMsbis"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4adf7ce859b4c-FRA
expires
Tue, 10 Oct 2023 20:59:50 GMT
GET
H/1.1 		200
OK 		hm.js Show response
hm.baidu.com/ 		30 KB
12 KB 		1575ms
425ms 		Script
application/javascript		 103.235.46.191
BAIDU Beijing Bai...
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9fbb2e2d8ef5f95429d4789c04eed85e
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7bd7e65f84b4752be465e7be551864514368490a11722cb469713ff083dea9d1
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 20:59:51 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
caf13b38e57116a1d6ac4873a7252169
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11332
GET
H/1.1 		200
OK 		hm.gif
hm.baidu.com/ 		43 B
299 B 		438ms
438ms 		Image
image/gif		 103.235.46.191
BAIDU Beijing Bai...
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=974937544&si=9fbb2e2d8ef5f95429d4789c04eed85e&su=https%3A%2F%2F2f13o.top%2F&v=1.2.97&lv=1&sn=6683&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fe0gtd.top%2F%231666299590839&tt=Presidential%20Youth%20Empowerment%20Scheme
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 20:59:52 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?d52286431818f45f39746a01f6e5528d
Domain
gibet.top
URL
https://gibet.top/js/jquery.min.js?t=1666299589&_=1666299589628
Domain
ozdg4.top
URL
https://ozdg4.top/js/jquery.min.js?t=1666299589&_=1666299589629
Domain
f6aec.top
URL
https://f6aec.top/js/jquery.min.js?t=1666299589&_=1666299589631

Verdicts & Comments Add Verdict or Comment

24 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Popper object| bootstrap function| smile string| message function| clickIE function| clickNS function| hh function| jp function| fh function| goon object| _hmt boolean| _bdhm_loaded_9fbb2e2d8ef5f95429d4789c04eed85e object| mini_tangram_log_661hbw

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path Expires Name / Value
2f13o.top/ 1970-01-20
06:55:58 		Name: loclang
Value: de
.2f13o.top/ 1970-01-20
16:27:39 		Name: godomain
Value: e0gtd.top
e0gtd.top/ 1970-01-20
06:55:58 		Name: loclang
Value: de
.hm.baidu.com/ 1970-01-20
16:27:39 		Name: HMACCOUNT_BFESS
Value: A1CD3454E1E61B74
.e0gtd.top/ 1970-01-20
15:37:15 		Name: Hm_lvt_9fbb2e2d8ef5f95429d4789c04eed85e
Value: 1666299593
.e0gtd.top/ 1969-12-31
23:59:59 		Name: Hm_lpvt_9fbb2e2d8ef5f95429d4789c04eed85e
Value: 1666299593

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f13o.top
ajax.googleapis.com
cdnjs.cloudflare.com
e0gtd.top
f6aec.top
gibet.top
hm.baidu.com
i.imgur.com
imgur.com
maxcdn.bootstrapcdn.com
ozdg4.top
f6aec.top
gibet.top
hm.baidu.com
ozdg4.top
103.235.46.191
151.101.12.193
199.232.192.193
2606:4700:3030::ac43:882e
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:803::200a
2a06:98c1:3121::3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
4419bff3be423c6e0874325be5444a869a78ac4881533672418ef5dfc41e050e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd7e65f84b4752be465e7be551864514368490a11722cb469713ff083dea9d1
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e4dd24a22b497773170c65b4b00c5e8f49e4433d1d160a18ca37b295b9a53aad
eacbd976fa452048720d4a9b5cfd99f6141bcac731359d5cae1dbc439d5c6a52