urlscan.io logo urlscan.io
SecurityTrails logo

www.cgiconsulting.com.au Open in urlscan Pro
116.90.60.146  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.cgiconsulting.com.au/index.html
Submission: On October 01 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 24 HTTP transactions. The main IP is 116.90.60.146, located in Australia and belongs to HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU. The main domain is www.cgiconsulting.com.au.
This is the only time www.cgiconsulting.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 116.90.60.146 55803 (HOSTOPIA-...)
1 13.226.154.202 16509 (AMAZON-02)
1 104.21.3.215 13335 (CLOUDFLAR...)
1 142.250.185.227 15169 (GOOGLE)
1 2 163.172.212.102 12876 (Online SAS)
1 3 188.165.137.170 16276 (OVH)
2 13.226.156.183 16509 (AMAZON-02)
6 172.67.133.128 13335 (CLOUDFLAR...)
3 52.222.236.109 16509 (AMAZON-02)
1 13.225.87.86 16509 (AMAZON-02)
1 1 163.172.211.26 12876 (Online SAS)
1 51.159.59.232 12876 (Online SAS)
1 142.250.186.46 15169 (GOOGLE)
1 104.21.45.207 13335 (CLOUDFLAR...)
1 52.92.163.58 ()
24 15
1    116.90.60.146 (Australia)

ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU)
PTR: vmres14.web-servers.com.au
www.cgiconsulting.com.au
1    13.226.154.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-202.dus51.r.cloudfront.net
thumbs.gfycat.com
1    104.21.3.215 (None, )

ASN13335 (CLOUDFLARENET, US)
www.cssscript.com
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
2    163.172.212.102 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-212-102.rev.poneytelecom.eu
6.top4top.net
6.top4top.io
3    188.165.137.170 (France)

ASN16276 (OVH, FR)
PTR: ip170.ip-188-165-137.eu
top4top.io
2    13.226.156.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-183.dus51.r.cloudfront.net
d3v3bqdndm4erx.cloudfront.net
6    172.67.133.128 (United States)

ASN13335 (CLOUDFLARENET, US)
s.top4top.io
3    52.222.236.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-109.fra56.r.cloudfront.net
gertesaevided.xyz
1    13.225.87.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-86.fra2.r.cloudfront.net
ximitedawas.space
1    163.172.211.26 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-211-26.rev.poneytelecom.eu
o.top4top.vip
1    51.159.59.232 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-59-232.rev.poneytelecom.eu
k.top4top.io
1    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
1    104.21.45.207 (None, )

ASN13335 (CLOUDFLARENET, US)
freychang.fun
1    52.92.163.58 (None, )

ASN- ()
webpick-cdn.s3.us-west-2.amazonaws.com
Domain Requested by
6 s.top4top.io 6.top4top.io
top4top.io
3 gertesaevided.xyz d3v3bqdndm4erx.cloudfront.net
3 top4top.io 1 redirects 6.top4top.io
2 d3v3bqdndm4erx.cloudfront.net 6.top4top.io
gertesaevided.xyz
1 webpick-cdn.s3.us-west-2.amazonaws.com d3v3bqdndm4erx.cloudfront.net
1 freychang.fun d3v3bqdndm4erx.cloudfront.net
1 www.google-analytics.com 6.top4top.io
1 k.top4top.io 6.top4top.io
1 o.top4top.vip 1 redirects
1 ximitedawas.space 6.top4top.io
1 6.top4top.io www.cgiconsulting.com.au
1 6.top4top.net 1 redirects
1 fonts.gstatic.com www.cgiconsulting.com.au
1 www.cssscript.com www.cgiconsulting.com.au
1 thumbs.gfycat.com www.cgiconsulting.com.au
1 www.cgiconsulting.com.au
24 16

This site contains no links.

Subject Issuer Validity Valid
gfycat.com
Amazon		 2021-03-21 -
2022-04-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
top4top.io
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
gertesaevided.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
ximitedawas.space
Amazon		 2021-09-22 -
2022-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh

This page contains 4 frames:

Primary Page: http://www.cgiconsulting.com.au/index.html
Frame ID: 750A605F9C9097317214592B3F36526B
Requests: 4 HTTP requests in this frame

Frame: https://6.top4top.io/m_1371z54d62.mp
Frame ID: 3B2E0CF120BA24D483468ABDCB5462A4
Requests: 17 HTTP requests in this frame

Frame: https://gertesaevided.xyz/ck5DWk8TLCA3cBNzIXw6ACJ+f300a3EcK0E4cDg+FiAnN3sXPDt0LB4hNj4pACEtLmEcKzd/fTQ8EB8rRxwvNT05DCA9FSY5NhIXBiclaQUiLQRrOj4fLCoBNiZ1CjggJCYCAhAqBy0kOyJ7IwYxNnUJGDN8CAkkFytwLTs5HDNtLkB6LhIcICAlHQo8ACkPJRcpNDUfG34rHwwVa3EcAzULDhB9ESIIGwIEACoLIioGEjkpJSIJA30aeiEtewQAAC0gNiQVf300Ky05Fz8gemwrQiZxPgcaJxA9HVd8BT8hEQEPIB1XfAE5fgp/BB1+Qx0XbzwUCXY5KzUhMxQ4XyUyCjVKJwQjfwgeBBADMwl6bSw0KnI4CEN/EA17CgcHFxo5IHpsDTQ2czsmIzsGMwFXfAU/IRErCiAkGAUFGCUTBiQxCiYfchAcOC0nGDcKKgU+fRYGOyMbHAhzPCEgLScdIEUEK2IhOQ0FMxwFDDU/fDAWJw03BwMoC2kYPSw0P08IAWN+RixxPCMX
Frame ID: C77129EE610D9092042B1239D6DD726E
Requests: 2 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Frame ID: D6D5F7F1D2F0C126E0BDA25240A633CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacked by Inisial_Y

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

24
Requests

92 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

4238 kB
Transfer

4386 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://6.top4top.net/m_1371z54d62.mp HTTP 301
  • https://6.top4top.io/m_1371z54d62.mp
Request Chain 11
  • https://top4top.io/adimg-77?1633052505 HTTP 302
  • https://o.top4top.vip/p_1432wek9m1.jpg HTTP 302
  • https://k.top4top.io/p_1432wek9m1.jpg

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www.cgiconsulting.com.au/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cgiconsulting.com.au/index.html
Protocol
HTTP/1.1
Server
116.90.60.146 , Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU),
Reverse DNS
vmres14.web-servers.com.au
Software
LiteSpeed /
Resource Hash
6a07251178083fd14ab50e022f10c9fb8845cf652ab7cdae00dd57d6106c1f70

Request headers

Host
www.cgiconsulting.com.au
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html
last-modified
Sat, 02 Nov 2019 10:06:05 GMT
accept-ranges
bytes
content-encoding
gzip
vary
Accept-Encoding,User-Agent
content-length
1230
date
Fri, 01 Oct 2021 01:41:44 GMT
server
LiteSpeed
WaryQuickHomalocephale-size_restricted.gif
thumbs.gfycat.com/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbs.gfycat.com/WaryQuickHomalocephale-size_restricted.gif
Requested by
Host: www.cgiconsulting.com.au
URL: http://www.cgiconsulting.com.au/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.154.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-202.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb53eb3d1f161cb51dd9530a90e04a71cc92dd2929c3ae4286867b55cf5de27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.cgiconsulting.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
last-modified
Thu, 31 Oct 2019 09:31:17 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"98c981a8f23b6c8a5e7be4b8eb784381"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=946707779, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
4192365
x-amz-cf-id
oAVyZThs9Qblerx0WxfKTz1r3GDB1TX56bIPBEzd6jy5cFgoHJFloA==
snow.js
www.cssscript.com/demo/minimalist-falling-snow-effect-with-pure-javascript-snow-js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cssscript.com/demo/minimalist-falling-snow-effect-with-pure-javascript-snow-js/snow.js
Requested by
Host: www.cgiconsulting.com.au
URL: http://www.cgiconsulting.com.au/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3612dc406a1586c45e14a1c3a15ed5883154419607b5475c4f252c5cad1c40a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.cgiconsulting.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1593102
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 10 Dec 2015 21:19:52 GMT
server
cloudflare
etag
W/"5669ec78-a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Eol%2FuWMHflhzml4SF11x1SW1hjCPPtvn344HeW03TaDBfRnGMbmeJDrVNIQtT%2FaEOCSprOqGvuheud7GHqdgCkAlfnexrTP40C%2B6NqaUGhPI6%2FIvojKLG84i5zcEISURTr3wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6971fd8b4bca42fd-FRA
expires
Mon, 12 Sep 2022 15:10:02 GMT
rax9HiuFsdMNOnWPaKtMARJYk0o.woff2
fonts.gstatic.com/s/iceland/v8/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/iceland/v8/rax9HiuFsdMNOnWPaKtMARJYk0o.woff2
Requested by
Host: www.cgiconsulting.com.au
URL: http://www.cgiconsulting.com.au/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
172f7d91e55411a90eb7200c6087e12d4836303f89a8d419cb573aa04ce7ecec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.cgiconsulting.com.au/
Origin
http://www.cgiconsulting.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 00:36:15 GMT
x-content-type-options
nosniff
age
3929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5444
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:12:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 01 Oct 2022 00:36:15 GMT
m_1371z54d62.mp
6.top4top.io/ Frame 3B2E
Redirect Chain
  • https://6.top4top.net/m_1371z54d62.mp
  • https://6.top4top.io/m_1371z54d62.mp
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6.top4top.io/m_1371z54d62.mp
Requested by
Host: www.cgiconsulting.com.au
URL: http://www.cgiconsulting.com.au/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.212.102 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-212-102.rev.poneytelecom.eu
Software
nginx /
Resource Hash
56dfb8d929d5d63b08de72d024e73593e7530cae33d5ec8d2fbb6983846d06b2

Request headers

:method
GET
:authority
6.top4top.io
:scheme
https
:path
/m_1371z54d62.mp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.cgiconsulting.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.cgiconsulting.com.au/

Response headers

server
nginx
date
Fri, 01 Oct 2021 01:41:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
sid=vDmXM%2CWRix3jdyAY1t4TRsSXIXb; expires=Sun, 03-Oct-2021 01:41:44 GMT; path=/
expires
Fri, 01 Oct 2021 03:41:44 GMT
cache-control
public, maxage=7200
pragma
public
last-modified
Fri, 01 Oct 2021 01:00:00 GMT
i-am
US03

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 01:41:45 GMT
content-type
text/html
content-length
162
location
https://6.top4top.io/m_1371z54d62.mp
stylesheet-2.8.css
top4top.io/styles/default-new-mob/css/ Frame 3B2E 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://top4top.io/styles/default-new-mob/css/stylesheet-2.8.css
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ip170.ip-188-165-137.eu
Software
HotCores /
Resource Hash
42ae72afd2d5bcbd9c4baf56d127328d6619d047e4dfb6acdd0d44dcedda44b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:41:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 22:16:08 GMT
Server
HotCores
ETag
W/"5f5019a8-449e"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Expires
Fri, 08 Oct 2021 01:41:45 GMT
/
d3v3bqdndm4erx.cloudfront.net/ Frame 3B2E 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-183.dus51.r.cloudfront.net
Software
/
Resource Hash
8f735040cba5ef84f5570370b5c1e2b28111dd7f3f65c1fcfb6e2cd544f953fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:41:45 GMT
content-encoding
gzip
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
DUS51-C1
content-length
48647
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-id
4RSIzcWE8g5-7cwgJSgLENvrIhgN9lBs_D95aN9VRhtpoeGW2XrkgA==
logo.jpg
s.top4top.io/styles/default-new-mob/images/ Frame 3B2E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/styles/default-new-mob/images/logo.jpg
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4838ed4bbb011446ded9229fc52e1fa79af0ed64704b0478067f33445d162c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6782
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-1a7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BxC%2B%2FlD%2FcdLqkVlkeAiB5IQVJSzbggMhclJiHnoJfXcyb%2BYZHubA4KsrrLUGdb%2FWC8%2F%2BBkpLm%2BlhoGf02AEoE%2FtYsRoWk4tD5CiXxwwgz6RtHgGLHftI6YYQq80wvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd8e9a980ea7-FRA
expires
Tue, 20 Jul 2021 15:25:18 GMT
adpull.php
top4top.io/ads/ Frame 3B2E 		312 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=1191073011754
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ip170.ip-188-165-137.eu
Software
HotCores /
Resource Hash
1fd3f3ac8851635ac5e73d752348aeb5db0731b29acd14e726a3f4abe4267e62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:41:45 GMT
I-AM
US03
Server
HotCores
Content-Length
312
Content-Type
text/javascript;Charset=UTF-8
utx
gertesaevided.xyz/ Frame 3B2E 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gertesaevided.xyz/utx?cb=861ut85pG3HA&top=6.top4top.io&tid=875667
Requested by
Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-109.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:41:45 GMT
via
1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://6.top4top.io
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
SLpA_ngbjzoVlBkvkzVqmkZCdoSI11FXMbgU9mJ6o7OBnjoFxypl4A==
popunder.gif
ximitedawas.space/ Frame 3B2E 		35 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ximitedawas.space/popunder.gif
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-86.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Fri, 01 Oct 2021 01:41:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-id
b9PabxEJ4QRZOxFNlI7jjnEpt81h2CzcQ911Gmr-8-C3vmi998s0FQ==
loading.gif
s.top4top.io/images/ Frame 3B2E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/images/loading.gif
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6431682a75ba643f28e27e40c709343106ffba3d9f18f8c681c237f00b270aa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
575852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3951
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-f6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C57l2oe0GBmA7pjBVk6KBilnM9eU8CZ9RahIpKz87%2Fwh9L7%2BrSHGtkfRkPf3F6PDtHRNHc5HMzk40TYwfb0%2FEw2ZDhLIR4ihSg7K1QaK1HwwpFkeQ2Z2r8VrxB60v4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd8e9a9a0ea7-FRA
expires
Tue, 20 Jul 2021 15:16:25 GMT
p_1432wek9m1.jpg
k.top4top.io/ Frame 3B2E
Redirect Chain
  • https://top4top.io/adimg-77?1633052505
  • https://o.top4top.vip/p_1432wek9m1.jpg
  • https://k.top4top.io/p_1432wek9m1.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k.top4top.io/p_1432wek9m1.jpg
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.159.59.232 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-159-59-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash
325f26d51d641617f0921b75a82a008d00262d33c0633cfc0978f8e1bf8b5c2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id
x30590926x
date
Fri, 01 Oct 2021 01:41:45 GMT
last-modified
Tue, 03 Dec 2019 16:24:59 GMT
server
nginx
etag
"5de68c5b-3eb6"
content-type
image/jpeg
cache-control
max-age=7200
content-disposition
inline; filename="0i-is-300-250.jpg"
accept-ranges
bytes
content-length
16054
expires
Fri, 01 Oct 2021 03:41:45 GMT

Redirect headers

location
https://k.top4top.io/p_1432wek9m1.jpg
date
Fri, 01 Oct 2021 01:41:45 GMT
server
nginx
content-length
59
vary
Accept
content-type
text/plain; charset=utf-8
analytics.js
www.google-analytics.com/ Frame 3B2E 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2985
date
Fri, 01 Oct 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 02:52:00 GMT
fDAWJw03BwMoC2kYPSw0P08IAWN+RixxPCMX
gertesaevided.xyz/ck5DWk8TLCA3cBNzIXw6ACJ+f300a3EcK0E4cDg+FiAnN3sXPDt0LB4hNj4pACEtLmEcKzd/fTQ8EB8rRxwvNT05DCA9FSY5NhIXBiclaQUiLQRrOj4fLCoBNiZ1CjggJCYCAhAqBy0kOyJ7IwYxNnUJGDN8CAkkFytwLTs5HDNtLkB6LhI... Frame C771 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gertesaevided.xyz/ck5DWk8TLCA3cBNzIXw6ACJ+f300a3EcK0E4cDg+FiAnN3sXPDt0LB4hNj4pACEtLmEcKzd/fTQ8EB8rRxwvNT05DCA9FSY5NhIXBiclaQUiLQRrOj4fLCoBNiZ1CjggJCYCAhAqBy0kOyJ7IwYxNnUJGDN8CAkkFytwLTs5HDNtLkB6LhIcICAlHQo8ACkPJRcpNDUfG34rHwwVa3EcAzULDhB9ESIIGwIEACoLIioGEjkpJSIJA30aeiEtewQAAC0gNiQVf300Ky05Fz8gemwrQiZxPgcaJxA9HVd8BT8hEQEPIB1XfAE5fgp/BB1+Qx0XbzwUCXY5KzUhMxQ4XyUyCjVKJwQjfwgeBBADMwl6bSw0KnI4CEN/EA17CgcHFxo5IHpsDTQ2czsmIzsGMwFXfAU/IRErCiAkGAUFGCUTBiQxCiYfchAcOC0nGDcKKgU+fRYGOyMbHAhzPCEgLScdIEUEK2IhOQ0FMxwFDDU/fDAWJw03BwMoC2kYPSw0P08IAWN+RixxPCMX
Requested by
Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-109.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4b5bffdc0ebe1c3e2a3930601074da5ffa6e18e7e7683d59a1c23610ff73d20d

Request headers

:method
GET
:authority
gertesaevided.xyz
:scheme
https
:path
/ck5DWk8TLCA3cBNzIXw6ACJ+f300a3EcK0E4cDg+FiAnN3sXPDt0LB4hNj4pACEtLmEcKzd/fTQ8EB8rRxwvNT05DCA9FSY5NhIXBiclaQUiLQRrOj4fLCoBNiZ1CjggJCYCAhAqBy0kOyJ7IwYxNnUJGDN8CAkkFytwLTs5HDNtLkB6LhIcICAlHQo8ACkPJRcpNDUfG34rHwwVa3EcAzULDhB9ESIIGwIEACoLIioGEjkpJSIJA30aeiEtewQAAC0gNiQVf300Ky05Fz8gemwrQiZxPgcaJxA9HVd8BT8hEQEPIB1XfAE5fgp/BB1+Qx0XbzwUCXY5KzUhMxQ4XyUyCjVKJwQjfwgeBBADMwl6bSw0KnI4CEN/EA17CgcHFxo5IHpsDTQ2czsmIzsGMwFXfAU/IRErCiAkGAUFGCUTBiQxCiYfchAcOC0nGDcKKgU+fRYGOyMbHAhzPCEgLScdIEUEK2IhOQ0FMxwFDDU/fDAWJw03BwMoC2kYPSw0P08IAWN+RixxPCMX
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6.top4top.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/

Response headers

content-type
text/html
content-length
1226
date
Fri, 01 Oct 2021 01:41:45 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
m2vhm8r_fEBVVmBZPZsdWIYeSHBDLn1RAOB2vuV9Lni8MazbClUTdw==
/
freychang.fun/ Frame 3B2E 		16 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=4a69e7523e5176c061474e6943e7af6c
Requested by
Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7677b4127bd6c8893281c25a63f4f23b8aacc9d5c101d60ba9cd4225646a58e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://6.top4top.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlPE3f3n1Wn%2BNw0be2nwf4W9T1Rgv%2FkVxEDOee4NuSIuRKuSFWLXMMy0kU5FTAsmyuglvSFDrVXpb3%2BBA3edpzUtEOE2V4neK4YVwpK%2FT%2FAYLhcnS%2FfWn7GRDEHL0%2FPH"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6971fd8fd9eaf9d2-PRG
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
enceIzkjKFBjaHgkETQ1JSJcdBxxdFd2dHxyTnF0fnRcdGo7Jh8nKCFiSwBve3BXdWxuMkQ
d3v3bqdndm4erx.cloudfront.net/rSEd5RlorKBcgZTwuHXtif3JPcG1uLQopNDh6PwRjeXMbdDwkIl8yICx6SWA2KSkee3wtKRp7a24mHSRnfGENNjUjegwoPi0hECg/LGEMJ2clKAMvNiQmXHQcfWlJY2h4bw4vNCwoDjV/encXMn96d0h2dHhiSgR/encOLz... Frame C771 		450 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v3bqdndm4erx.cloudfront.net/rSEd5RlorKBcgZTwuHXtif3JPcG1uLQopNDh6PwRjeXMbdDwkIl8yICx6SWA2KSkee3wtKRp7a24mHSRnfGENNjUjegwoPi0hECg/LGEMJ2clKAMvNiQmXHQcfWlJY2h4bw4vNCwoDjV/encXMn96d0h2dHhiSgR/encOLzR+c1x1GG11ST5sfG5cdGopNw-kqPz8iGy0zPGJLAG97cFd1bG11SW4xIDMUKn96BFx0aiQuEiN/enceIzkjKFBjaHgkETQ1JSJcdBxxdFd2dHxyTnF0fnRcdGo7Jh8nKCFiSwBve3BXdWxuMkQ
Requested by
Host: gertesaevided.xyz
URL: https://gertesaevided.xyz/ck5DWk8TLCA3cBNzIXw6ACJ+f300a3EcK0E4cDg+FiAnN3sXPDt0LB4hNj4pACEtLmEcKzd/fTQ8EB8rRxwvNT05DCA9FSY5NhIXBiclaQUiLQRrOj4fLCoBNiZ1CjggJCYCAhAqBy0kOyJ7IwYxNnUJGDN8CAkkFytwLTs5HDNtLkB6LhIcICAlHQo8ACkPJRcpNDUfG34rHwwVa3EcAzULDhB9ESIIGwIEACoLIioGEjkpJSIJA30aeiEtewQAAC0gNiQVf300Ky05Fz8gemwrQiZxPgcaJxA9HVd8BT8hEQEPIB1XfAE5fgp/BB1+Qx0XbzwUCXY5KzUhMxQ4XyUyCjVKJwQjfwgeBBADMwl6bSw0KnI4CEN/EA17CgcHFxo5IHpsDTQ2czsmIzsGMwFXfAU/IRErCiAkGAUFGCUTBiQxCiYfchAcOC0nGDcKKgU+fRYGOyMbHAhzPCEgLScdIEUEK2IhOQ0FMxwFDDU/fDAWJw03BwMoC2kYPSw0P08IAWN+RixxPCMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-183.dus51.r.cloudfront.net
Software
/
Resource Hash
03904e84c09586fa8094da31f815c364e3f39a6488239ef46b3283f324f426d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gertesaevided.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
content-encoding
gzip
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-C1
content-length
353
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-id
vTgALvxo3r46Q7MO_DrRDjwsARTjxcytaYfMSWwET7OM9IOJGKx8bA==
floater
gertesaevided.xyz/ Frame 3B2E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gertesaevided.xyz/floater?cs=M3puN0cCTA8OJAdDV1F2CkhcAXcD&abt=0&red=1&sm=83&k=&v=0.8.4.0&sts=0&prn=0&emb=1&tid=875667&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2F6.top4top.io%2Fm_1371z54d62.mp&osr=www.cgiconsulting.com.au&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=ta0_oi1_&_ugns=1633052505579&crc=1
Requested by
Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-109.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
1739c5991a6d5b97278576aeeaa415b7ff7a6bb7b6de8f382eb4f7d83d9f1555

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:41:46 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://6.top4top.io
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1231
via
1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)
x-amz-cf-id
6xxy8T1TEJzOuna2XqzKgxZYomDEZAf-oGAeHI4_4SJ1RKOBFICP3g==
header-back.jpg
s.top4top.io/styles/default-new-mob/images/ Frame 3B2E 		413 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/styles/default-new-mob/images/header-back.jpg
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada8b37383e1404c58b771571596ccdbd1759e9f6944327e3604192790f5ae14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12071
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
413
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-19d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44EWLgtUgdXrIQApE3oHMht8PFaq%2B%2BbQWJ2zcMXUIidqixJfEzPUTCtr1iFF6Av6jcyhXyXsSMUMYJ1Csecmi1C60dYth%2FlXcU5bfbGQ2cV%2FekgDPqLsyUgIXbDjwC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd912bb60ea7-FRA
expires
Tue, 20 Jul 2021 15:18:31 GMT
error.png
s.top4top.io/styles/default-new-mob/images/ Frame 3B2E 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/styles/default-new-mob/images/error.png
Requested by
Host: top4top.io
URL: https://top4top.io/styles/default-new-mob/css/stylesheet-2.8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac90e880181d7b23386ecc671b6191af4faa8446a17a7d641ded113c214dcbe0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
973
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-3cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhGG5BkJHxrRZgS0ebOU6vWbDxpQ9L6u9bl%2Ff97DqvBfy7YTChDF12jr%2FeQL%2BjX2%2B5tCaa4L6PBdGqmLX9XBN5YYFtpk65o%2B%2FxYFJvmSibHxUHQmeNt2X9iWqP6zsUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd913bb70ea7-FRA
expires
Tue, 20 Jul 2021 15:16:33 GMT
dot.gif
s.top4top.io/styles/default-new-mob/images/ Frame 3B2E 		45 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/styles/default-new-mob/images/dot.gif
Requested by
Host: top4top.io
URL: https://top4top.io/styles/default-new-mob/css/stylesheet-2.8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957e7bc8ea2257033e39a14b371e80851d453bfd385698a09e448c2a1f2aaef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12071
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yRz%2FNHdzZYZ%2BKOuH8bnxRzMgJi1iRCW0aYInzOwTL32YxMS0nno8ofHAn%2BRlJnlKxJtragYZKY%2BUmKdG1XrApg3iYMVq5ezQoN%2FwaIAJAzgXUA5XFN22L3arxvqWdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd913bb80ea7-FRA
expires
Tue, 20 Jul 2021 15:17:45 GMT
footer-back.jpg
s.top4top.io/styles/default-new-mob/images/ Frame 3B2E 		411 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.top4top.io/styles/default-new-mob/images/footer-back.jpg
Requested by
Host: 6.top4top.io
URL: https://6.top4top.io/m_1371z54d62.mp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49b9429f3e73318636941e06512779dcaa26ed1d512d5f360f71711dca2857a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6.top4top.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:41:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257703
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
411
last-modified
Mon, 26 Sep 2016 09:33:17 GMT
server
cloudflare
x-cache-status-a
HIT
etag
"57e8eb5d-19b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56gV1uM7UQPd3eLo3E9NP%2Fz07%2Fng6%2F9LI9MeSiLzMbdqeAuxZq%2FOY15q%2Flyk%2BaOjuPbTTOhK7nwiQsfQGWiIC6wIaWm8DwYjZ5TkifVQBH3344YBwGAUIN6njy0xK7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
6971fd913bb90ea7-FRA
expires
Tue, 20 Jul 2021 15:46:04 GMT
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame 3B2E 		0
0
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame D6D5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Requested by
Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=875667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.163.58 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:41:49 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
CZSS4HVQ95KSF1RK
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
NMU821+DJ8rO55VufgJdzCjDU7R11iaPWqEXBLqQa7MPxA3yyAleV0icJ5rpJmWBhIZ1mz5N8H4=
x-amz-meta-s3b-last-modified
20200625T081632Z
truncated
/ Frame D6D5 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster number| snowMax object| snowColor string| snowEntity number| snowSpeed number| snowMinSize number| snowMaxSize number| snowRefresh string| snowStyles object| snow object| pos object| coords object| lefr number| marginBottom number| marginRight function| randomise function| initSnow function| resize function| moveSnow number| rand

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://6.top4top.io/m_1371z54d62.mp
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.top4top.io
6.top4top.net
d3v3bqdndm4erx.cloudfront.net
fonts.gstatic.com
freychang.fun
gertesaevided.xyz
k.top4top.io
o.top4top.vip
s.top4top.io
thumbs.gfycat.com
top4top.io
webpick-cdn.s3.us-west-2.amazonaws.com
www.cgiconsulting.com.au
www.cssscript.com
www.google-analytics.com
ximitedawas.space
webpick-cdn.s3.us-west-2.amazonaws.com
104.21.3.215
104.21.45.207
116.90.60.146
13.225.87.86
13.226.154.202
13.226.156.183
142.250.185.227
142.250.186.46
163.172.211.26
163.172.212.102
172.67.133.128
188.165.137.170
51.159.59.232
52.222.236.109
52.92.163.58
03904e84c09586fa8094da31f815c364e3f39a6488239ef46b3283f324f426d0
172f7d91e55411a90eb7200c6087e12d4836303f89a8d419cb573aa04ce7ecec
1739c5991a6d5b97278576aeeaa415b7ff7a6bb7b6de8f382eb4f7d83d9f1555
1fb53eb3d1f161cb51dd9530a90e04a71cc92dd2929c3ae4286867b55cf5de27
1fd3f3ac8851635ac5e73d752348aeb5db0731b29acd14e726a3f4abe4267e62
325f26d51d641617f0921b75a82a008d00262d33c0633cfc0978f8e1bf8b5c2a
3612dc406a1586c45e14a1c3a15ed5883154419607b5475c4f252c5cad1c40a2
42ae72afd2d5bcbd9c4baf56d127328d6619d047e4dfb6acdd0d44dcedda44b5
4b5bffdc0ebe1c3e2a3930601074da5ffa6e18e7e7683d59a1c23610ff73d20d
56dfb8d929d5d63b08de72d024e73593e7530cae33d5ec8d2fbb6983846d06b2
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
6431682a75ba643f28e27e40c709343106ffba3d9f18f8c681c237f00b270aa0
6a07251178083fd14ab50e022f10c9fb8845cf652ab7cdae00dd57d6106c1f70
6e4838ed4bbb011446ded9229fc52e1fa79af0ed64704b0478067f33445d162c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f735040cba5ef84f5570370b5c1e2b28111dd7f3f65c1fcfb6e2cd544f953fd
957e7bc8ea2257033e39a14b371e80851d453bfd385698a09e448c2a1f2aaef0
ac90e880181d7b23386ecc671b6191af4faa8446a17a7d641ded113c214dcbe0
ada8b37383e1404c58b771571596ccdbd1759e9f6944327e3604192790f5ae14
c7677b4127bd6c8893281c25a63f4f23b8aacc9d5c101d60ba9cd4225646a58e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
f49b9429f3e73318636941e06512779dcaa26ed1d512d5f360f71711dca2857a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62