urlscan.io logo urlscan.io
SecurityTrails logo

iii.rf.gd Open in urlscan Pro
185.27.134.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://iii.rf.gd/
Effective URL: https://iii.rf.gd/?i=1
Submission: On September 16 via api from NL — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 185.27.134.137, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is iii.rf.gd.
TLS certificate: Issued by GTS CA 1P5 on April 9th 2024. Valid for: 3 months.
This is the only time iii.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 185.27.134.137 34119 (WILDCARD-...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.16.151.108 13335 (CLOUDFLAR...)
1 2600:9000:205... ()
1 104.18.187.31 13335 (CLOUDFLAR...)
25 5
11    185.27.134.137 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
iii.rf.gd
11    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.16.151.108 (None, )

ASN13335 (CLOUDFLARENET, US)
www.guru99.com
1    2600:9000:2057:d600:2:6f7a:6f00:93a1 (United States)

ASN- ()
mllj2j8xvfl0.i.optimole.com
1    104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
12 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
227 KB
11 rf.gd
iii.rf.gd
627 KB
2 guru99.com
www.guru99.com — Cisco Umbrella Rank: 299298
44 KB
1 optimole.com
mllj2j8xvfl0.i.optimole.com
162 KB
25 4
Domain Requested by
12 cdn.jsdelivr.net iii.rf.gd
cdn.jsdelivr.net
11 iii.rf.gd 1 redirects iii.rf.gd
2 www.guru99.com iii.rf.gd
1 mllj2j8xvfl0.i.optimole.com iii.rf.gd
25 4

This site contains links to these domains. Also see Links.

Domain
wordpress.org
github.com
seatonjiang.com
Subject Issuer Validity Valid
iii.rf.gd
GTS CA 1P5		 2024-04-09 -
2024-07-08		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
www.guru99.com
WE1		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.i.optimole.com
Amazon RSA 2048 M03		 2024-02-10 -
2025-03-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://iii.rf.gd/?i=1
Frame ID: 61F33F7D1E2151F0DA8F7F068C8C0682
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Blog - My WordPress Blog

Page URL History Show full URLs

  1. http://iii.rf.gd/ HTTP 307
    https://iii.rf.gd/ Page URL
  2. https://iii.rf.gd/?i=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

60 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1059 kB
Transfer

1522 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://iii.rf.gd/ HTTP 307
    https://iii.rf.gd/ Page URL
  2. https://iii.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://iii.rf.gd/ HTTP 307
  • https://iii.rf.gd/
Request Chain 23
  • https://iii.rf.gd/favicon.ico HTTP 302
  • https://iii.rf.gd/wp-includes/images/w-logo-blue-white-bg.png

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
iii.rf.gd/
Redirect Chain
  • http://iii.rf.gd/
  • https://iii.rf.gd/
821 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
cd5873f81865202bf7d591b3c316140042940f3b60a7bf605023daf5af6eb066

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Mon, 16 Sep 2024 19:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Location
https://iii.rf.gd/
Non-Authoritative-Reason
HttpsUpgrades
aes.js
iii.rf.gd/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/aes.js
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Content-Encoding
br
Last-Modified
Sun, 15 Oct 2023 17:41:56 GMT
Server
nginx
ETag
W/"652c2464-35a5"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Primary Request /
iii.rf.gd/ 		40 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/?i=1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
acd065af08f98b9e31111cb4c08b8fed96a03d200a7cee13cf682c63b6174a2c

Request headers

Referer
https://iii.rf.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Sep 2024 19:33:16 GMT
Expires
Mon, 16 Sep 2024 19:33:16 GMT
Server
nginx
Transfer-Encoding
chunked
bootstrap.min.css
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/bootstrap.min.css?ver=4.5.0
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9af706d809db25e267d62315ca238810434420ccb0ce8e858c63c2e304907ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6468023
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25768
x-served-by
cache-fra-eddf8230032-FRA, cache-lga21962-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"272e2-bXKpq8TepBC9Z3cZlRRCBABEW6A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zXVMRvid8wXKfoz49wyWz0nlP%2B48wE9S4MxurY2sQM80PNxqwAgmkaGDZifHDPNnLtAmQBugbx2jCxImaHTKcOmfKQRT6w422ypv3DqQ5Pao8BrvKKEWIFzxE%2BG1TtF661vzhaetXDSzx5hde8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498c9b1dbeba-LHR
iconfont.min.css
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/ 		2 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/iconfont.min.css?ver=4.3.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c07308607edc7bfb1bb1d7ebd16f45fdfb3282512913eda64abb9606938ea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2121686
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
544
x-served-by
cache-fra-etou8220043-FRA, cache-lga21979-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"763-/r6Oxk2lyXCX98aAJtq6X7j5fR8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4c6THl2WSHOTbLaqPcYFHXKyazwT2T3HsQRmEYugxpfCJoGZValP%2BSk2LBmYaq4FM5UI5WoM9aOtOeDDc%2FvFn%2BCHWqhNR5ma4DjB4AcRiO2iqaWRlm2zo6ueIZyV%2B4cj6Sh6N3eJFc%2FV4UpxVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498c9b1ebeba-LHR
layer.min.css
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/layer.min.css?ver=3.1.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1b77a8a06e407af57b19c21c825940d8f11601bd9fb6088eb619f82f35c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11510023
x-jsd-version
4.3.1
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2441
x-served-by
cache-fra-eddf8230124-FRA, cache-lga21971-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2653-ernNBqfsOCE17HaazwzYjKP65JM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkBYjvvWbuz762FN%2FEodcbIGSQ1xRdEqTTIM%2BdhI3ozZrEPuqrK2nd%2FrjwXAezrhgZHjNPuhHjFFxiIVEJ4bS00rBRBTRgTjJZLBhzrKqVDQ423GmNIYwUOmLm7yj9aO%2F8G8ezJBlE7leJ1tX8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498c9b1cbeba-LHR
animate.min.css
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/animate.min.css?ver=4.1.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecded1560b58cc166b27af98c503e38e3755f4e689110521928212b6e3fa7d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
250942
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5644
x-served-by
cache-fra-eddf8230140-FRA, cache-lga21939-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"11847-IW1mQZI6ZN/VF6Et/yeESzgxrQk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDn2SBAbZYSrVC4BKQatyGLx3YSavdKSbLTcqjpNO7p1nFLPCpG61UGOTiW7LWAlwk96Z561CbDTG19OkCkYPlVRGu8I21CY2AkBX8VmlRxQ1cTNMek6wj%2B7LRaAFajH9n3f0hQo2NHT%2BP9rIKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498c9b20beba-LHR
style.css
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/style.css?ver=4.3.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd10f32b5c5e17a12e6a17a0de078c7e06ca6485eed02486b8744fee2e30af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11510023
x-jsd-version
4.3.1
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8609
x-served-by
cache-fra-eddf8230028-FRA, cache-lga21920-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"c11b-BPHskgqqrNWhkg1udkQU4xZ5sFY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1qbDiCvP0EHgtPADAsgaxPCnkuMJeIjoV1DAnF0EwL%2FgIgu2X5DFUuffr1AspQc5pnJc8Y3SZNX6u1sjasdiAiaxZmq28MnT5zU4338ZnCXG4SEFmZGy%2FROOwhYq%2FnjJyMUYMWBuCNxDyMB5yA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498c9b22beba-LHR
jquery.min.js
iii.rf.gd/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Content-Encoding
br
Last-Modified
Tue, 29 Aug 2023 02:44:24 GMT
Server
nginx
ETag
W/"15601-60406c9e7f200"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
Connection
keep-alive
Expires
Wed, 16 Oct 2024 19:33:16 GMT
jquery-migrate.min.js
iii.rf.gd/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Content-Encoding
br
Last-Modified
Fri, 09 Jun 2023 15:19:24 GMT
Server
nginx
ETag
W/"3509-5fdb3e4d9b700"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
Connection
keep-alive
Expires
Wed, 16 Oct 2024 19:33:16 GMT
default.jpg
iii.rf.gd/wp-content/themes/kratos-4.3.1/assets/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iii.rf.gd/wp-content/themes/kratos-4.3.1/assets/img/default.jpg
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
da93a528e0a466fc6d372dfa9270dae9e00a23a2ceb62fae728bcd24d4eabdd3

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Last-Modified
Tue, 09 Apr 2024 04:46:10 GMT
Server
nginx
ETag
"2d75-615a299df4740"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11637
Expires
Wed, 16 Oct 2024 19:33:16 GMT
2024-04-09_115154-1024x547.png
iii.rf.gd/wp-content/uploads/2024/04/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iii.rf.gd/wp-content/uploads/2024/04/2024-04-09_115154-1024x547.png
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
069665c03c59d3544a47fa4dc301f3715623ddc96c090b98543775143a26d1ff

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Last-Modified
Tue, 09 Apr 2024 03:52:33 GMT
Server
nginx
ETag
"49d78-615a1da1ebf30"
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302456
Expires
Wed, 16 Oct 2024 19:33:16 GMT
infinityfree-screenshot.png
www.guru99.com/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guru99.com/images/infinityfree-screenshot.png
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.151.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb21edc65f7fb655a3e80cafdf3fbde31db92edd0dbfc9b9796c3b26b23faa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=45700
content-disposition
inline; filename="infinityfree-screenshot.webp"
alt-svc
h3=":443"; ma=86400
content-length
42724
x-rocket
0
cf-bgj
imgq:85,h2pri
last-modified
Fri, 24 Jun 2022 11:07:50 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c43498d8e5c9535-LHR
expires
Mon, 15 Sep 2025 23:40:36 GMT
tp-logo.svg
www.guru99.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guru99.com/images/tp-logo.svg
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.151.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78330fda2cb1124901da2360168e955f09fc874b6846ddf1f069e7592a8ddcdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 08 Oct 2021 14:23:32 GMT
server
cloudflare
content-encoding
gzip
age
99655
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c43498d8e589535-LHR
alt-svc
h3=":443"; ma=86400
x-rocket
0
expires
Mon, 15 Sep 2025 14:06:28 GMT
infinityfree-2.png
mllj2j8xvfl0.i.optimole.com/cb:jC7e.37109/w:1901/h:919/q:90/f:best/https://themeisle.com/blog/wp-content/uploads/2020/08/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mllj2j8xvfl0.i.optimole.com/cb:jC7e.37109/w:1901/h:919/q:90/f:best/https://themeisle.com/blog/wp-content/uploads/2020/08/infinityfree-2.png
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d600:2:6f7a:6f00:93a1 , United States, ASN (),
Reverse DNS
Software
Optimole /
Resource Hash
9892ec18bf519825a79258c1dfbf3e353fc2a734b5b00cab3bf70492a4853167
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 14:20:33 GMT
content-security-policy
script-src 'none'
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
18764
x-cache
Hit from cloudfront
content-disposition
inline; filename="infinityfree-2.webp"
alt-svc
h3=":443"; ma=86400
content-length
164794
x-request-id
wRoiAQZjw80aUEEDk-vIH
server
Optimole
accept-ch
ECT
etag
"CswHX4X0w-cKhe66mwAhwbGq_QBupkA9s-n5GcQSxUs/RIjhkYjNiMDdhOWRmYjQ2MjFmYzQ4ODkxMWQzYTk4NzUyIg"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-id
71-1rUvKVqEt-z5W7Sz8zI9J1fqHcZls922JOWnI5Gv5djAO7rSoLg==
Snipaste_2021-01-01_19-56-00.webp
cdn.jsdelivr.net/gh/wdm1732418365/CDN/New%20folder/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/wdm1732418365/CDN/New%20folder/Snipaste_2021-01-01_19-56-00.webp
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1af30609a88eb5fb7875402ec2e3385327333f7547619b71a87634958beef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
127766
x-served-by
cache-fra-eddf8230112-FRA, cache-lga21945-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"1f316-KjtAP8VIE3VQgRPcuxivgy/DRBY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5Qq2YUTpyRlSlIiTEv47By4YRa5AVCNcPGeNfHm9xWI%2FReoa9Fxui493gUXDeq55oG58EHsBorqJkpJWhSAPnENXjPegBhb0qrNQmwooSFKet0%2FbtVMJx6fOb8uYqkIihs8Fkguv2L2eAQb99E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bbbbeba-LHR
2024-04-09_113323-1024x690.png
iii.rf.gd/wp-content/uploads/2024/04/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iii.rf.gd/wp-content/uploads/2024/04/2024-04-09_113323-1024x690.png
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5a2c25af045df3bfa7f56e7a342861b04fd95d49404d9400d0d8761d7547a6fe

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Last-Modified
Tue, 09 Apr 2024 03:35:20 GMT
Server
nginx
ETag
"28b97-615a19c8eb0f8"
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166807
Expires
Wed, 16 Oct 2024 19:33:16 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/bootstrap.bundle.min.js?ver=4.5.0
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f51db253088f27e3d2d8c81ef72da74450041c8999eefe87ad8df59f21aca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11510023
x-jsd-version
4.3.1
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21662
x-served-by
cache-fra-etou8220040-FRA, cache-lga21948-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13c8b-XN/a8jrcc88zKFNICiaqV6a+qUo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GK372xX0BuNE9gr1CY3mllG6APeQnWDMUnuKkQOWr%2Bt6bs6pgK%2FscAsukXW1PCjPvd5fjEsPuO5K952170WgWFWDXa7SNvLXao5LMt6XEc6PVrhyeqHneOO4P7lr7fsh64dnDvFIWzw%2Fc1NjOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bb5beba-LHR
layer.min.js
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/layer.min.js?ver=3.1.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5264264d922c47c3ba506142860aa8f954504fd66454a13cdd31d741d454577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
236737
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7872
x-served-by
cache-fra-eddf8230051-FRA, cache-lga21979-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"5446-veQiJfO5+eOchW6bNY9OFwVeHPg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2VxO8iuP9zz6UTCsz6XYbMnjsUPdQ0FDQO4cLehnBqi9XP74gE8JWNr8gFm1GP0e8QWxeLfNJqpRh06IkzEdKHtw%2FGzNCKmzmU2P%2BKwGfOL8TKuNSysNY0RmTOsvftLBj4xVHrBBWmotgKcGxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bb6beba-LHR
DPlayer.min.js
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/DPlayer.min.js?ver=4.3.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21ccff414dfee6727a39e97855d921c4db1fec5e1ef6b9cacc170e05bd22bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11510023
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15980
x-served-by
cache-fra-eddf8230101-FRA, cache-lga21928-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"ea87-PehQxxxzHNUh/ZPw4WH7a/Za50c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaDlaD1bpNgXN2c6KgsTJBItmQoVFCfFxkYVgv7qRzNcr8UFvRKedMJXu1O7BaOA8D1PUnUgQ%2FvMKVZwR91q5jObMCOrHcN1Y7%2BwO7CMNwWfWtRfxkC2UpwYgBcozI680056VTXsQ%2B9lTBGgrPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bb7beba-LHR
kratos.js
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/kratos.js?ver=4.3.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c570543d171b1b8128a57c30cd5240881c32412b0dac56f3361421985d1574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7102122
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1917
x-served-by
cache-fra-eddf8230131-FRA, cache-lga21944-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"183a-G6/0Bkz/eKwMgSv9U7QA8m2PsZo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkpzeA4n5NjUnBntnV%2Bq1VWVAAcBhnNi2J2r35fQGi8Wruah18GNdhcTJk8O1Npxu6zZD11%2BtjnpvJ%2FDsBW3Na7Iepgj89lNVBALv8DZbz2O91VneAz%2B1k%2FQ6BEq3Jadm%2F10%2FmGyAhOM4mNaW3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bb8beba-LHR
comments.min.js
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/js/comments.min.js?ver=4.3.1
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57c36e061ac4273c3b9617ee8209c490eaba414d5fd397b4ec2b40699e400ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iii.rf.gd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2814390
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
824
x-served-by
cache-fra-eddf8230114-FRA, cache-lga21922-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"73b-2HIAwEahdUnJbVKDT4FOgA5QKjo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJeZ2%2BBNK0rSsw3WccpXvh5s03w9vQWHaKwRetoIxesT%2FjNXw2BeiTDmyV55P0FJfAeh3rb0Xxhv4aaUnuVNXD2kAg3VKV4Fh8C66qq5Pwic4pe%2BIIpmeOMgGA%2B63TAND%2F%2FhxMW%2F%2FMh3VcDe1Dk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498d2bbabeba-LHR
0-1.jpg
iii.rf.gd/wp-content/uploads/2024/04/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iii.rf.gd/wp-content/uploads/2024/04/0-1.jpg
Requested by
Host: iii.rf.gd
URL: https://iii.rf.gd/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
3f96d4efa95113d5fe669388fe8ac029201353b086d85b417696a04b5e34a298

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:16 GMT
Last-Modified
Tue, 09 Apr 2024 04:47:51 GMT
Server
nginx
ETag
"1a0ac-615a29fe82788"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106668
Expires
Wed, 16 Oct 2024 19:33:16 GMT
iconfont.woff2
cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/fonts/iconfont/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/fonts/iconfont/iconfont.woff2?t=1618460466711
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/iconfont.min.css?ver=4.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7dc9bd1574090994acf87b90d5b9190157005e5e8eb35f0f01353b9de5f1ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/seatonjiang/kratos@v4.3.1/assets/css/iconfont.min.css?ver=4.3.1
Origin
https://iii.rf.gd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 19:33:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11510023
x-jsd-version
4.3.1
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6900
x-served-by
cache-fra-etou8220086-FRA, cache-lga21970-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1af4-gJgPKKPUfeH3Ov+HhWM9z5rkFlY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVgbLTb1xpYoOKbZxio2jKh%2BISiUPTexlotygU4lq1S1ICtXC4gv9Fp9rCVN4OvRQz0Wk5y0fp%2BL1%2FD%2B9Z7j%2B4i4tjy7HKXF72ADsmSZtjUrIkM591dc2XVkA%2FDQPKt7eCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c43498dac5163ae-LHR
w-logo-blue-white-bg.png
iii.rf.gd/wp-includes/images/
Redirect Chain
  • https://iii.rf.gd/favicon.ico
  • https://iii.rf.gd/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://iii.rf.gd/wp-includes/images/w-logo-blue-white-bg.png
Protocol
HTTP/1.1
Server
185.27.134.137 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer
https://iii.rf.gd/?i=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 19:33:17 GMT
Last-Modified
Tue, 16 Nov 2021 10:34:02 GMT
Server
nginx
ETag
"1017-5d0e576c0fa80"
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4119
Expires
Wed, 16 Oct 2024 19:33:17 GMT

Redirect headers

Date
Mon, 16 Sep 2024 19:33:17 GMT
Server
nginx
X-Redirect-By
WordPress
Content-Type
text/html; charset=UTF-8
Location
https://iii.rf.gd/wp-includes/images/w-logo-blue-white-bg.png
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Expires
Mon, 16 Sep 2024 19:33:17 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery object| bootstrap object| layer function| setImmediate function| clearImmediate function| DPlayer object| kratos function| grin object| ajaxcomment object| addComment

1 Cookies

Domain/Path Name / Value
iii.rf.gd/ Name: __test
Value: c5b222fde7361a98c5f74a1ddd8e6e76

1 Console Messages

Source Level URL
Text
security warning URL: https://iii.rf.gd/?i=1
Message:
Mixed Content: The page at 'https://iii.rf.gd/?i=1' was loaded over HTTPS, but requested an insecure element 'http://iii.rf.gd/wp-content/uploads/2024/04/0-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
iii.rf.gd
mllj2j8xvfl0.i.optimole.com
www.guru99.com
104.16.151.108
104.18.187.31
185.27.134.137
2600:9000:2057:d600:2:6f7a:6f00:93a1
2606:4700::6812:bb1f
069665c03c59d3544a47fa4dc301f3715623ddc96c090b98543775143a26d1ff
0b7dc9bd1574090994acf87b90d5b9190157005e5e8eb35f0f01353b9de5f1ca
24c570543d171b1b8128a57c30cd5240881c32412b0dac56f3361421985d1574
3f96d4efa95113d5fe669388fe8ac029201353b086d85b417696a04b5e34a298
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5a2c25af045df3bfa7f56e7a342861b04fd95d49404d9400d0d8761d7547a6fe
60f51db253088f27e3d2d8c81ef72da74450041c8999eefe87ad8df59f21aca8
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
78330fda2cb1124901da2360168e955f09fc874b6846ddf1f069e7592a8ddcdd
85c07308607edc7bfb1bb1d7ebd16f45fdfb3282512913eda64abb9606938ea2
90b1b77a8a06e407af57b19c21c825940d8f11601bd9fb6088eb619f82f35c8b
9892ec18bf519825a79258c1dfbf3e353fc2a734b5b00cab3bf70492a4853167
aa1af30609a88eb5fb7875402ec2e3385327333f7547619b71a87634958beef0
acd065af08f98b9e31111cb4c08b8fed96a03d200a7cee13cf682c63b6174a2c
b9af706d809db25e267d62315ca238810434420ccb0ce8e858c63c2e304907ba
c21ccff414dfee6727a39e97855d921c4db1fec5e1ef6b9cacc170e05bd22bce
c5264264d922c47c3ba506142860aa8f954504fd66454a13cdd31d741d454577
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd5873f81865202bf7d591b3c316140042940f3b60a7bf605023daf5af6eb066
d57c36e061ac4273c3b9617ee8209c490eaba414d5fd397b4ec2b40699e400ec
da93a528e0a466fc6d372dfa9270dae9e00a23a2ceb62fae728bcd24d4eabdd3
dcb21edc65f7fb655a3e80cafdf3fbde31db92edd0dbfc9b9796c3b26b23faa5
ecded1560b58cc166b27af98c503e38e3755f4e689110521928212b6e3fa7d77
efd10f32b5c5e17a12e6a17a0de078c7e06ca6485eed02486b8744fee2e30af4