3g.zrphqt.top Open in urlscan Pro
2606:4700:3031::ac43:ac47  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 3g.zrphqt.top/	148 KB 25 KB	1308ms 105ms	Document text/html	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0501c9f18cc9dbb9b5e2b6f714d1b7d175ce07f199d34e1b0e66dc45572a217b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=14400 cf-cache-status EXPIRED cf-ray 89e62712192a9b6e-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 Jul 2024 08:58:19 GMT last-modified Fri, 05 Jul 2024 04:34:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8xeWTcv3bbdd5em4xPnuUi%2B9uDr8QyIQMpvshD1%2BQRp0YdQikcvGqByzWMOW5Taik6Dv%2Bf7qNjZWeny4NZh5l3FcL3Rgr%2Ffrt8PiZz5SjognBKjHbqGrZsL%2FEDLMovYp8DMelyppS0mKrKk"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.css 3g.zrphqt.top/template/1103/assets/css/	107 KB 19 KB	88ms 86ms	Stylesheet text/css	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/template/1103/assets/css/bootstrap.css Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e62691d160119e25959516c512d29d6f32cc639d232dca94eb8db13d3e9a2b41 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=132546 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 15 Oct 2019 07:54:30 GMT server cloudflare etag W/"5da57b36-205c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVBEqI%2BWTdLBolFdAMM37Zk2Cz0FWg91n0Vm2dNtfWcSvIJs%2Bp6G29r%2B3PpfrTIJo4SYLGhBUlXhHGkAhK81kEkxBw915ZCOLExYiP4jK%2BfwdqBIWIejOPxOall%2Fguh67M12FKcWzFtfWa5P"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 89e62712d9f69b6e-FRA expires Fri, 05 Jul 2024 20:58:19 GMT
GET H2	200	style.css 3g.zrphqt.top/template/1103/assets/css/	3 KB 1 KB	124ms 123ms	Stylesheet text/css	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/template/1103/assets/css/style.css Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec3dd0d2a6dd57fd9004f95e0a53e658ba2ce3f1e467f20adbe05d7865ed9d7a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=4334 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 15 Oct 2019 07:54:30 GMT server cloudflare etag W/"5da57b36-10ee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FEX5a2J8KOoiQKciTqApy4bA3xq1f4Xcd%2B%2BSjhQ0CiVyACQlqwB%2F1%2BD13BlH5AElFgpbKpVqhYGtiut8iuu0RMb8PXE8VRCDrAgtBs6WoaC%2FFzNhI16aV8AUbRRpmtGEKKh%2BBNrORL1wyA%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 89e62712d9f79b6e-FRA expires Fri, 05 Jul 2024 20:58:20 GMT
GET H2	200	logo.png 3g.zrphqt.top/template/1103/assets/img/	1 KB 1 KB	82ms 81ms	Image image/png	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/logo.png Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50645237367959de8839a98c3a6a7607bee6d04b6775fea1bcc0ac7b804e0aae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Tue, 15 Oct 2019 07:54:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da57b36-409" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9KdIm0RI7SUL%2FyKgCmr70ICCCEVyd6Jdxh9wS4F0KjvZdgf7RiTxTTwk7Vj4uiO8LCPkAyowcrwcbTTdUp2JcGsa9Zm%2Bwu%2B1rTdaWb5%2BPVG1kSIl2aTecVEDv%2BcVeLqJTz%2FpyeGY8NsYyQ3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712d9f89b6e-FRA alt-svc h3=":443"; ma=86400 content-length 1033 expires Sun, 04 Aug 2024 08:58:19 GMT
GET H2	200	1.jpg 3g.zrphqt.top/template/1103/assets/img/	19 KB 20 KB	83ms 82ms	Image image/jpeg	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/1.jpg Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ad7a7435112eea96b1529039e65188debec967a54198e32364f69595c4b421f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Wed, 16 Oct 2019 06:03:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da6b2b8-4cd7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amZcEaupaWLqu6hj4lRkfzTU2y4wSh56ka7KFjJUhA6fa9aMnepkFHnnwpk18y%2FanETdVUSeX5rjvszRF9J7kKa9yOEYpR4NPV21pnrRkPYUIZdfjk7Y%2BAYDM4qbxqWCSCh3SynP5fEVn1lU"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712d9fa9b6e-FRA alt-svc h3=":443"; ma=86400 content-length 19671 expires Sun, 04 Aug 2024 08:58:19 GMT
GET H2	200	2.jpg 3g.zrphqt.top/template/1103/assets/img/	33 KB 34 KB	112ms 111ms	Image image/jpeg	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/2.jpg Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45568a14ea601d7351687a06e0c42a9a8f3389ba2a326021fb2a8041cab9a8e9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Wed, 16 Oct 2019 06:03:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da6b2b8-84b1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wp201%2FDLLPaUWvhJHfwxTj5hmLogRVDfpgc5zQSILs4aDUGzcB%2B%2FCAAsFUI3%2FyAyhogV1C7mgm5AjvfH1jafLqPmtgl2ZZXlya1CqzJwb39GnebAqrK0OAbWrNIiQY4DO1S1aJobocvMMsgE"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712ea0f9b6e-FRA alt-svc h3=":443"; ma=86400 content-length 33969 expires Sun, 04 Aug 2024 08:58:20 GMT
GET H2	200	3.jpg 3g.zrphqt.top/template/1103/assets/img/	20 KB 20 KB	88ms 87ms	Image image/jpeg	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/3.jpg Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f615c730cd47975713c6ed222d30d3e517f8e72c75a9b1c842cfb514de308160 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Wed, 16 Oct 2019 06:03:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da6b2b8-50a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ellXYaxmLwV1KzVKA3DV%2B1HWHvPAwefe3QKr9mIkZW86M9RlAj7y1iBJ3b2hssMLf9fPDq%2BF%2BeMW5SuNMuqO0yfMV4w54etrXXbYfigMvD8y%2Fjv1x0IecehwibJycB2sEwL9SIdfFjv%2FadcF"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712ea129b6e-FRA alt-svc h3=":443"; ma=86400 content-length 20647 expires Sun, 04 Aug 2024 08:58:20 GMT
GET H2	200	user2.png 3g.zrphqt.top/template/1103/assets/img/	10 KB 10 KB	87ms 86ms	Image image/png	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/user2.png Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ab064ad3785058eb10bb72c7996e92a2f2f3f15a242422a71ec9e5e2f66967f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Tue, 15 Oct 2019 07:54:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da57b36-279a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlZ0C%2FNxYmr97ZBzGQYZnALZV19dXQE8aLiv4j9mxp2gqe2BkmQ1zyiX%2Bbf3D48dURBrQzFUgXSw3tXphzBK3QL4xiHAW7MejWCLnuzq3F0YH9ybuXAUX6XHJ6b8jYnyB%2BiKi5nvThQ%2FEEK%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712ea159b6e-FRA alt-svc h3=":443"; ma=86400 content-length 10138 expires Sun, 04 Aug 2024 08:58:20 GMT
GET H2	200	user.gif 3g.zrphqt.top/template/1103/assets/img/	5 KB 5 KB	81ms 80ms	Image image/gif	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3g.zrphqt.top/template/1103/assets/img/user.gif Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b72b80c7b76bd96a99c29fab50f1660c4d68a8dc2b3165e406f8ba9af1e4df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Tue, 15 Oct 2019 07:54:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da57b36-1439" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rkd742CwmrXl1WQ7SZBo2nc0aYdTxsddcU24VWVzS9luM5XrNc8Qan5tDkfnL9EIruqVjLuO2YSh12r9rBsX57ck4S31plgXqjW3VM2gE6vdqc9jfpLkK6dERhy7Lj32M53fv4Ll6%2BNJIU3"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 89e62712ea179b6e-FRA alt-svc h3=":443"; ma=86400 content-length 5177 expires Sun, 04 Aug 2024 08:58:20 GMT
GET H2	200	rocket-loader.min.js Show response 3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	46ms 45ms	Script application/javascript	2606:4700:3031::ac43:ac47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 28 Jun 2024 11:26:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"667e9dca-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9LqQ2sbz5Zglu6XqpVqbEgFyuGn698zW6VDThVT1zgg0IQK%2FUnxi5D1tImjqYSE48K0zuX0yZda38eg03Kmx3YCUPGkSUMbCC6tT85ryoRcmhRmmQepuYn7tFbiyO3gaQRsmVXtGFYqp%2Fsn8"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 89e62712ea199b6e-FRA expires Sun, 07 Jul 2024 08:58:19 GMT
GET H3	200	glyphicons-halflings-regular.woff 3g.zrphqt.top/template/1103/assets/fonts/	23 KB 23 KB	97ms 96ms	Font font/woff	172.67.172.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/template/1103/assets/fonts/glyphicons-halflings-regular.woff Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/template/1103/assets/css/bootstrap.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/template/1103/assets/css/bootstrap.css Origin https://3g.zrphqt.top Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT cf-cache-status REVALIDATED last-modified Tue, 15 Oct 2019 07:54:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da57b36-5b18" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLUezBMYngooDFHoUWnPVL1jWl9p%2Flsk5yjYsOYCOvk%2FWGyFFpcrP7xQ%2FdH%2BlMHQVpsF%2B6rRdbuqGQ6cE5qPnvnF0E4EgowCDVknyhus5XBOj9ljgKCAOEa5D9G9tSCT"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 89e62713cdbc5d9c-FRA alt-svc h3=":443"; ma=86400 content-length 23320
GET H3	200	Baidu.js Show response 3g.zrphqt.top/	94 B 604 B	82ms 82ms	Script application/javascript	172.67.172.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/Baidu.js Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fb8bbbb963373193489b57dca4935a80602a977ee1580d6b6bd4bf2812cc90c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=95 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 10 May 2024 02:09:46 GMT server cloudflare etag W/"663d81ea-5f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8R%2Bj3HelKo2eu8ydWtI%2FhGBWoZ2APs9z7d9x5N%2B8SoIfIqG6m9nr3j%2BU3TPTP2aNqS5RglyMYWYKiqTu9tDwL7iNSBfZygr49W7o8QldDxvxxn1j3TpLB6%2FMnmLRQq35"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 89e62713cdc25d9c-FRA expires Fri, 05 Jul 2024 20:58:20 GMT
GET H3	200	Aquery.js Show response 3g.zrphqt.top/	540 B 838 B	92ms 92ms	Script application/javascript	172.67.172.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/Aquery.js Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Tue, 10 Oct 2023 02:40:54 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag W/"6524b9b6-21c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2F8oiC%2F2EOxXuOQRm5wfADFOy5JHwSELN9kz1ldACZdDf%2BscfmCI1wl5pQzGyXKvKvGUZZQrYrd2XMCgV5sKFc3uaw%2BLbu7n7%2BDJJVTMjkmmkJ6U73cn7aXtu4VC7C%2F7"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 89e62713cdc75d9c-FRA alt-svc h3=":443"; ma=86400 expires Fri, 05 Jul 2024 20:58:20 GMT
GET H3	200	app.js Show response www.lelifi.com/app/	4 KB 2 KB	98ms 50ms	Script application/javascript	172.67.222.63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.lelifi.com/app/app.js?t=shang&c=google&mb=1 Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa9796e704e0041318d199e7fc438847267ddf81bc485f8554310751fd86bb20 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 20 Jun 2024 07:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4387 etag W/"6673d662-f96" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FMUyJqHgX7u6SdB4o%2FOKKP9dz%2BLAd0VqKs3f5HYKAlSXw0W7LF%2BQ%2FgIS5%2BlroSskY0C8TxsZPSX7SXjiwPI2zIrBP%2FPqFW%2BQDEsc2eELAMfgmpHuYZLLp6q5cJxX8d2EQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 89e62714f9ddbba9-FRA alt-svc h3=":443"; ma=86400 expires Fri, 05 Jul 2024 18:26:14 GMT
GET H3	200	favicon.ico 3g.zrphqt.top/	1 KB 1 KB	91ms 91ms	Other image/x-icon	172.67.172.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3g.zrphqt.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Oct 2023 02:40:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6524b9b6-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8WZZDqINFb0%2F4MJDgTpfnHHOpRm7HIbehJFeYapqq4h0YrCbToIVPrbD7fKHfN7E5c2ENnmJJKjFWnP3GoGA7LRzmh1z44o9eS%2BFJoCzd%2Fc230%2ByCTyzLZpWx1G7OQl"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 89e62714ef365d9c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	app.js Show response www.lelifi.com/app/	4 KB 2 KB	49ms 49ms	Script application/javascript	172.67.222.63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1 Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa9796e704e0041318d199e7fc438847267ddf81bc485f8554310751fd86bb20 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 08:58:20 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 20 Jun 2024 07:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4387 etag W/"6673d662-f96" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vd8ezuKFWWuidxTII9DQZ%2F56J36%2FzxHUpULpBk44lFHzWoeu66K%2FRRGnjJfuhbsHOPi9985ncu2v9cvT8JCrsEL79N1vhKFEySVsnG558v2WJueERjxpxSMRvvzE1vYuwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 89e627154a21bba9-FRA alt-svc h3=":443"; ma=86400 expires Fri, 05 Jul 2024 17:54:36 GMT
GET H/1.1	200 OK	s.gif api.share.baidu.com/	0 116 B	1766ms 261ms	Image text/plain	180.101.212.103 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL https://api.share.baidu.com/s.gif?l=http://3g.zrphqt.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 08:58:22 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	21875419.js Show response js.users.51.la/	5 KB 5 KB	588ms 248ms	Script application/javascript	163.181.92.249 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21875419.js Requested by Host: 3g.zrphqt.top URL: https://3g.zrphqt.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.92.249 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 8436ad908df0f5fb2678ab24c270ffd2ea0e2423b6f082030ab4819e90f90067 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 08:58:20 GMT Via cache15.l2de2[180,179,200-0,M], cache9.l2de2[180,0], ens-cache6.de5[194,193,200-0,M], ens-cache5.de5[199,0] X-Swift-CacheTime 0 X-Cache MISS TCP_MISS dirn:-2:-2 Connection keep-alive X-Swift-SaveTime Fri, 05 Jul 2024 08:58:20 GMT Content-Length 4898 Server Tengine Ali-Swift-Global-Savetime 1720169900 Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Content-Type EagleId a3b55c9917201699007604004e
GET H/1.1	200 OK	go1 ia.51.la/	0 185 B	731ms 503ms	Image text/plain	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21875419&rt=1720169900987&rl=1600*1200&lang=de-DE&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BFWWW.TUAV22.COM%252CWWW.767GAN%252CCON&ing=1&ekc=&sid=1720169900987&tt=WWW.TUAV22.COM%252CWWW.767GAN%252CCON%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.TUAV22.COM%252CWWW.767GAN%252CCON&cu=https%253A%252F%252F3g.zrphqt.top%252F&pu= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://3g.zrphqt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 08:58:21 GMT Connection keep-alive Content-Length 0 X-Ser BC198_lt-obgp-fujian-xiamen-33-cache-1, BC5_DE-Frankfurt-Frankfurt-11-cache-1

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| __cfQR boolean| __cfRLUnblockHandlers

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			3g.zrphqt.top/	1969-12-31 23:59:59	Name: __tins__21875419 Value: %7B%22sid%22%3A%201720169900987%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201720171700987%7D
			3g.zrphqt.top/	1969-12-31 23:59:59	Name: __51cke__ Value:
			3g.zrphqt.top/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3g.zrphqt.top
api.share.baidu.com
ia.51.la
js.users.51.la
www.lelifi.com
154.85.69.10
163.181.92.249
172.67.172.71
172.67.222.63
180.101.212.103
2606:4700:3031::ac43:ac47
0501c9f18cc9dbb9b5e2b6f714d1b7d175ce07f199d34e1b0e66dc45572a217b
2ad7a7435112eea96b1529039e65188debec967a54198e32364f69595c4b421f
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de
45568a14ea601d7351687a06e0c42a9a8f3389ba2a326021fb2a8041cab9a8e9
4fb8bbbb963373193489b57dca4935a80602a977ee1580d6b6bd4bf2812cc90c
50645237367959de8839a98c3a6a7607bee6d04b6775fea1bcc0ac7b804e0aae
7ab064ad3785058eb10bb72c7996e92a2f2f3f15a242422a71ec9e5e2f66967f
8436ad908df0f5fb2678ab24c270ffd2ea0e2423b6f082030ab4819e90f90067
aa9796e704e0041318d199e7fc438847267ddf81bc485f8554310751fd86bb20
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b72b80c7b76bd96a99c29fab50f1660c4d68a8dc2b3165e406f8ba9af1e4df
e62691d160119e25959516c512d29d6f32cc639d232dca94eb8db13d3e9a2b41
e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81
ec3dd0d2a6dd57fd9004f95e0a53e658ba2ce3f1e467f20adbe05d7865ed9d7a
f615c730cd47975713c6ed222d30d3e517f8e72c75a9b1c842cfb514de308160
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e