urlscan.io logo urlscan.io
SecurityTrails logo

e0gtd.top Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2f13o.top/?y=st1666299169
Effective URL: https://e0gtd.top/
Submission: On October 20 via manual from VE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is e0gtd.top.
TLS certificate: Issued by E1 on September 21st 2022. Valid for: 3 months.
This is the only time e0gtd.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 199.232.192.193 54113 (FASTLY)
1 151.101.12.193 54113 (FASTLY)
2 103.235.46.191 55967 (BAIDU Bei...)
18 8
1    2606:4700:3030::ac43:882e (United States)

ASN13335 (CLOUDFLARENET, US)
2f13o.top
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
e0gtd.top
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
imgur.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
89 KB
3 e0gtd.top
e0gtd.top
48 KB
2 imgur.com
imgur.com — Cisco Umbrella Rank: 4260
i.imgur.com — Cisco Umbrella Rank: 5881
23 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
41 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8526 Failed
12 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
124 KB
1 2f13o.top
2f13o.top
2 KB
0 f6aec.top Failed
f6aec.top Failed
0 ozdg4.top Failed
ozdg4.top Failed
0 gibet.top Failed
gibet.top Failed
18 10
Domain Requested by
3 cdnjs.cloudflare.com e0gtd.top
cdnjs.cloudflare.com
3 e0gtd.top ajax.googleapis.com
2f13o.top
e0gtd.top
2 maxcdn.bootstrapcdn.com e0gtd.top
2 hm.baidu.com 2f13o.top
e0gtd.top
2 ajax.googleapis.com 2f13o.top
e0gtd.top
1 i.imgur.com e0gtd.top
1 imgur.com 1 redirects
1 2f13o.top
0 f6aec.top Failed ajax.googleapis.com
0 ozdg4.top Failed ajax.googleapis.com
0 gibet.top Failed ajax.googleapis.com
18 11

This site contains no links.

Subject Issuer Validity Valid
*.2f13o.top
E1		 2022-09-21 -
2022-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.e0gtd.top
E1		 2022-09-21 -
2022-12-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://e0gtd.top/
Frame ID: 06ADAF5778922945B23A47A0B5C901E5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Presidential Youth Empowerment Scheme

Page URL History Show full URLs

  1. https://2f13o.top/?y=st1666299169 Page URL
  2. https://e0gtd.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

72 %
HTTPS

63 %
IPv6

10
Domains

11
Subdomains

8
IPs

3
Countries

339 kB
Transfer

706 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2f13o.top/?y=st1666299169 Page URL
  2. https://e0gtd.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://imgur.com/SjHCv5u.jpg HTTP 301
  • https://i.imgur.com/SjHCv5u.jpg

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2f13o.top/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:882e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074b295eb82673a1eb1db4b3cb4e39e7374926cc0799d4022178ef2fcd619156

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d4b56d391b9028-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 21:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgNyEai3HbHiMNV979QS%2FNBuyYTebUNgC%2FRg0FZWhgcJhgt11vVEfP4oypjlWPouf0VXaZpTw4iuTdP%2BDfKZlaSqpltJ7OXER9c0cJM%2B4sEet99CVDGr81NrrjYy4NUikb2wh1TMhpY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: 2f13o.top
URL: https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2f13o.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 04:28:57 GMT
x-content-type-options
nosniff
age
232559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 04:28:57 GMT
hm.js
hm.baidu.com/ 		0
0
jquery.min.js
gibet.top/js/ 		0
0
jquery.min.js
ozdg4.top/js/ 		0
0
jquery.min.js
e0gtd.top/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e0gtd.top/js/jquery.min.js?t=1666299896&_=1666299896336
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2f13o.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 10:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6315cb66-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49zzQb4d0PNF1MtzLcsBUt5TuCeZKBNi%2Facw2Kxf7WN8idzBA0akvFIULSffmqmZkuQT%2BIfmMMxmBumiHAhdZpVGIuHKfte4W5YuNHf9QQFh%2B3JD5D0nykhuECR2YFaFMiWCT6JleVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
75d4b573bc7b1e89-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 09:04:56 GMT
jquery.min.js
f6aec.top/js/ 		0
0
Primary Request /
e0gtd.top/ 		29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e0gtd.top/
Requested by
Host: 2f13o.top
URL: https://2f13o.top/?y=st1666299169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4419bff3be423c6e0874325be5444a869a78ac4881533672418ef5dfc41e050e

Request headers

Referer
https://2f13o.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d4b5749d921e89-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 21:04:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BAio7p%2FxedHh0pwo78pRanvmXfSbs2HeBzBa3Iy8ZER1Fo5H51lQCemvVs1xeY%2FU0ej0ub1Ht%2F0SSamUdjFZ%2FChmwmlpsurRzs%2Fc0xCSRPgd2vWjAQcQea9HlChdpo3Y9GbuQcBXj0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
23202588
cdn-cachedat
2021-06-08 14:36:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e4b57df35f58008829c4ad4c6a654779
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
75d4b5757b18bba4-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 02:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 02:20:57 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3106932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqQ8MIgJX6YILy6YWZQE03Lp3M5qLr603SnnAUhh0i%2B44NIh%2BvQCwY1nUGQBFqiAx2sy37UEiKSun6TCG%2BT4ingTznyo%2FOf%2B84bM2Xh79bJuDcBaKcaIpu2f3DaY4bUDDCfVcbn0Iiljl4iMHGjpxxqc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4b575a88a9016-FRA
expires
Tue, 10 Oct 2023 21:04:57 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
23202572
cdn-cachedat
2021-06-08 14:30:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c3c8f06b39d99a3ca81dc8261fa6cd81
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
75d4b5757b1dbba4-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7950404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHCUdmsDvmFP%2FlLFFrE0Y8cYy4IlWYdWkYYMfFZ9U71ZmFP16F142Tx2E7rnJ7bKbq5GboZCZSqmRAageG9yWcw0r5RGq1wKRjvOukgVrlIBCHNp4nrm%2B6ThssS3a9NMg4cWnqQoSntY7dO%2BZbtISCC1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4b575a8899016-FRA
expires
Tue, 10 Oct 2023 21:04:57 GMT
pyes1.png
e0gtd.top/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e0gtd.top/images/pyes1.png
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 10:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6315cb51-1b86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMY1B8V33u7qZ5TxKRibN8THpkl%2BOWXw29gVKUofraQ%2BdkGgyJRF2Sj5zRaWdN4mwBJdquY%2BZ3TI5pAJA2RlUwIAB22KTaAZiNSBcfMSJyfrDgP2G9DK1BsB14j6%2BuuPI5XR6tmQ3VI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75d4b575eeb6ca5c-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7046
expires
Sat, 19 Nov 2022 21:04:57 GMT
SjHCv5u.jpg
i.imgur.com/
Redirect Chain
  • https://imgur.com/SjHCv5u.jpg
  • https://i.imgur.com/SjHCv5u.jpg
22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/SjHCv5u.jpg
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
H2
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e4dd24a22b497773170c65b4b00c5e8f49e4433d1d160a18ca37b295b9a53aad
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
656342
x-cache
HIT, HIT
content-length
22940
x-served-by
cache-iad-kiad7000093-IAD, cache-fra19141-FRA
last-modified
Wed, 21 Sep 2022 10:40:03 GMT
server
cat factory 1.0
x-timer
S1666299897.375121,VS0,VE4
etag
"dbe1b2b2f462c2e6115a88512b521fcd"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
4167, 1

Redirect headers

x-cache-hits
0
date
Thu, 20 Oct 2022 21:04:57 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
x-timer
S1666299897.315536,VS0,VE0
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/SjHCv5u.jpg
access-control-allow-origin
https://imgur.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4064-HHN
truncated
/ 		156 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://e0gtd.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 21:04:57 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3642330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5woKbNs%2FCwKYC5aAZX2mUplPIn2lB%2Bjgg%2BJu5afw40HoRhM4%2BZdJK3oFRPKQr8lmUn3f1oS7p%2F8Q%2FGljb03lZboStDC82wHYZhh%2F%2B%2FqK3PacRcUVoCDsZJfa99fKqmT6CwvNUu1O7ymvUTtDj50AOv2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d4b5761f00694b-FRA
expires
Tue, 10 Oct 2023 21:04:57 GMT
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9fbb2e2d8ef5f95429d4789c04eed85e
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b8a3d8948417af84fffc6514bf6901ac81c4dda4783e202aa46e72273d913427
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 21:04:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
d1bd2618cd3da745116a649b1f6799ae
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11332
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=365385184&si=9fbb2e2d8ef5f95429d4789c04eed85e&su=https%3A%2F%2F2f13o.top%2F&v=1.2.97&lv=1&sn=6989&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fe0gtd.top%2F%231666299897776&tt=Presidential%20Youth%20Empowerment%20Scheme
Requested by
Host: e0gtd.top
URL: https://e0gtd.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0gtd.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 21:04:59 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?d52286431818f45f39746a01f6e5528d
Domain
gibet.top
URL
https://gibet.top/js/jquery.min.js?t=1666299896&_=1666299896334
Domain
ozdg4.top
URL
https://ozdg4.top/js/jquery.min.js?t=1666299896&_=1666299896335
Domain
f6aec.top
URL
https://f6aec.top/js/jquery.min.js?t=1666299896&_=1666299896337

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Popper object| bootstrap function| smile string| message function| clickIE function| clickNS function| hh function| jp function| fh function| goon object| _hmt boolean| _bdhm_loaded_9fbb2e2d8ef5f95429d4789c04eed85e object| mini_tangram_log_fm7ed4

6 Cookies

Domain/Path Name / Value
2f13o.top/ Name: loclang
Value: de
.2f13o.top/ Name: godomain
Value: e0gtd.top
e0gtd.top/ Name: loclang
Value: de
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 21A1204519F028DF
.e0gtd.top/ Name: Hm_lvt_9fbb2e2d8ef5f95429d4789c04eed85e
Value: 1666299899
.e0gtd.top/ Name: Hm_lpvt_9fbb2e2d8ef5f95429d4789c04eed85e
Value: 1666299899

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f13o.top
ajax.googleapis.com
cdnjs.cloudflare.com
e0gtd.top
f6aec.top
gibet.top
hm.baidu.com
i.imgur.com
imgur.com
maxcdn.bootstrapcdn.com
ozdg4.top
f6aec.top
gibet.top
hm.baidu.com
ozdg4.top
103.235.46.191
151.101.12.193
199.232.192.193
2606:4700:3030::ac43:882e
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:80f::200a
2a06:98c1:3120::3
074b295eb82673a1eb1db4b3cb4e39e7374926cc0799d4022178ef2fcd619156
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
4419bff3be423c6e0874325be5444a869a78ac4881533672418ef5dfc41e050e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
b8a3d8948417af84fffc6514bf6901ac81c4dda4783e202aa46e72273d913427
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e4dd24a22b497773170c65b4b00c5e8f49e4433d1d160a18ca37b295b9a53aad