100g.324f.xyz Open in urlscan Pro
2606:4700:3032::ac43:a994  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 100g.324f.xyz/	37 KB 10 KB	494ms 272ms	Document text/html	2606:4700:3032::ac43:a994 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a994 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9921b85222fed345e6330d2e2341ec6c10eb450fd609da4bcaed9458949b138 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8436f4185f97d9d1-MIA content-encoding br content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 18:23:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dch7iomOZscOj5QQO2BmkRGlbJVcWbr1TQyeGGiQyDjHpivG%2BAs31d%2BVcsNSDgdZnEHEtglZ0A7%2Fygm6sMkl3Sjdyfedjlw3AudwPK43zx3zC0BrKENnYKSsK0txJf6KJrIlssGOnjoq3KZ9"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response 100g.324f.xyz/js/	85 KB 31 KB	381ms 379ms	Script application/javascript	2606:4700:3032::ac43:a994 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://100g.324f.xyz/js/jquery.min.js Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a994 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:51 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6238e18a-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn%2B5F7aF8Xe7E08JV6CkzRt5naMn8N96J50xPb4LrFy0KKLAGhx1QGyT35rerunsY1EHoSvtsIip2xFwOJ7KRa1FogDXzpirW%2F9afQQimYhtKPe8KPNKHrWBhxQlINdhbhb3zbXPujks0%2Bv%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8436f41a1a88d9d1-MIA alt-svc h3=":443"; ma=86400 expires Thu, 11 Jan 2024 06:23:51 GMT
GET H/1.1	200 OK	2.jpg pub-9b19b3f90b294b538c3ce5eba3387503.r2.dev/images/	68 KB 68 KB	340ms 208ms	Image image/jpeg	2606:4700::6812:223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-9b19b3f90b294b538c3ce5eba3387503.r2.dev/images/2.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c19506d32714dc1377719cb8fc4a6bd1de777adcb288362cd306df4eed7d776d Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:23:51 GMT Last-Modified Sun, 31 Dec 2023 18:09:33 GMT Server cloudflare ETag "cf92ebe91597eef44af8096cb88303ee" Vary Accept-Encoding Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes CF-RAY 8436f41aeefe7496-MIA Content-Length 69639
GET H2	200	source.gif media.giphy.com/media/3o7TKtnuHOHHUjR38Y/	444 KB 445 KB	139ms 34ms	Image image/gif	199.232.198.2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.giphy.com/media/3o7TKtnuHOHHUjR38Y/source.gif Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.198.2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 15ec3637dac5b76df6c7df5cf0bd5ba7a86df41335e6630e115d812513ca4533 Security Headers Name Value Strict-Transport-Security max-age=15465600 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:51 GMT strict-transport-security max-age=15465600 age 5542939 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 454706 x-served-by cache-iad-kiad7000023-IAD, cache-mia-kmia1760046-MIA last-modified Fri, 08 Nov 2019 17:53:16 GMT x-timer S1704911031.482820,VS0,VE2 etag "05cbe287d6c1384a47f3264bcdab62c4" content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-robots-tag noai, noimageai x-cache-hits 9211, 1
GET H2	200	FB_IMG_15869727062399866.jpg 1.bp.blogspot.com/-VLe9ANL6zpc/XpdlYHgo_bI/AAAAAAAAAKA/YdZWOlZvb2cuxfhdYhZIJLsfsqEe3QIbgCLcBGAsYHQ/s1600/	123 KB 123 KB	341ms 186ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-VLe9ANL6zpc/XpdlYHgo_bI/AAAAAAAAAKA/YdZWOlZvb2cuxfhdYhZIJLsfsqEe3QIbgCLcBGAsYHQ/s1600/FB_IMG_15869727062399866.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f47775cd654d893a389a12715a6e9b87fa7d09ddf7e6a14b417f61bbd210dbe6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:13:16 GMT x-content-type-options nosniff age 635 content-disposition inline;filename="FB_IMG_15869727062399866.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126275 x-xss-protection 0 server fife etag "va7" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 18:13:16 GMT
GET H2	200	FB_IMG_15869726679037399.jpg 1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/	151 KB 151 KB	208ms 67ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/FB_IMG_15869726679037399.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 16:49:00 GMT x-content-type-options nosniff age 5691 content-disposition inline;filename="FB_IMG_15869726679037399.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 154558 x-xss-protection 0 server fife etag "va8" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 16:49:00 GMT
GET H2	200	FB_IMG_15869726933242138.jpg 1.bp.blogspot.com/-g77wH3TKqSY/XpdlZrhkuGI/AAAAAAAAAKE/TV1SnTdfAMsL8hPAG6f2obb0_KDk7Di_gCLcBGAsYHQ/s1600/	196 KB 196 KB	468ms 346ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-g77wH3TKqSY/XpdlZrhkuGI/AAAAAAAAAKE/TV1SnTdfAMsL8hPAG6f2obb0_KDk7Di_gCLcBGAsYHQ/s1600/FB_IMG_15869726933242138.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 365c8c78bb4e1bbaf080ffd4c6238e376c0f5c49724032968f5720e991c91e63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:13:16 GMT x-content-type-options nosniff age 635 content-disposition inline;filename="FB_IMG_15869726933242138.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200923 x-xss-protection 0 server fife etag "vab" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 18:13:16 GMT
GET H2	200	FB_IMG_15869727323094582.jpg 1.bp.blogspot.com/-j8_e6qkQIxU/Xpdlel-JiZI/AAAAAAAAAKM/1OfgvpsRd_EGOLDUgbhen9vzmsTfsPjqQCLcBGAsYHQ/s1600/	114 KB 114 KB	264ms 143ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-j8_e6qkQIxU/Xpdlel-JiZI/AAAAAAAAAKM/1OfgvpsRd_EGOLDUgbhen9vzmsTfsPjqQCLcBGAsYHQ/s1600/FB_IMG_15869727323094582.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ed2bedc6da2aa4434f543565d83d68ae1203015c43650b421f614da9ac3f3369 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:13:16 GMT x-content-type-options nosniff age 635 content-disposition inline;filename="FB_IMG_15869727323094582.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 116852 x-xss-protection 0 server fife etag "vaa" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 18:13:16 GMT
GET H2	200	FB_IMG_15869730632923052.jpg 1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/	98 KB 98 KB	452ms 330ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/FB_IMG_15869730632923052.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:13:16 GMT x-content-type-options nosniff age 635 content-disposition inline;filename="FB_IMG_15869730632923052.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100293 x-xss-protection 0 server fife etag "vab" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 18:13:16 GMT
GET H2	200	FB_IMG_15869730921979436.jpg 1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/	80 KB 80 KB	460ms 339ms	Image image/jpeg	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/FB_IMG_15869730921979436.jpg Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 15:35:39 GMT x-content-type-options nosniff age 10092 content-disposition inline;filename="FB_IMG_15869730921979436.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81996 x-xss-protection 0 server fife etag "vaa" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 11 Jan 2024 15:35:39 GMT
GET H2	200	script.js Show response tj.657g.xyz/js/	1 KB 1 KB	154ms 44ms	Script application/javascript	2606:4700:3031::6815:5a7d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tj.657g.xyz/js/script.js Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:5a7d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 22694 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 10 Jan 2024 12:05:37 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpELZcvrKIamum6UzyQEAgij0TAPSu%2Boe8r3eIfSVXR8kbQ4smU08iMbNYTJp1Toi9GA6W0Ka1yz4cOVtjZ9W51Rlu%2FYxB%2BSoRe2CL1aHqXXhNQEocyCPIAKkjYmrJxVoVUDqsHw7YaVaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=43200 cf-ray 8436f41d5fa967c3-MIA expires Thu, 11 Jan 2024 00:07:27 GMT
GET H2	200	jquery.min.js Show response 100g.245d.xyz/js/	85 KB 31 KB	858ms 756ms	Script application/javascript	2606:4700:3036::6815:2af5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://100g.245d.xyz/js/jquery.min.js?t=1704911031&_=1704911031755 Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2af5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6238e18a-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uxwoz0oAEcxsKGq68pN6vzZcfOrJ61OJgLR0n0Do%2BHwpe%2Bbzmz4SITtIX9AkbX8Uyfioc%2FVtEQOfBWaCxsMXIV0e6n1X9RYQX4xUbdAn1kXDVXt72fnpT8Z6gH0tF0hX%2F2VpbsRaveM8pf3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8436f41d49cfb3c8-MIA alt-svc h3=":443"; ma=86400 expires Thu, 11 Jan 2024 06:23:52 GMT
GET H2	200	jquery.min.js Show response bcf5.xyz/js/	85 KB 31 KB	674ms 552ms	Script application/javascript	2606:4700:3033::ac43:cc90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bcf5.xyz/js/jquery.min.js?t=1704911031&_=1704911031756 Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cc90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6238e18a-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCDvsGmPc7FVFScTd3GVtCnUylnKNCTWXc1JE%2FZC%2Fwh7nnvi3E2nWF5G0te6s%2Bqb6Z2FBTx1SXwfRDlJ4SZG58KFrAUBb1v1cH40WD%2BvwlBUnczOHhRL8okdmd8NuvQZnMw3cGST7w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8436f41d6c7a3712-MIA alt-svc h3=":443"; ma=86400 expires Thu, 11 Jan 2024 06:23:52 GMT
GET H2	200	jquery.min.js Show response 100g.cvb9.xyz/js/	85 KB 31 KB	853ms 762ms	Script application/javascript	2606:4700:3032::6815:527a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://100g.cvb9.xyz/js/jquery.min.js?t=1704911031&_=1704911031757 Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:527a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6238e18a-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tx4jkrIJ6OSjS7PJuSv5hJxwRdtZ4wnnUUfjW4pL2jMOZkkd6ocGK5QZR4X90K3V830xLvzSU73kwS9UgZq5iCPwl1TQv%2BBkswb4r7VdOuLdm5TF0XOjP6CIqf9NYR%2B9Ug1m0L56ZjH6vbN"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8436f41d3ae0b3da-MIA alt-svc h3=":443"; ma=86400 expires Thu, 11 Jan 2024 06:23:52 GMT
GET H3	200	jquery.min.js Show response 100g.324f.xyz/js/	85 KB 31 KB	384ms 384ms	XHR application/javascript	2606:4700:3032::ac43:a994 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://100g.324f.xyz/js/jquery.min.js?t=1704911031&_=1704911031758 Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a994 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://100g.324f.xyz/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6238e18a-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOCz7xExDNFxDoyQ7hqy19qHuc0OpmSbD%2BO6YuUyjzmyy6RUKR4QAivNY%2Fbzv9ZvHgs%2BRDbM5KrKrdtUAMWtrTAs5088oF7y%2BPYMwBP6EnZ93Kdkoslvhr%2FvDC%2Bm514URwKUALRQjwu%2BhW7e"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 8436f41caddb74a8-MIA alt-svc h3=":443"; ma=86400 expires Thu, 11 Jan 2024 06:23:51 GMT
GET H2	200	script.js Show response tj.657g.xyz/js/	1 KB 983 B	43ms 42ms	Script application/javascript	2606:4700:3031::6815:5a7d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tj.657g.xyz/js/script.js Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:5a7d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:23:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 22694 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 10 Jan 2024 12:05:37 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAXVxrVXHFGlG5agSHtjkP1PEQqWsUV9y6LoFSNuttav3mqQgbJInk5RXuFD3%2BFvu9ZVJViFUXLDoVmKwAKJzd8DzaMhNOUDT2OaHUy4IyoMYcKKJ4btmS7D%2FBq54IVAAtXD8P1Dg3p1sg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=43200 cf-ray 8436f41d982467c3-MIA expires Thu, 11 Jan 2024 00:07:27 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	0 175 B	1543ms 815ms	Script text/plain	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?dc5bd3520eaa55943015406db87d109b7 Requested by Host: 100g.324f.xyz URL: https://100g.324f.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language en-US,en;q=0.9 Referer https://100g.324f.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:23:52 GMT Strict-Transport-Security max-age=172800 Server apache Content-Length 0 Content-Type text/plain; charset=utf-8
POST H3	202	event Show response tj.657g.xyz/api/	2 B 522 B	391ms 320ms	XHR text/plain	2606:4700:3031::6815:5a7d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tj.657g.xyz/api/event Requested by Host: tj.657g.xyz URL: https://tj.657g.xyz/js/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5a7d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://100g.324f.xyz/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers date Wed, 10 Jan 2024 18:23:52 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaJRXfi7oKQ83G6p804XULWi6NoFi8kmdzB1JYwZk2TQrjnN%2BGZPmrrk2yxCuNG%2BPxHRJFSjTZvk0nWWhs8VDd9I%2FCn4eQCwMFrqreqwzLo01VZ0NVr5Y46cxzQIe3aMvnnrlDmCejSGDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true cf-ray 8436f41e1a8e7438-MIA alt-svc h3=":443"; ma=86400 content-length 2 x-request-id F6kPppcoJlnuAoYAxw9C
POST H3	202	event Show response tj.657g.xyz/api/	2 B 487 B	359ms 330ms	XHR text/plain	2606:4700:3031::6815:5a7d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tj.657g.xyz/api/event Requested by Host: tj.657g.xyz URL: https://tj.657g.xyz/js/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5a7d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://100g.324f.xyz/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers date Wed, 10 Jan 2024 18:23:52 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Bc3VjXwcPOUeza67F6ONfil8Z6OH05s0Pq9tmwJJ74SKPAIpILMBTEaK01fLzBnaC1TrKuAGMxNa4oIIEe8giC%2FN0Gdn44Jav22fSBPU%2FwA0Jt%2FWBU3Lo6X56twn%2BK7ADxRJZQXAd7qUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true cf-ray 8436f41e1a947438-MIA alt-svc h3=":443"; ma=86400 content-length 2 x-request-id F6kPppeTF_2RE3cA-iwh

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Cookies number| timer_start number| total string| landingDomain string| WhatsApp_share_message string| alert_text number| timeleft number| downloadTimer function| hh1 function| jp object| _hmt function| plausible

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			100g.324f.xyz/	1970-01-20 17:39:30	Name: loclang Value: en
			100g.324f.xyz/	1970-01-20 17:36:37	Name: reg Value: 1
			100g.324f.xyz/	1970-01-20 17:36:37	Name: godomains Value: 100g.324f.xyz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
100g.245d.xyz
100g.324f.xyz
100g.cvb9.xyz
bcf5.xyz
hm.baidu.com
media.giphy.com
pub-9b19b3f90b294b538c3ce5eba3387503.r2.dev
tj.657g.xyz
103.235.46.191
199.232.198.2
2606:4700:3031::6815:5a7d
2606:4700:3032::6815:527a
2606:4700:3032::ac43:a994
2606:4700:3033::ac43:cc90
2606:4700:3036::6815:2af5
2606:4700::6812:223
2607:f8b0:4006:821::2001
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
15ec3637dac5b76df6c7df5cf0bd5ba7a86df41335e6630e115d812513ca4533
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
365c8c78bb4e1bbaf080ffd4c6238e376c0f5c49724032968f5720e991c91e63
c19506d32714dc1377719cb8fc4a6bd1de777adcb288362cd306df4eed7d776d
c9921b85222fed345e6330d2e2341ec6c10eb450fd609da4bcaed9458949b138
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a
e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2
ed2bedc6da2aa4434f543565d83d68ae1203015c43650b421f614da9ac3f3369
f47775cd654d893a389a12715a6e9b87fa7d09ddf7e6a14b417f61bbd210dbe6