zip-post-gt.shop Open in urlscan Pro
2606:4700:3036::ac43:890e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qrco.de/bfZu47
Effective URL:
https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/
Submission: On November 21 via automatic, source phishtank (November 21st 2024, 4:34:48 am UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::ac43:890e, located in United States and belongs to CLOUDFLARENET, US. The main domain is zip-post-gt.shop.
TLS certificate: Issued by WE1 on November 19th 2024. Valid for: 3 months.

This is the only time zip-post-gt.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Correos de Guatemala (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.33.187.85 13.33.187.85	16509 (AMAZON-02) (AMAZON-02)
1 28	2606:4700:303... 2606:4700:3036::ac43:890e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	1

1 13.33.187.85 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-85.fra60.r.cloudfront.net

qrco.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3036::ac43:890e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zip-post-gt.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	zip-post-gt.shop 1 redirects zip-post-gt.shop	427 KB
1	qrco.de 1 redirects qrco.de — Cisco Umbrella Rank: 89256	352 B
27	2

	Domain	Requested by
28	zip-post-gt.shop	1 redirects zip-post-gt.shop
1	qrco.de	1 redirects
27	2

This site contains links to these domains. Also see Links.

Domain
correosytelegrafos.civ.gob.gt
sites.google.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
mail.correosytelegrafos.civ.gob.gt
seprem.gob.gt
radiotgw.gob.gt
www.agn.com.gt
dca.gob.gt
www.minfin.gob.gt
www.segeplan.gob.gt
observatorioplanificacion.cepal.org
www.albakeneth.gob.gt
www.sosep.gob.gt
insivumeh.gob.gt
www.cna.gob.gt
conred.gob.gt

Subject Issuer	Validity	Valid
zip-post-gt.shop WE1	`2024-11-19` - `2025-02-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/
Frame ID: E0C1E0468559160A131F97BF818237E8
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Seguimiento de envíos – Correos y Telégrafos

Page URL History Show full URLs

https://qrco.de/bfZu47 HTTP 302
https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ HTTP 301
https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

427 kB
Transfer

1087 kB
Size

0
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://correosytelegrafos.civ.gob.gt/

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/quienes-somos/
Title: QUIENES SOMOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/quienes-somos/autoridades/
Title: Autoridades

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/sinacig/
Title: SINACIG

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/sobre-correos/filatelia/
Title: FILATELIA

Search URL Search Domain Scan URL

URL: https://sites.google.com/view/museo-postal/inicio
Title: MUSEO DE CORREOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/contacto/
Title: AGENCIAS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/mapa-del-sitio/
Title: MAPA DEL SITIO

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/codigo-postal-2/
Title: CÓDIGO POSTAL

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/noticias-2/
Title: NOTICIAS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/tramites-en-linea/
Title: TRAMITES

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/formularios/
Title: FORMULARIOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/ley-de-acceso-a-la-informacion-publica/
Title: Ley de Acceso a la Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/Idiomas-2021/Espa%C3%B1ol-DECRETO-NUMERO-57-2008.pdf
Title: Idioma Español

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/ley-de-acceso-a-la-informacion-publica/idiomas-mayas/
Title: Idiomas Mayas

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/decreto-numero-57-2008-en-lenguaje-de-senas/
Title: Lenguaje de Señas

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/laip/
Title: Información Pública de Oficio

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/solicitud-de-informacion-publica/
Title: Solicitud de Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/formulario-informacion-publica/
Title: Formulario de Solicitud de Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/ley-presupuesto/
Title: Transparencia Presupuestaria

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/compras-por-covid-19/
Title: Compras por Covid-19

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia-activa/
Title: Transparencia Activa

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/tablero-de-rendicion-de-cuentas/
Title: Tablero de Rendición de Cuentas

Search URL Search Domain Scan URL

URL: https://www.facebook.com/correosdeguatemala/

Search URL Search Domain Scan URL

URL: https://twitter.com/correosgt

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCymg8Rlhw7N6Hr0n61In5Zw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/correosdeguatemala/

Search URL Search Domain Scan URL

URL: http://mail.correosytelegrafos.civ.gob.gt/

Search URL Search Domain Scan URL

URL: https://seprem.gob.gt/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCh4GjKBcqxOsL_Bt8gCCSLg

Search URL Search Domain Scan URL

URL: http://radiotgw.gob.gt/

Search URL Search Domain Scan URL

URL: https://www.agn.com.gt/

Search URL Search Domain Scan URL

URL: https://dca.gob.gt/noticias-guatemala-diario-centro-america/

Search URL Search Domain Scan URL

URL: https://www.minfin.gob.gt/index.php/presupuesto-ciudadano

Search URL Search Domain Scan URL

URL: https://www.segeplan.gob.gt/nportal/

Search URL Search Domain Scan URL

URL: https://observatorioplanificacion.cepal.org/es/planes/plan-nacional-de-desarrollo-katun-nuestra-guatemala-2032

Search URL Search Domain Scan URL

URL: https://www.albakeneth.gob.gt/inicio

Search URL Search Domain Scan URL

URL: https://www.minfin.gob.gt/index.php/2014-08-05-15-43-48

Search URL Search Domain Scan URL

URL: http://www.sosep.gob.gt/

Search URL Search Domain Scan URL

URL: https://insivumeh.gob.gt/

Search URL Search Domain Scan URL

URL: http://www.cna.gob.gt/

Search URL Search Domain Scan URL

URL: https://conred.gob.gt/site/index.php

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qrco.de/bfZu47 HTTP 302
https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ HTTP 301
https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Redirect Chain https://qrco.de/bfZu47 https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/	2 KB 1 KB	196ms 195ms	Document text/html	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `75e1388fa9a7eee282158644f5db1509e4744997b4bdb9f74a04663e8b581621` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8e5df80adb3bd352-FRA content-encoding zstd content-type text/html; charset=utf-8 date Thu, 21 Nov 2024 04:34:43 GMT last-modified Fri, 28 Jun 2024 12:33:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydx%2BX0B4VvZpYJDKt583fXhWzEKtKmgqA%2FmIT1rMWu7NXG9MChhi98l3PELhDnWQYF3Y57BF7dwEGI7rEKPFeGhmQwD%2BXYiyHaELgBEcQf1fD99ZXv2IHlrV4rlNvV%2BHrZ4KCfEefL4BtuXhZARW"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=19519&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4951&recv_bytes=4900&delivery_rate=698&cwnd=12000&unsent_bytes=0&cid=a8c78907bac9e292&ts=821&x=1" cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e5df806fe6cd352-FRA content-type text/html; charset=utf-8 date Thu, 21 Nov 2024 04:34:42 GMT location /RHXisNFMI4bf8rkfPJ/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcoDSkqSJnezxg%2BY7jpKu%2FkcCduoYXCvs7Ah0JCDvctFE1%2BSvW%2FU%2F0d7BkvLD1Y1JqXF3EYqkhYARxZf2n7VsSX4A9iWGl3cF4sTUsEjLVQPp1A3p9KpH0hMFcaGQfHv4FWu1Cgk2EEjXtrQ7xtS"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=19571&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4440&delivery_rate=620&cwnd=12000&unsent_bytes=0&cid=a8c78907bac9e292&ts=584&x=1" cfHdrFlush;dur=0 vary Accept
GET H3	200	index-bf7a901c.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	494 KB 147 KB	28ms 28ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `869f77ece42b84774389be1b422bbb7c9603dd60d8cf702dbec147e09e41695f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding gzip cf-cache-status HIT etag W/"7b688-1905ed5f2b0" age 8908 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJcCqfTYqdJ5RdOaM9CArRy7GBOIyeIPn2PE0KBY7ayaJLkf%2F2MW8NxijJ5lmksGondoWKR7n2GzX4bbZRbwijXMn8jN3WMYRmsnNUo084pn4Ia0PyArG%2FnZstfQqOsbntVtORxnsBbGxDnxiCmJ"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=19600&sent=18&recv=16&lost=0&retrans=0&sent_bytes=6496&recv_bytes=5682&delivery_rate=7861&cwnd=12000&unsent_bytes=0&cid=a8c78907bac9e292&ts=874&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:18 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80c3d03d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	f6170fbbZJxDN.css zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	952 B 1 KB	88ms 88ms	Stylesheet text/css	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/f6170fbbZJxDN.css Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding zstd cf-cache-status HIT etag W/"3b8-1905ed5db40" age 8908 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBFNRVc256QhcYPmGkCFvEg5w6mAMluKv9ZceTHz0Q6%2FaCrKFqkBCvGiNIK2yEnCdUWQIZnnSJbi3DOUxWJRNFbvZqdAY1FMidbSNYoEZUFDx2lZFtUJMch4D31ZepQNWfpD2zwKjM0EeyyRmHOS"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=19600&sent=28&recv=16&lost=0&retrans=0&sent_bytes=18496&recv_bytes=5682&delivery_rate=7861&cwnd=12000&unsent_bytes=0&cid=a8c78907bac9e292&ts=875&x=1", cfHdrFlush;dur=18 date Thu, 21 Nov 2024 04:34:43 GMT content-type text/css; charset=utf-8 last-modified Fri, 28 Jun 2024 12:33:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80c3d05d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	8cb3cce2p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	5 KB 2 KB	27ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/8cb3cce2p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79872cdbe5c5cfd8f2e804efe7ebbd082791324693a09cfba45d875a72a260ec` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1206-1905ed5e310" age 8908 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FH%2BeDLNmAEennwL75OtHohUJm97Mji6YbWkwwp34qnLt2EX8jpu4erdzcKr%2B54slp9BhwT0Ta2BLF7%2Fvl3XdNxTOzsls%2FoapIOSv7zS0fcp3k%2Bt6vTKZJ2hXkhXPU%2FoAbmlsscp9UkkRoDhWA95"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21068&sent=150&recv=67&lost=0&retrans=0&sent_bytes=161473&recv_bytes=8459&delivery_rate=2682878&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=997&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80d0de3d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	761adb39p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	52 KB 17 KB	28ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/761adb39p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `68e7a57cb00bb3660e86e9bd477e3244cdf3aad93a4e3bc6cccb0f9d9fb60629` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"d11e-1905ed5e310" age 8908 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZjYE%2FgqwPCrIMAR3k5QepCKKc7LKcvlqDr56R6hXLDvV7jScDBWbT4yQ8bxA9dQ6BYCX%2BJJBmI7ANxy9W1Nd8JPlYXFRwVKd7jN11Feg%2FaPir40WneDxs7v9HZTyNtbJXZHjRzx%2FqySApeCiABE"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21068&sent=152&recv=67&lost=0&retrans=0&sent_bytes=163647&recv_bytes=8459&delivery_rate=2682878&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=998&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80d0de5d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	1adf120fp8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	34 KB 11 KB	28ms 28ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/1adf120fp8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5182c9236c59d06e252103c8ca7d99766ffe93cd42de604b136cd9132e92d4ce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"8981-1905ed5e310" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxeP4%2B3XuokubM2D%2FHsV4wc16yfBr8LcgwHKUTx9x%2F%2BMl7kDgjOXF1GjKgyw%2FULDS7jVEhdJm%2B%2Bo7DElyYgyc8sYmUCgP0uAXgfq70DQVcdaQkgYku7ZtKiLCXEF1ZcJmytY9MnJXd8xzBKV5nHA"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=170&recv=77&lost=0&retrans=0&sent_bytes=182811&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1179&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f70d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	09bf01f8p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	2 KB 1 KB	28ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/09bf01f8p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eb3b7e6b19ebb3f64ace29f2fef4666d662419cf8d1d379cbd994a8c63e41708` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"7e7-1905ed5e310" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUQeq54aStrsAPkvSV41pFFuafSvnIUnUcReqOs%2B16hdc4xe8x5iOkvAmbQhAoO05bmMWAyKGVJrUuvYjGZ5Z1yljHPRC9lcR5VJF3LrDw1cL1rnFt1Nt9Htuj0x3bwdGKD540y0q%2Fk85jc9iX3%2F"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=168&recv=77&lost=0&retrans=0&sent_bytes=181244&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1178&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f71d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	f27f801fp8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	3 KB 2 KB	32ms 31ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/f27f801fp8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `21f2617543e01d7f4483acc444f826f8ec7a1a1cbc5ecc2dd847ec5c1a344276` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"a42-1905ed5eae0" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxTlCgOzb6eP8WhPO3vU6oYlF%2FhO5nzoYT0cZ%2BnbOc6c%2BfRSJ5nYo%2FSfDM8oE2oTkrUANb0Xv0FRcj8esOVF5z966dO3phcGJ5lb%2F8OQCdasR6pD1QGZwpfgAnN2aVhGskbf8dr1SFbo4Y%2Fk2kVc"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=215&recv=78&lost=0&retrans=0&sent_bytes=231176&recv_bytes=11476&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1183&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f73d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	ead18ee6p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	83 KB 19 KB	27ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/ead18ee6p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8298293a3d35cfae1344d68ab061f99e2fecdd2eaf7cdd362831eecd3018611` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"14b0b-1905ed5eae0" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQr8JrNrI6JIMSen6Or6VqsWwtWAApuMxIg%2B9RenLPg2xSKMEe4hQ%2FzIMMtzSLDZc0TuU3NU5dkvW%2B%2FvsCzux%2FXL%2FBi50zaJ6kEvWlOhNz5g4KS24gMe58lkrt8Tshxqqg5B00BvaO2NH6UMN9cw"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=180&recv=77&lost=0&retrans=0&sent_bytes=194728&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1179&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f76d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	d2e742eeZJxDN.css zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	47 KB 10 KB	29ms 29ms	Stylesheet text/css	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/d2e742eeZJxDN.css Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d2e742eefaebd1a45b00558e357378ddfa69cd4a985de10f4c38be7668d36ac6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding gzip cf-cache-status HIT etag W/"bcff-1905ed5db40" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4Pb7YuiKijGOB7ocsmEmpjCWL8ktBIBz6tml3CdSJ0UXWYfY21WJgXu36JpN9t3gL%2FfOJ8ai9Das3G9o0N9EhpAT8GgD5HJFZj4k%2B9YdkyvgmMxvMIjhjwztsRdpRm%2FhrCZJa7vXiFbanWw%2Bgt1"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=200&recv=77&lost=0&retrans=0&sent_bytes=217995&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1181&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type text/css; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:12 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f77d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	d85c99b2p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	6 KB 3 KB	28ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/d85c99b2p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `115c35c1da0826eb3e18b621d9aada994bcd6899fd7d26a4da25c974f09c64cf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1992-1905ed5eae0" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pN%2BqoY6a75JDzV6hqK3Em01NQFRV9LBQbj0q41JFE%2BL%2BRzDbq05%2Fe8%2BGy2tNJJyeFL2TchSN%2BkwYR8trxqEQxImt4QYqUugMp2mR%2FH2Nq%2FyRZF429ZE1HzwIqpClcS8L0GJ2N95u7U7g69EgE6C"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=197&recv=77&lost=0&retrans=0&sent_bytes=214846&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1180&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f78d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	c27b6911p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	2 KB 1 KB	29ms 29ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/c27b6911p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `746a17a5e6693f8d636a6d232a6e4d65b1b8f8c740fda15e7816ad56c202243b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"791-1905ed5e310" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=giFmRtZ9jCSHKch2tBTRzUQoVmeIpsmwvLNCokpLAE2EHzdheG93cf7Bi8AXSpJDKgarkTble9std33HGfVa97V%2BfLlMR5T%2FdavCap6HFVVJQtr9eWLLZ080HlKxa3m25tYRbCe3BviSaZCgRCXT"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=210&recv=77&lost=0&retrans=0&sent_bytes=228702&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1181&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f79d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	4cd1ec68ZJxDN.css zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	323 B 873 B	29ms 28ms	Stylesheet text/css	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/4cd1ec68ZJxDN.css Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding zstd cf-cache-status HIT etag W/"143-1905ed5db40" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwjDq4bMghUG7jrGcD4TJcXVHrEQrvH4UC3dPCs4g3XVGXYXwneK%2BqugFsKNTHsaJGU%2BywpgQZSsIl3rlqHgy5ImYCxHpYYFt1P0RfysWeCz9Z3usqinQfgfaqZhIIBggVRYgur6LpBaT%2BYIhjPj"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=212&recv=77&lost=0&retrans=0&sent_bytes=230232&recv_bytes=11114&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1182&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type text/css; charset=utf-8 last-modified Fri, 28 Jun 2024 12:33:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e2f7bd352-FRA access-control-allow-origin * server cloudflare
GET H3	200	favicon.ico zip-post-gt.shop/	3 KB 4 KB	28ms 27ms	Other image/vnd.microsoft.icon	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `635b178b9925a9b77797f1fb385f0913769aa4caca48122916a6e02f8af60085` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding zstd cf-cache-status HIT etag W/"b79-1905ed5c3d0" age 80 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvnaTAL5PBhA0ZEjig5VE4pj6tS0arP3%2FXs1SSBA%2BnF0ux99G8FGswC4t3%2FRZz%2BftiPAJ22tCfb2aSucgZ48Hl8w7ShhjVMasm5%2FnT%2F45SA%2BwCaxaTKAGTD%2FNUJEBGO3Bh44GUbnt%2F1awcZ9Plvn"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=21052&sent=217&recv=78&lost=0&retrans=0&sent_bytes=232949&recv_bytes=11476&delivery_rate=751909&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1189&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type image/vnd.microsoft.icon last-modified Fri, 28 Jun 2024 12:33:06 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df80e3f9ad352-FRA access-control-allow-origin * server cloudflare
POST H3	200	MC42MDg5MDQwMjQxNjk5ODgz Show response zip-post-gt.shop/api/	2 KB 2 KB	206ms 204ms	XHR application/json	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/api/MC42MDg5MDQwMjQxNjk5ODgz Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b74edf617b06194254bd1974162735d35a81a1723676679e7136138657963ac0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/encrypt Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC etag W/"684-Ox1ac+s9gSLg+Rrst+NGfY4QRoc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxkANvDA44ZPZZ0MhtBWTUuzbnX4f8MQYLofYI%2BiEeU0GRK98WJCAGpzOAWZFS%2Faem4SijAZ7ZsXQT0qZ53%2FPr4tjF%2Bmd1R6CeugbRIto2UIfvN4CROUtH4ZXLtZ%2BAR7hDTB48lCTovuW9TKAvQL"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df80ef87cd352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20693&sent=222&recv=86&lost=0&retrans=0&sent_bytes=236691&recv_bytes=12439&delivery_rate=2269024&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1483&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server cloudflare
GET H3	200	b21b86f6p8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	111 KB 33 KB	27ms 27ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3af3dd885c8e01a18962dc77697c31486b379ec844a89000bd1519a43dbc65b0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1bab2-1905ed5e310" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fl7%2FDcuhUgYNmzNYTIjMkmCe2x4Fxaql0k1Ck8R8lKkzO74PnHgVai32mHP2Oh7it%2FQDNOzG0%2BbiJnSdzYSCcnAMXrvQq4D7H3OTJlw7c266oj0vZ9eIh0OCMPAZkuqf%2Bg5LGPWhsJBkfoRCIL7p"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20543&sent=225&recv=88&lost=0&retrans=0&sent_bytes=238734&recv_bytes=12798&delivery_rate=9836&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1515&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df8103a3dd352-FRA access-control-allow-origin * server cloudflare
GET H3	200	/ Show response zip-post-gt.shop/socket.io/	118 B 721 B	192ms 192ms	XHR text/plain	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04P9 Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0f020e0fb00c82a429c7d4c870274de0b13cc67c7c804acc03a952a07ab2f4a1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnJW7gt00bRue2mNSVDgNu8VgMES3fnIde9nB9tMDpxJB7eqKqNGxE7oSGhdt6L8BAzeiVOZMxBvkTxJVHScc%2FS2zcvfKKPen%2Fos5Rdast8qsoFToq7V3VWSMFZTsdoJbfnKnOV4Gfy4SlLKdmPD"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df8108a8dd352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23976&sent=406&recv=106&lost=0&retrans=0&sent_bytes=447337&recv_bytes=15116&delivery_rate=432321&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1725&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H3	200	4183debfp8Gd4.js Show response zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	113 KB 36 KB	29ms 28ms	Script application/javascript	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/4183debfp8Gd4.js Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `98f30011c3924cdecfcf5d9463f0b85db4d63f27acebcd6859453ac488a5439b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1c2ae-1905ed5e310" age 8906 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sgs8VJ1AqWOCGJsF7ka0cRHUcbt735sA0m4ERjIK%2F2jESsJ%2BIwNe90uSGMkl%2FWJHftZ4BXXdnKRui4HaUtrBGrR8ynDjn%2BrQ5BA%2F0fHt5DlEi%2FuUbo2CjnBi4u48Ld45gvZyzEXi2zgkCWgLr3Y%2B"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20354&sent=257&recv=94&lost=0&retrans=0&sent_bytes=274207&recv_bytes=13930&delivery_rate=1311418&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1562&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Fri, 28 Jun 2024 12:33:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df8108a96d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	f4397cedZJxDN.css zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	400 B 945 B	28ms 27ms	Stylesheet text/css	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/f4397cedZJxDN.css Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers content-encoding zstd cf-cache-status HIT etag W/"190-1905ed5db40" age 8906 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ml5pZa7xhiEB%2BexXwzoR0SLdBKnaZh4D%2F7%2BsOejDkiFXNhTD6bVMnuLtfb7lORcaPA4evg7z%2FuaeHl%2Bd5be%2BGdgTMSAPeoz0%2FS7zTSCMQfp47f1mPSVKl1uYXD2Jgd9JlRPXHMYVcoEsrzrWImYk"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20354&sent=256&recv=94&lost=0&retrans=0&sent_bytes=273515&recv_bytes=13930&delivery_rate=1311418&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1562&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type text/css; charset=utf-8 last-modified Fri, 28 Jun 2024 12:33:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df8108a97d352-FRA access-control-allow-origin * server cloudflare
GET H3	200	7.jpg zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/layout/images/	53 KB 53 KB	38ms 37ms	Image image/jpeg	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/layout/images/7.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f37efde19c26bc18e1b670112ab5bb21d73973be63ce75862795dbf6148cf737` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers cf-cache-status HIT etag W/"d248-1905ed5c3d0" age 8906 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zol2VoCnSBeTrhmuErzqDN%2FBL%2FpGrI7QUWmI8oU6PF0N1ib%2FYyDh6h%2Fr1gTue%2B6Lp1DXknY95QbrMnrLRFSeNUYJ74gtoUUoy6VXjv%2BZG4UbgmWAzYv1UeSeboCGU0SzE8F05ww8IYxB4OII1Hw"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20213&sent=291&recv=99&lost=0&retrans=0&sent_bytes=311960&recv_bytes=14483&delivery_rate=1381738&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1629&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:43 GMT content-type image/jpeg last-modified Fri, 28 Jun 2024 12:33:06 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df810fb26d352-FRA accept-ranges bytes access-control-allow-origin * content-length 53832 server cloudflare
GET H3	200	2adefcbcZJxDN.woff2 zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/	75 KB 76 KB	33ms 32ms	Font font/woff2	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/2adefcbcZJxDN.woff2 Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/d2e742eeZJxDN.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zip-post-gt.shop Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/d2e742eeZJxDN.css Response headers cf-cache-status HIT etag W/"12d68-1905ed5db40" age 8907 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTHEdwwFUbZXkpss%2F5c5nmE2bhw62X4k9ATJHFONKjyC%2FQ6hOiKDC2v5j93iqj2k27YqzWMjpnAE%2FAVV90EKcbWq22r4%2FoELlneIEPHsUvN60HeX1NAZdNTwHsxxFWMsOYIb%2FOlju5aZYBFZGt%2FR"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24400&sent=339&recv=105&lost=0&retrans=0&sent_bytes=367719&recv_bytes=15072&delivery_rate=1633747&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1698&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type font/woff2 last-modified Fri, 28 Jun 2024 12:33:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5df8116bb9d352-FRA accept-ranges bytes access-control-allow-origin * content-length 77160 server cloudflare
POST H3	200	/ Show response zip-post-gt.shop/socket.io/	2 B 604 B	194ms 192ms	XHR text/html	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04SO&sid=qfhRDYYtw8p16cO9ACGv Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Content-type text/plain;charset=UTF-8 Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gefD6ru0hL6q0mUf%2FWOQz8HIhrNnLzyAFwipetKGz5o9KTcXPdby08XWQlBJHdB1Nuc%2B43cc01lEnaJVFzGecfZaXBIBw2rEbW4JgBWnv8dCuPCszkM7wspHhItJLZv7SPmR8%2BpivOXfWSSo%2BepX"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df811dc5ed352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24826&sent=409&recv=116&lost=0&retrans=0&sent_bytes=448130&recv_bytes=16231&delivery_rate=2055958&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=1934&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/html server cloudflare
GET H3	200	/ Show response zip-post-gt.shop/socket.io/	32 B 629 B	339ms 339ms	XHR text/plain	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04SP&sid=qfhRDYYtw8p16cO9ACGv Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cdba2c6bea85c904ed6d42861ac9a6fd16e9caedf72e23920831ec4a8b8802f7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZ%2BH1nCSiWDzWIhy4hmZXNvKR8ARwMOhVzXZTa7XW8HkPklvZz%2BFQVuaV2tXrpzfpCyk40%2F0kJUDaFoJQ%2BPXtzzlccIP9udwIWGThHc2Rb41fkzH6BYzNb1Nw%2FEzJPPwLgwzUVC1QGO9RDbU%2BAjY"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df811dc62d352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 32 server-timing cfL4;desc="?proto=QUIC&rtt=24130&sent=410&recv=117&lost=0&retrans=0&sent_bytes=448758&recv_bytes=16276&delivery_rate=3191&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=2081&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H3	200	/ Show response zip-post-gt.shop/socket.io/	58 B 680 B	208ms 208ms	XHR text/plain	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04Xm&sid=qfhRDYYtw8p16cO9ACGv Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b3abeef30fafabc8191e52b14dc9f5e14f9a715b377a50de91e8329878b83c1a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gI7%2FWQo7Qr1TH0ILYzK4op9cL8C0tEX%2BHf8xuZ2X9JUv2%2BIDZG5ftbIVr48a6JW2HVQTkBqq0%2BqZJl6WFM%2Fw%2FIDBFiUQuJ%2FKZVFYJCrZXTZmNrtw%2FLV%2BHdZrmjIjPhYyaI19U6t3govfnRcf5bVw"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df813ff16d352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23993&sent=414&recv=120&lost=0&retrans=0&sent_bytes=450091&recv_bytes=17134&delivery_rate=28348&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=2291&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/plain; charset=UTF-8 server cloudflare
POST H3	200	/ Show response zip-post-gt.shop/socket.io/	2 B 607 B	182ms 182ms	XHR text/html	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04Xo&sid=qfhRDYYtw8p16cO9ACGv Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Content-type text/plain;charset=UTF-8 Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3qYEN7ZVAH2KI7Ky1iKBgIgTVQAc3D7anxlGSngRcCTq56pCSQkZpE07LvUam%2BQH%2FOJymOiH31v27%2FPJeO%2BGkKuqs%2BCUUWaths%2FH2pSqBtmzIBu1xbAT%2BJy5ib6gKMqOvaEBVj8ucSMuAqLktC0"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df813ff1bd352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23993&sent=413&recv=120&lost=0&retrans=0&sent_bytes=449460&recv_bytes=17134&delivery_rate=28348&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=2268&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/html server cloudflare
GET H3	200	/ Show response zip-post-gt.shop/socket.io/	98 B 706 B	187ms 186ms	XHR text/plain	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/socket.io/?EIO=4&transport=polling&t=PDD04b3&sid=qfhRDYYtw8p16cO9ACGv Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/b21b86f6p8Gd4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfbafe7e9e3d4cb2e46ecb1ca44daae5d7cb3b2dfb3ccb4aeca263922932b8dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59UFvm487hflRMfayHTNq6Yt0zaFxF9OG8Uhr%2B8CWE2Xg6GQtEBEn7KCl6HiS6KxvvKlaB8GsOZmwCG%2BXI0h2kaG6ALz4AkVkl6UfNhr5mRtSkbPBhaTISYkN5Onjf8Ls%2F0LFMgdiMNPwy%2FKLfC8"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df81548a7d352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23410&sent=416&recv=122&lost=0&retrans=0&sent_bytes=450820&recv_bytes=17542&delivery_rate=7124&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=2479&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:44 GMT content-type text/plain; charset=UTF-8 server cloudflare
POST H3	200	MC45NjQ0Mjc1OTkyMDkwNzc= Show response zip-post-gt.shop/api/	36 B 663 B	195ms 194ms	XHR application/json	2606:4700:3036::ac43:890e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zip-post-gt.shop/api/MC45NjQ0Mjc1OTkyMDkwNzc= Requested by Host: zip-post-gt.shop URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/assets/index-bf7a901c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:890e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9f310439a77558c0f68ad48311a07c3eec498a9bc79770d82fd534f2fb83a50` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/encrypt Referer https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag W/"24-i64z075EDEpVgu+lQ7mwjwIp40k" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTWwrsabqHIpxa2q%2FcZKekP3Fc6UIq1uFw4k7mYPfuaU%2FZlHU1UGF%2BJLkCGYA4ZijEphx9nsegt3wP2rIOVGCHTQfUQwiFPlqigx3dj6O6MjutuVkJ3s1n%2FMW8JADJyoj7HhwpIE7%2FvtXgAUJ1gC"}],"group":"cf-nel","max_age":604800} cf-ray 8e5df81f3e27d352-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 36 server-timing cfL4;desc="?proto=QUIC&rtt=23779&sent=418&recv=125&lost=0&retrans=0&sent_bytes=451574&recv_bytes=18292&delivery_rate=3746&cwnd=93600&unsent_bytes=0&cid=a8c78907bac9e292&ts=4080&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 04:34:46 GMT content-type application/json; charset=utf-8 server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Correos de Guatemala (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask boolean| __vite_is_modern_browser boolean| __VUE__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://zip-post-gt.shop/RHXisNFMI4bf8rkfPJ/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0201D001C3F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qrco.de
zip-post-gt.shop
13.33.187.85
2606:4700:3036::ac43:890e
0f020e0fb00c82a429c7d4c870274de0b13cc67c7c804acc03a952a07ab2f4a1
115c35c1da0826eb3e18b621d9aada994bcd6899fd7d26a4da25c974f09c64cf
21f2617543e01d7f4483acc444f826f8ec7a1a1cbc5ecc2dd847ec5c1a344276
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3af3dd885c8e01a18962dc77697c31486b379ec844a89000bd1519a43dbc65b0
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
5182c9236c59d06e252103c8ca7d99766ffe93cd42de604b136cd9132e92d4ce
635b178b9925a9b77797f1fb385f0913769aa4caca48122916a6e02f8af60085
68e7a57cb00bb3660e86e9bd477e3244cdf3aad93a4e3bc6cccb0f9d9fb60629
746a17a5e6693f8d636a6d232a6e4d65b1b8f8c740fda15e7816ad56c202243b
75e1388fa9a7eee282158644f5db1509e4744997b4bdb9f74a04663e8b581621
79872cdbe5c5cfd8f2e804efe7ebbd082791324693a09cfba45d875a72a260ec
869f77ece42b84774389be1b422bbb7c9603dd60d8cf702dbec147e09e41695f
98f30011c3924cdecfcf5d9463f0b85db4d63f27acebcd6859453ac488a5439b
b3abeef30fafabc8191e52b14dc9f5e14f9a715b377a50de91e8329878b83c1a
b74edf617b06194254bd1974162735d35a81a1723676679e7136138657963ac0
bfbafe7e9e3d4cb2e46ecb1ca44daae5d7cb3b2dfb3ccb4aeca263922932b8dc
cdba2c6bea85c904ed6d42861ac9a6fd16e9caedf72e23920831ec4a8b8802f7
d2e742eefaebd1a45b00558e357378ddfa69cd4a985de10f4c38be7668d36ac6
e9f310439a77558c0f68ad48311a07c3eec498a9bc79770d82fd534f2fb83a50
eb3b7e6b19ebb3f64ace29f2fef4666d662419cf8d1d379cbd994a8c63e41708
f37efde19c26bc18e1b670112ab5bb21d73973be63ce75862795dbf6148cf737
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
f8298293a3d35cfae1344d68ab061f99e2fecdd2eaf7cdd362831eecd3018611

zip-post-gt.shop Open in urlscan Pro 2606:4700:3036::ac43:890e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

427 kBTransfer

1087 kBSize

0 Cookies

42 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

zip-post-gt.shop Open in urlscan Pro
2606:4700:3036::ac43:890e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

427 kB
Transfer

1087 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!