rcffffqp.top Open in urlscan Pro
2606:4700:3037::ac43:c3a8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rcffffqp.top/
Effective URL:
https://rcffffqp.top/
Submission Tags: falconsandbox
Submission: On December 01 via api (December 1st 2024, 1:54:30 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:c3a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is rcffffqp.top.
TLS certificate: Issued by WE1 on November 22nd 2024. Valid for: 3 months.

This is the only time rcffffqp.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3037::ac43:c3a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.159.63 172.67.159.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	172.67.195.168 172.67.195.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	4

7 2606:4700:3037::ac43:c3a8 (United States)

ASN13335 (CLOUDFLARENET, US)

rcffffqp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.159.63 (United States)

ASN13335 (CLOUDFLARENET, US)

hu.bafanglaicai.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.195.168 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rcffffqp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	rcffffqp.top 1 redirects rcffffqp.top	384 KB
3	bafanglaicai.app hu.bafanglaicai.app	4 KB
27	2

	Domain	Requested by
15	rcffffqp.top	1 redirects rcffffqp.top
3	hu.bafanglaicai.app	rcffffqp.top hu.bafanglaicai.app
27	2

This site contains no links.

Subject Issuer	Validity	Valid
rcffffqp.top WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
bafanglaicai.app WE1	`2024-10-22` - `2025-01-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rcffffqp.top/
Frame ID: EA59892EC20FE8A267A33DC5B02F33ED
Requests: 19 HTTP requests in this frame

Frame: https://rcffffqp.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 78E7E467B357EA708C5D80D221A42C1D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://rcffffqp.top/ HTTP 307
https://rcffffqp.top/ Page URL

Page Statistics

27
Requests

59 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

386 kB
Transfer

2986 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rcffffqp.top/ HTTP 307
https://rcffffqp.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://rcffffqp.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rcffffqp.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rcffffqp.top/
Redirect Chain

http://rcffffqp.top/
https://rcffffqp.top/

13 KB
6 KB

879ms
628ms

Document
text/html

2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ede24ea7930d5d0f1dd41d85225631c198ad7cf727f53bc9b6f006979f3051d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eb391a6dc604223-EWR
content-encoding: zstd
content-type: text/html
date: Sun, 01 Dec 2024 13:54:24 GMT
last-modified: Wed, 20 Nov 2024 19:02:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMMbPKnSFIu6vWtwL8IFpk7p%2BYyCNoICS%2B%2FMmeEYEmkB%2BXwwVNcaQhZ3zhGBCx9uPbGLYvN4nDRdp3GqC8udy2djatxz0BDeOeYSMz640JP59qVZPl4nnYEbDu8XWnBD8AOLx4Xm9lKU7I8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=113718&min_rtt=113651&rtt_var=18003&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3984&recv_bytes=2312&delivery_rate=34212&cwnd=254&unsent_bytes=0&cid=6354a071bdb00762&ts=635&x=0"
vary: Accept-Encoding

Redirect headers

Location: https://rcffffqp.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 main.4d7bc528ef300bb77a47.css
rcffffqp.top/ 405 KB
87 KB 146ms
145ms Stylesheet
text/css 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/main.4d7bc528ef300bb77a47.css
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216ac2ed4fb401b782b3aedec58fa3011db42a583f7c0f3b3cfe2a677cf5bb99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-65417"
age: 5185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6p0En7MmStfzgBsoUPZLMH8dy4bpdBogaK0PhoxRfzfxd%2Fwku2VQnHF8T%2FW575%2BCYtkoIth4Z8Ly0CKQW0OkMk916F6df5hTb2NZOfG0TqHL3Ky0iIIajmfmNuLdINzupTi9A%2BSWqMZlog%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada404223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113810&min_rtt=113584&rtt_var=5831&sent=61&recv=21&lost=0&retrans=0&sent_bytes=58426&recv_bytes=2873&delivery_rate=90918&cwnd=258&unsent_bytes=0&cid=6354a071bdb00762&ts=796&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style-desktop.7ec8ed3b19fabb19d057.css
rcffffqp.top/ 338 B
707 B 137ms
136ms Stylesheet
text/css 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/style-desktop.7ec8ed3b19fabb19d057.css
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322deb24d6d5efcf38e98818033dc373a21e67a4535703a0bae2772b13d9f5ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"673c4cbc-152"
age: 5185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fa2XvSqbHvujDGeQ2DXFHpxKhHfPJ7ROPqaTza8IqecPM4C41%2FMfGQLT7U47uVJZAu6U7CNY4bNc6L%2BjnD5p5DH0%2B2axM8CAEAppVk42PNd96F8R1pmJhHNQFMi1OzpuNzyrlz8nyg5Zvqw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada454223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113810&min_rtt=113584&rtt_var=5831&sent=55&recv=21&lost=0&retrans=0&sent_bytes=51396&recv_bytes=2873&delivery_rate=90918&cwnd=258&unsent_bytes=1297&cid=6354a071bdb00762&ts=786&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mtproto.worker.ae3e8dc772cae8b81c0e.chunk.js Show response
rcffffqp.top/ 742 KB
203 KB 621ms
620ms Script
application/javascript 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/mtproto.worker.ae3e8dc772cae8b81c0e.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8abc78d788514ae251fdb808e33042a2312c180ec76f667d9abc40ca90e787b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rcffffqp.top
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"673c4cbc-b988a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwXSOlB%2Ba8CxQkABLB6QHHXhhA%2F4qltlxxj%2BNc85YWjH49mkUnkorO26ytfXxjay1vS2wMuOlxpCiSkILwenP15wZlzqyePrV2yBefQ1LFCxaLyEpdTlcVbNlB%2FTH7joRKTxZdH63Dmab3o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada464223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113734&min_rtt=113470&rtt_var=52&sent=133&recv=104&lost=0&retrans=0&sent_bytes=148261&recv_bytes=2873&delivery_rate=470015&cwnd=258&unsent_bytes=0&cid=6354a071bdb00762&ts=1263&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 85.205de0b3350ad6e5100a.bundle.js Show response
rcffffqp.top/ 8 KB
3 KB 136ms
136ms Script
application/javascript 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/85.205de0b3350ad6e5100a.bundle.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86df896f198a8e1944a598dfecc75244aefcef64fdca604b2b557017693aa180

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-1e33"
age: 5185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=345FZgUsU8KMbYb1GMYiWuUNlp585uSJ4rpj1ir17Hhb2rI4ekvBSzmU%2BzYpJC%2FBwgUP4zVMhvXjAwL18mimGrzBsdF7Sn8fp%2BRd23148jww69xIzpUyEoHo89vVF8i86leJygD2Ur1pNVc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada474223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113810&min_rtt=113584&rtt_var=5831&sent=37&recv=21&lost=0&retrans=0&sent_bytes=28050&recv_bytes=2873&delivery_rate=90918&cwnd=258&unsent_bytes=24643&cid=6354a071bdb00762&ts=783&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 116.34cfd7ff5c594baefb32.bundle.js Show response
rcffffqp.top/ 24 KB
9 KB 134ms
134ms Script
application/javascript 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/116.34cfd7ff5c594baefb32.bundle.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d775e5b4a49b49c652204d0833ae4e62066eef5828d2b5d0de0ebd403923c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-5f70"
age: 5185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUEfSS4vFA4KM9gqGE9g5ER6%2F8Xa3m5NBou3okZIOV%2BLOt%2FILcpqB85ZJoF1ZfRWIJ7mjD7Lkx3ujiYEOwzisGMu7oJl0%2F%2BQ6wjKSENcaDOH%2B0fH8RicGkcEqw6NYVGLBk3SJJNf%2FSW5JVA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada494223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113810&min_rtt=113584&rtt_var=5831&sent=31&recv=21&lost=0&retrans=0&sent_bytes=20268&recv_bytes=2873&delivery_rate=90918&cwnd=258&unsent_bytes=24502&cid=6354a071bdb00762&ts=782&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main.e909e0d1fb62ea42e9d0.bundle.js Show response
rcffffqp.top/ 83 KB
33 KB 131ms
130ms Script
application/javascript 2606:4700:3037::ac43:c3a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c3a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b835729ba4dd30814748fbecc109ae6f66ca710bfe5331e814dcb7bbabb3573c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-14df8"
age: 5185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qzxv1EGa3MKIyAA21QPsqRHQx81yxSD8zH7a5U%2F4LQbSjOKjSOMQJmZtaEYPIQDWFLW2sW5uehry7uaxTHDgv3lSY02yYJZR0Pvpkdn0ajmLdMCYuxJ12anDC2GvpyOepHpgv15G%2FvNO0D0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aada4b4223-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113810&min_rtt=113584&rtt_var=5831&sent=22&recv=21&lost=0&retrans=0&sent_bytes=10556&recv_bytes=2873&delivery_rate=90918&cwnd=258&unsent_bytes=0&cid=6354a071bdb00762&ts=781&x=0"
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 script.js Show response
hu.bafanglaicai.app/ 3 KB
2 KB 633ms
542ms Script
application/javascript 172.67.159.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hu.bafanglaicai.app/script.js

Requested by

Host: rcffffqp.top
URL: https://rcffffqp.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023d8e20a6dc800a6415a305418e11c27484c01ab373778d26d87e8b020961c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"a11-19196e5b838"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbOtodo5FPnZNYWMUgkpCKw8LoQquF%2Fd48X%2B9HmysA9m6B93LxzMgcju1GIa6AeG4rI01WgmB0%2Bet64ZRH8qKb0puApj4shFDvADbAWsRDZljUwsOx5OKNBgsjSP279%2BHSWDnust"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40356&min_rtt=37220&rtt_var=12140&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4366&delivery_rate=450&cwnd=12000&unsent_bytes=0&cid=c41a9a76f887b01b&ts=557&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 28 Aug 2024 02:52:03 GMT
vary: Accept-Encoding
priority: u=3,i=?0
content-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
cache-control: public, max-age=14400
x-dns-prefetch-control: on
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eb391ab3b5ea5f9-FRA
server: cloudflare

GET mtproto.worker.ae3e8dc772cae8b81c0e.chunk.js
rcffffqp.top/ Frame 0
0

GET crypto.worker.1addef60de53de89c181.chunk.js
rcffffqp.top/ Frame 0
0

GET
H3 200 crypto.worker.1addef60de53de89c181.chunk.js Show response
rcffffqp.top/ 24 KB
0 58ms
58ms Fetch
application/javascript 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/crypto.worker.1addef60de53de89c181.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5931974f456235914cbd864a86d028ea166b3211f36f1734265c2de4dcff3676

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-5e2f"
age: 5393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26DH2XqWxSTZI7w2ydFdzAWNSadkgOUSC1KLTyN9TYmhrIFdXJ6n%2FRUcUsimSkH45B0dnquSR%2FfAsuyLNQFjOgivHZtaFPyU00aoR%2BhczXpTDtHED9C%2BcAF8HZ9SkRU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aebf475d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37593&min_rtt=36810&rtt_var=6526&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4289&recv_bytes=5733&delivery_rate=450&cwnd=12000&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=678&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

main.js Show response
rcffffqp.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 78E7
Redirect Chain

https://rcffffqp.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rcffffqp.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
5 KB

52ms
52ms

Script
application/javascript

172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rcffffqp.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Protocol

Server

172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5fe3a18ba3dedced1f94819b99ea57ba77e554a35b9ccea9ae0e473112427d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1oTfMvY%2BI5dPr9EoMt%2F1mue0DzOKggaBx4E6MHibE1U4oBu1GZ84mKYJKyX7zq1W9uFotrQdfOkRBb0gBz96%2FdmLO1PfNNuTql2SqYvTx3pM2OpOVCi2QLmHNUpTkM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8eb391af4fcb5d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40486&min_rtt=36677&rtt_var=5369&sent=48&recv=33&lost=0&retrans=0&sent_bytes=39217&recv_bytes=7483&delivery_rate=394796&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=768&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmZ9SM6dad8zt%2Fa8meKix3rt%2BumEAiUcZDFHSsl5wp3mHUlF1r3xJlp071i%2BX2ISDvATDvhTmpGhKhDDct87%2BAkODNDaAWDgiYighbmuHMCFf5DknE9GSkFj3nhlCyI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aebf4b5d91-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=37593&min_rtt=36810&rtt_var=6526&sent=26&recv=17&lost=0&retrans=0&sent_bytes=16313&recv_bytes=6558&delivery_rate=450&cwnd=12000&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=693&x=1", cfHdrFlush;dur=23
date: Sun, 01 Dec 2024 13:54:25 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H3 204 send
hu.bafanglaicai.app/api/ Frame 0
0 623ms
581ms Preflight 172.67.159.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hu.bafanglaicai.app/api/send

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rcffffqp.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eb391aefeb89761-FRA
content-length: 0
content-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
date: Sun, 01 Dec 2024 13:54:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4BEJ5rpH53nLBZ%2Bov4QfkmwrvmXAJ%2BvlCAywKcsZfqSFtl0ziwB5Vvq2dyGi09fvTIm%2BJEMUay3Ut4i2jmsGYsJTnInnqlHbkhqjLx5tLVkM3AaO7IlDs1jJqWkmEQ8kZJ3SzdG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37003&min_rtt=36664&rtt_var=6003&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2185&recv_bytes=4200&delivery_rate=451&cwnd=12000&unsent_bytes=0&cid=d579ca9b2cb77aa6&ts=585&x=1" cfExtPri cfHdrFlush;dur=0
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on

POST
H3 200 send Show response
hu.bafanglaicai.app/api/ 593 B
1 KB 322ms
321ms Fetch
text/plain 172.67.159.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hu.bafanglaicai.app/api/send

Requested by

Host: hu.bafanglaicai.app
URL: https://hu.bafanglaicai.app/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34dc27f94c06bbc57f0e5a59311eb00dc89a0a53c056f1427299adb3005bed93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://rcffffqp.top/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"t535ir3fskgh"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiptfMaODS8AnHM8I24XFMFWoQs1X%2FzEucqmjoeMMh4tDp1MLWMTWAY6M%2FtOOJ4uuXjv17SJBhp8dzHJvOR15j2tW73oLugdcnfs0Fxg%2BDXVS7G8QW9jJguYM0TmB%2Fybagy2i9r8"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36986&min_rtt=36664&rtt_var=4536&sent=12&recv=11&lost=0&retrans=0&sent_bytes=3115&recv_bytes=4742&delivery_rate=24167&cwnd=12000&unsent_bytes=0&cid=d579ca9b2cb77aa6&ts=906&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: text/plain
vary: Accept-Encoding
priority: u=1,i
content-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
cf-ray: 8eb391b2ab1b9761-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 favicon.ico
rcffffqp.top/assets/img/ 15 KB
4 KB 746ms
746ms Other
image/x-icon 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/assets/img/favicon.ico?v=jw3mK7G9Ry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"673c4cbc-3aee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehDaX1Y8ASQolRe1vD6jx0LqWSzGjH9PZ6vTc0f4aAwYED7n6JrC%2Fad1fUDbUK8dyJqO%2Bb0ZBpP%2BzKcs9T855YMOnJqowMTR6A02%2B1f5pdYdMaIwcW5wbAo%2B%2FUzes14%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aecf5a5d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38041&min_rtt=36677&rtt_var=706&sent=86&recv=69&lost=0&retrans=0&sent_bytes=72831&recv_bytes=27220&delivery_rate=113495&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=1383&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: image/x-icon
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 104.b23fc99c0ad8aab75e1a.chunk.js Show response
rcffffqp.top/ 69 KB
23 KB 775ms
775ms Script
application/javascript 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/104.b23fc99c0ad8aab75e1a.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e3e93f0c28761d227195423db2f66c2a7eba747a95b559c7ca0e5ea6d84b57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbd-1158d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfMifOUrmUI5UYECamBEA7CmPxNj1PtkqMhnbW6yOLT%2FYfTjjb%2B24JlPn1UEyaxpGULUaCO9C0wvsolwM8yQGwAblf1juUl7EbeDCQDPi4u1Gy4eCzC1aiNCNqbHup4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aedf5f5d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38041&min_rtt=36677&rtt_var=706&sent=91&recv=69&lost=0&retrans=0&sent_bytes=77235&recv_bytes=27220&delivery_rate=113495&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=1415&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:53 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 301.057f4a981945e824c78f.chunk.js Show response
rcffffqp.top/ 2 KB
2 KB 547ms
547ms Script
application/javascript 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/301.057f4a981945e824c78f.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbcb6292e07ba83febf941b3358849207493bc6e8f80a41817eb93dec0a19fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbc-6fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9h2sNNXmqFUiHbl1wmn%2BH5t7XOEjBLwUQa1%2BsyWXLBXW97RkfmgxXCJ90lzjumInZWlDxkt0vFt0%2BNQ06BVi1sKEcigdU1MqZdsrdDAD5ZREQ5BFpeDkZmnF7WXX4jQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aedf605d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38909&min_rtt=36677&rtt_var=2930&sent=69&recv=54&lost=0&retrans=0&sent_bytes=56801&recv_bytes=25193&delivery_rate=14074&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=1188&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 8.228cb76ce437b01a2aeb.chunk.js Show response
rcffffqp.top/ 24 KB
5 KB 566ms
566ms Script
application/javascript 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/8.228cb76ce437b01a2aeb.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e74cf0340e76907f2473078d537e2161dd18cc46889fcda005c8d704967e37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbc-5e90"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAIc1YoYVvmPM5IA5MhFrzg%2Fwy2KrdE52fzaBE2N6%2F0GaD5ayyeQXEe1cVSINkzSvnY5OBkY%2BzVrTQDXtNgruyGAL09X%2Bkoc9PmfStrn4oxaxQ%2BHyMDTqgvIUFnBR8Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391aedf645d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38909&min_rtt=36677&rtt_var=2930&sent=71&recv=54&lost=0&retrans=0&sent_bytes=58395&recv_bytes=25193&delivery_rate=14074&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=1206&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8eb391a6dc604223 Show response
rcffffqp.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 78E7 0
1 KB 59ms
52ms XHR
text/plain 172.67.195.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/cdn-cgi/challenge-platform/h/b/jsd/r/8eb391a6dc604223
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vARskR%2F%2BijVV2ELpoREY%2F6%2Bw2xlKdzpTSwgPeg8RitNv6ZzOFxTuEbhlyTQz0CFUJdNHZ6o1XnAV5gSV2VIizqbV8%2BprBhkGVacE5sb5SBh%2FmzL3OGWgeQHHN5sr5Go%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391afd8665d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39057&min_rtt=36677&rtt_var=3511&sent=58&recv=53&lost=0&retrans=0&sent_bytes=44301&recv_bytes=25149&delivery_rate=123148&cwnd=28800&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=865&x=1", cfHdrFlush;dur=0
content-length: 0
date: Sun, 01 Dec 2024 13:54:25 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 41.6ab156a3a39d7a08893f.chunk.js Show response
rcffffqp.top/ 35 KB
0 676ms
676ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/41.6ab156a3a39d7a08893f.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b2508b04b3bef5275419629c0e3f1f01df2cf69c6c97c245373f49317a1a3b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbc-8d61"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pz93JPLUBl45qJYyFNxHqcV%2Be7bfa8cRUjXxuqs1faW5t2l5PxY4nO9ireAgm71aptLBRHr1Y2F5LqijCKpgNqts%2BGOVKfAk3BE%2FV4PP1WRwUQZ1kf6XWxv3b2VBQCM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391b2fb615d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37689&min_rtt=36677&rtt_var=261&sent=534&recv=126&lost=0&retrans=0&sent_bytes=601860&recv_bytes=31078&delivery_rate=67997&cwnd=231900&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=2118&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 480.e548ea77058f9dac9735.chunk.js Show response
rcffffqp.top/ 1 MB
0 67ms
67ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/480.e548ea77058f9dac9735.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f7efab411bf842717576412603ebcdf5401ad6785e6f6b955b43d11b416ac6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673c4cbc-16d484"
age: 5393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjbkERGXcPiPR7hWQLnwr3Q1hZgyZtO1KL8b40MilUNwbER1jI%2B3Pj%2FP%2FmxHjifLHd3JtaTIba8Ons4ttVy34SgsrqMeDoEAj0S0kk%2BeX4YyBDeTqcuzrGWRVialc2k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391b3dc285d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38697&min_rtt=36677&rtt_var=1252&sent=114&recv=82&lost=0&retrans=0&sent_bytes=101787&recv_bytes=29091&delivery_rate=351209&cwnd=33600&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=1511&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:26 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 709.ae8e0000f4edcfe60aba.chunk.js Show response
rcffffqp.top/ 5 KB
0 562ms
562ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/709.ae8e0000f4edcfe60aba.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aed6ee03b7270790b11cd8f6f8100e3aa9894dc8f719f80fb25329eb90c8d7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbd-148d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eY08yEh2yaLQjVlRTW0nVPJqlBfD%2FL681OxH29Std7SJw%2F2wJRqhvj9J8bq00UhSfhpJA7sRNqA2iGb%2F%2F8P4UzFpeoTmhQXdEQNqGWAenmM%2B%2ByBqdM7arOKN8zvWzWs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391b3dc2c5d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37680&min_rtt=36677&rtt_var=325&sent=531&recv=125&lost=0&retrans=0&sent_bytes=598660&recv_bytes=31033&delivery_rate=5766439&cwnd=231900&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=2005&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:53 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js Show response
rcffffqp.top/ 64 KB
0 788ms
788ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://rcffffqp.top/npm.qr-code-styling.f8f57a1c721e03c3f699.chunk.js
Requested by: Host: rcffffqp.top
URL: https://rcffffqp.top/main.e909e0d1fb62ea42e9d0.bundle.js
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 932e9a817af82373fc18ab3c39ad1bbc706d3b4e5979407c0ad4f5320b099136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rcffffqp.top/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"673c4cbc-ff4e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BNWdi9Cn0c8xaNQssHGJv6Wmwn6HM37W0Vm3SHX390RaqSp7%2BTNxAq61sM2A0BLtCz5fLoSs1MmbYc9UdnrU5sVT9OznmCNvvzQ8efANRcTVNCILtpsIfl3%2B5l0U%2B8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eb391b8685b5d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37741&min_rtt=36677&rtt_var=378&sent=551&recv=130&lost=0&retrans=0&sent_bytes=619365&recv_bytes=32566&delivery_rate=466693&cwnd=231900&unsent_bytes=0&cid=9af628ce70e3d9c6&ts=2959&x=1", cfHdrFlush;dur=0
date: Sun, 01 Dec 2024 13:54:28 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 08:30:52 GMT
server: cloudflare
vary: Accept-Encoding

GET 4e4f6c47-a26a-4d1b-b840-31a2c1abe5f1
https://rcffffqp.top/ Frame 0
0

GET f962cda7-abed-42ed-bee1-64d9d6a86a2b
https://rcffffqp.top/ Frame 0
0

GET d358c1a9-33a8-4117-aebe-1fb86dcd7486
https://rcffffqp.top/ Frame 0
0

GET 810.f6d94fc8d0635364313b.chunk.js
rcffffqp.top/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rcffffqp.top
URL: https://rcffffqp.top/mtproto.worker.ae3e8dc772cae8b81c0e.chunk.js

Domain: rcffffqp.top
URL: https://rcffffqp.top/crypto.worker.1addef60de53de89c181.chunk.js

Domain: rcffffqp.top
URL: blob:https://rcffffqp.top/4e4f6c47-a26a-4d1b-b840-31a2c1abe5f1

Domain: rcffffqp.top
URL: blob:https://rcffffqp.top/f962cda7-abed-42ed-bee1-64d9d6a86a2b

Domain: rcffffqp.top
URL: blob:https://rcffffqp.top/d358c1a9-33a8-4117-aebe-1fb86dcd7486

Domain: rcffffqp.top
URL: https://rcffffqp.top/810.f6d94fc8d0635364313b.chunk.js

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rcffffqp.top/	1970-01-21 10:09:57	Name: cf_clearance Value: OqggiNpRCQTacrA4_rKG5aDedRAxcpaPAx0PCCvOyUQ-1733061265-1.2.1.1-RBPi_AtN5ZVgA6G88YlVVzDORhjXApf7IWHNVNKA16iYSsaRyfkMxmWl28STZObi5jTc23kBIz3cEN_88CckdpS887_B5GPB6THOU8dOaNvgtW0yqBOEWzzO_dFyxaFnISVNgRBhYOfKnA_8tkyW50.q0w9YrrRDa_AP5mpNoFAZ654zGDw1_YGjKDtqRNPVbDTXhWogrEVCY83UMYqgzSCr9jm8cDfaKXbt3pHBTs8jJ2GL1M0nJOek571jyuR4tR_lbhslcbp_9wVrsclmJkYm2bNLc5UUwfjlrYv4jYjh8ZcPFNTedpBcq_.0d9fN6o8XZ2DAQiin3cq54VZaXX_t9rVE_SFOtV4oD9uFkc8qmKZNofRz0U0cn67jKwmB

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://rcffffqp.top/(Line 3) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F020011C2D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hu.bafanglaicai.app
rcffffqp.top
rcffffqp.top
172.67.159.63
172.67.195.168
2606:4700:3037::ac43:c3a8
01e3e93f0c28761d227195423db2f66c2a7eba747a95b559c7ca0e5ea6d84b57
023d8e20a6dc800a6415a305418e11c27484c01ab373778d26d87e8b020961c4
11d775e5b4a49b49c652204d0833ae4e62066eef5828d2b5d0de0ebd403923c0
216ac2ed4fb401b782b3aedec58fa3011db42a583f7c0f3b3cfe2a677cf5bb99
322deb24d6d5efcf38e98818033dc373a21e67a4535703a0bae2772b13d9f5ce
34dc27f94c06bbc57f0e5a59311eb00dc89a0a53c056f1427299adb3005bed93
34e74cf0340e76907f2473078d537e2161dd18cc46889fcda005c8d704967e37
3ede24ea7930d5d0f1dd41d85225631c198ad7cf727f53bc9b6f006979f3051d
4aed6ee03b7270790b11cd8f6f8100e3aa9894dc8f719f80fb25329eb90c8d7a
5931974f456235914cbd864a86d028ea166b3211f36f1734265c2de4dcff3676
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
86df896f198a8e1944a598dfecc75244aefcef64fdca604b2b557017693aa180
8abc78d788514ae251fdb808e33042a2312c180ec76f667d9abc40ca90e787b4
932e9a817af82373fc18ab3c39ad1bbc706d3b4e5979407c0ad4f5320b099136
a5f7efab411bf842717576412603ebcdf5401ad6785e6f6b955b43d11b416ac6
b2508b04b3bef5275419629c0e3f1f01df2cf69c6c97c245373f49317a1a3b73
b835729ba4dd30814748fbecc109ae6f66ca710bfe5331e814dcb7bbabb3573c
cdbcb6292e07ba83febf941b3358849207493bc6e8f80a41817eb93dec0a19fd
df5fe3a18ba3dedced1f94819b99ea57ba77e554a35b9ccea9ae0e473112427d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

rcffffqp.top Open in urlscan Pro 2606:4700:3037::ac43:c3a8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

59 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

4 IPs

1 Countries

386 kBTransfer

2986 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

rcffffqp.top Open in urlscan Pro
2606:4700:3037::ac43:c3a8 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

59 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

386 kB
Transfer

2986 kB
Size

1
Cookies

27 HTTP transactions
0 data transactions