zq1.aaaqqq.cn Open in urlscan Pro
172.67.202.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exploranter.com/
Effective URL:
https://zq1.aaaqqq.cn/
Submission Tags: @phish_report
Submission: On October 26 via api (October 26th 2024, 6:43:42 am UTC) from FI — Scanned from NL

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 172.67.202.181, located in United States and belongs to CLOUDFLARENET, US. The main domain is zq1.aaaqqq.cn.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.

This is the only time zq1.aaaqqq.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 2	188.114.96.3 188.114.96.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	172.67.202.181 172.67.202.181		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	111.45.11.83 111.45.11.83		56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
18	2

2 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

exploranter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exploranter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.202.181 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zq1.aaaqqq.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	aaaqqq.cn 1 redirects zq1.aaaqqq.cn	113 KB
3	exploranter.com 3 redirects exploranter.com	2 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 13307	12 KB
18	3

	Domain	Requested by
17	zq1.aaaqqq.cn	1 redirects zq1.aaaqqq.cn
3	exploranter.com	3 redirects
2	hm.baidu.com	zq1.aaaqqq.cn
18	3

This site contains links to these domains. Also see Links.

Domain
wpastra.com

Subject Issuer	Validity	Valid
aaaqqq.cn WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://zq1.aaaqqq.cn/
Frame ID: B80D8FB000B3C9238C41A3FB3A7A36CB
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AAKKKK

Page URL History Show full URLs

http://exploranter.com/ HTTP 307
https://exploranter.com/ HTTP 302
https://zq1.aaaqqq.cn/ HTTP 307
http://exploranter.com/ HTTP 301
https://exploranter.com/ HTTP 302
https://zq1.aaaqqq.cn/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

124 kB
Transfer

497 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wpastra.com/
Title: Astra WordPress Theme

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exploranter.com/ HTTP 307
https://exploranter.com/ HTTP 302
https://zq1.aaaqqq.cn/ HTTP 307
http://exploranter.com/ HTTP 301
https://exploranter.com/ HTTP 302
https://zq1.aaaqqq.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://zq1.aaaqqq.cn/favicon.ico HTTP 302
https://zq1.aaaqqq.cn/wp-includes/images/w-logo-blue-white-bg.png

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
zq1.aaaqqq.cn/
Redirect Chain

http://exploranter.com/
https://exploranter.com/
https://zq1.aaaqqq.cn/
http://exploranter.com/
https://exploranter.com/
https://zq1.aaaqqq.cn/

128 KB
21 KB

1297ms
1297ms

Document
text/html

172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bbef9001235d2cf740879b7b88769ff2f169a6d70f77b0007adde4ceaef491

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d8879181fffb918-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 06:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSEahORBjAHSKtPHLP8UNldZx9RFzHnJSDAkt6pNoc%2Bad92ArV07oLq4yLEGtfg6G9gEpsGClzN%2F4WKK4tGhG87rr989w7ftCwb0JE7Kf38pzE8egu1w3vOcAm5yESkd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24618&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4250&recv_bytes=5011&delivery_rate=675&cwnd=12000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4056&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 8d8879128e1db8e8-AMS
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 06:43:36 GMT
location: https://zq1.aaaqqq.cn/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2Fm1z8Ln0nKORv8BYVxuKYk%2BX7eGbS7eCwTFJBdHkUL99sJJct9vM15AgXZWD%2B%2FVqmu%2BMelyUOGEUCekimYJOIJ7360erDalr5xrbock%2BdR7ubKKePKlVoR7SwigbUIsKkc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19516&sent=15&recv=13&lost=0&retrans=0&sent_bytes=4737&recv_bytes=4962&delivery_rate=15307&cwnd=12000&unsent_bytes=0&cid=f863b350cf8b8daa&ts=3700&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 main.min.css
zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/ 41 KB
9 KB 628ms
627ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.1.5
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e00f328633eccb116ed74ae31ffb435407709d081ee6296f9ecf200ecc2e9ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "a20a-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuUfw8E0XVslafqI3W0My6XHf38FMIFE%2Fr%2F0zJ5izJyOhwWRx3zvrIa4JveqI70zW28EG8qWas65Aw0T5SnUkvo2IZjw3amHAJf%2FtUiAYKIMa1Xp3U66u%2BregRN3CuHV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=39&recv=37&lost=0&retrans=0&sent_bytes=31293&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4820&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211817b918-AMS
accept-ranges: bytes
content-length: 8101
server: cloudflare

GET
H3 200 woocommerce-layout-grid.min.css
zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 16 KB
3 KB 630ms
629ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=4.1.5
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29906a351fdc908a391a36a49d2d4b60ef65caf765f6566860842021b505d47a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "3ee5-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQ9hLyt4NP3csyTF1xEVK%2Bz6htzirLPODFEeR2dXwMHi8eUDBpKoieosSE0e%2FL3pkQoIqxYfVpIWEtBz61PdPWqVa5QM2VWrP5EspNONb6LfKtQiNOHSfec19ML%2BpL04"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=47&recv=37&lost=0&retrans=0&sent_bytes=40244&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4823&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211819b918-AMS
accept-ranges: bytes
content-length: 1921
server: cloudflare

GET
H3 200 woocommerce-grid.min.css
zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 113 KB
16 KB 843ms
841ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=4.1.5
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941f4a6e3289d03b0c5f43742ddb849889ed8f00507e88a8cb4df75d6f6ca925

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1c23c-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2AsYiCZmRyL5gcBBn9RDbly6nfaLB7nx7WfTjx1CvYK%2FYMpHm2JPGOasjhu94hgTXoKulyvo4UsfhbMCof%2F%2FJynHw5nPJpQ9LrqhV9EWGDMw4%2B2RDyusdbXaXXHBoXL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18397&sent=105&recv=70&lost=0&retrans=0&sent_bytes=98652&recv_bytes=11296&delivery_rate=205773&cwnd=37200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=5028&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181ab918-AMS
accept-ranges: bytes
content-length: 15966
server: cloudflare

GET
H3 200 style.css
zq1.aaaqqq.cn/wp-content/themes/astra/ 4 KB
2 KB 663ms
662ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/style.css
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870fb4a72ce2fcf4e582f977cb446389a1c48f7dff799175834e8e5032c93360

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "11d4-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljmwMrTBrEKUHdsC%2BnGl%2FhlpFRbRnA%2Bka%2FiiPu2PNKOlbvyrZ3UgFf1puvvd%2FNLliNkmjrikhFK%2Feimve61q8RL0QWEEW%2FeD0dcuOYDFylqqKfY3XL0R8TmRROyo56er"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22299&sent=64&recv=39&lost=0&retrans=0&sent_bytes=55887&recv_bytes=9942&delivery_rate=7636&cwnd=25200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4833&x=1", cfExtPri, cfHdrFlush;dur=4
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181bb918-AMS
accept-ranges: bytes
content-length: 1862
server: cloudflare

GET
H3 200 astra-addon-650f11d754fe45-41330906.css
zq1.aaaqqq.cn/wp-content/uploads/astra-addon/ 15 KB
3 KB 614ms
612ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/uploads/astra-addon/astra-addon-650f11d754fe45-41330906.css?ver=3.9.3
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50cb095a6e3277cdd47882f0f371e7d7f9ecf8206bf660c47b126054df0e2bbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "3c93-6060931fc3356-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zFmhLGEbywDYL2uXi6VtRyEI9VOEo9aU0wCYXHHK8UF2b7xdJR94aqEC7vEbIqd2q9dtDgrADffJnEGZFIOBgieWm1PHxsDR%2FeH1DJMfi68%2FbpUcgDFyv8tXUJxgQcI3"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=34&recv=37&lost=0&retrans=0&sent_bytes=26093&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4813&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 16:27:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181cb918-AMS
accept-ranges: bytes
content-length: 2662
server: cloudflare

GET
H3 200 jquery.min.js Show response
zq1.aaaqqq.cn/wp-includes/js/jquery/ 86 KB
30 KB 812ms
811ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "15601-610a99343d4bb-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjFrBAOKCehLCGJpE5QRrEuyudfGM3uZqFWmUB1fkVQsa6PdE3dvtf4HFuzLiXhaUeDsrt56YjsfTNC%2BinE90dF4zWDa%2FGEHvnDN%2B6L%2Bc974NGTqx1fT2aO%2FcKANITYD"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30293&sent=75&recv=57&lost=0&retrans=0&sent_bytes=64438&recv_bytes=10724&delivery_rate=40836&cwnd=32400&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=5009&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 21:59:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181db918-AMS
accept-ranges: bytes
content-length: 30368
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
zq1.aaaqqq.cn/wp-includes/js/jquery/ 13 KB
5 KB 629ms
628ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3509-60392143c275f-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rz%2Fq7m49NZb4Y%2BomgmF9W0pn6pZUHaXOyvQktYxBXVGiIctehbpIcUec2rSSAFfkH1yXaZyKcz95dprAVBTVrNUBXxgt1ywAl7g6ftKzbGfwoK%2F4JG%2FFFUAK4uo5AmiL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=52&recv=37&lost=0&retrans=0&sent_bytes=44401&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4823&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Aug 2023 07:29:59 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181eb918-AMS
accept-ranges: bytes
content-length: 4872
server: cloudflare

GET
H3 200 frontend.min.js Show response
zq1.aaaqqq.cn/wp-content/themes/astra/assets/js/minified/ 20 KB
5 KB 653ms
652ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.1.5
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 694da45e033114445455ea32bc0448bd950165a0eda0f92e16b9ed32bf5eb493

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "5081-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsLGzz2%2Bo%2FlVTyrtG8rJucYP8GJNBGS52OlLMdBZgomTaxESd5NfpP0eaEYRM1TkfXnoAwxlArUkG43wM%2B0Q0JQkbrao5bygHDQBv%2FstTCrVHGm9qoTxl3ZPY2CRhutn"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=57&recv=37&lost=0&retrans=0&sent_bytes=50051&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4824&x=1", cfExtPri, cfHdrFlush;dur=5
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887921181fb918-AMS
accept-ranges: bytes
content-length: 4936
server: cloudflare

GET
H3 200 jquery.blockUI.min.js Show response
zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 660ms
659ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.1.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "25a4-6060946ef26f2-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0adkJ2SDgqNBLgHMtwwdAwRGFEDFYdc1Hd90MYuQ15Gv6FqqX6LfXjdKAqnbpVyPrhVWk5ZWrbYSM9TmBdWyeAcGmSfvUdHsIjXmoioN3hnOO%2FscSOCj8xmWWajJfW9"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22299&sent=64&recv=39&lost=0&retrans=0&sent_bytes=55887&recv_bytes=9942&delivery_rate=7636&cwnd=25200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4835&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:32:54 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211820b918-AMS
accept-ranges: bytes
content-length: 3537
server: cloudflare

GET
H3 200 add-to-cart.min.js Show response
zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 615ms
614ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.1.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "bdd-6060946ef1752-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMUDTkEDoWNcoZtl%2FkpMVL%2FXo%2BGRBBu27YWiJCSsT5GSQPT%2FcQIIP67ZLlgx%2Bi%2BcqCAxQVVr68J6Z7nIGW5mOf0XEpxGsznLIluGaHJZWO3nBU%2B8ewgQZ4uTKAflqoxr"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=37&recv=37&lost=0&retrans=0&sent_bytes=29487&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4814&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:32:54 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211821b918-AMS
accept-ranges: bytes
content-length: 1091
server: cloudflare

GET
H3 200 js.cookie.min.js Show response
zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
2 KB 662ms
661ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.1.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "735-6060946ef4632-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92MytMJwF3vr3Vq0ql5ynAQNIyfeLX%2Fv%2BAj2G3jagwvcjhHyzO%2BeyN6NxGLYsc1i8ppa6S6zEy%2BnxAnyAze3Py786agCb%2F1tVt1RyL0HtR%2FKCLAd%2B7E5QfesaNw7Ut3S"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=57&recv=37&lost=0&retrans=0&sent_bytes=50051&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4824&x=1", cfExtPri, cfHdrFlush;dur=8
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:32:54 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211822b918-AMS
accept-ranges: bytes
content-length: 980
server: cloudflare

GET
H3 200 woocommerce.min.js Show response
zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 629ms
628ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.1.1
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "85b-6060946ef26f2-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=seu2oJDprfxLwioAd19DByoUVSIyCa%2FfBkWn3qTPfGIIHZkiWBjZgUSyHOouypEa3WHUbvLUu6UDRrodige24bksRP%2Fg8c7lKMSHJ7osKfEvc6Z8KMUaGlJX6D8z3XGZ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23773&sent=50&recv=37&lost=0&retrans=0&sent_bytes=42895&recv_bytes=9856&delivery_rate=482623&cwnd=24000&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=4823&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:32:54 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211824b918-AMS
accept-ranges: bytes
content-length: 799
server: cloudflare

GET
H3 200 astra-addon-650f11d7578ea2-05432716.js Show response
zq1.aaaqqq.cn/wp-content/uploads/astra-addon/ 6 KB
2 KB 821ms
821ms Script
application/javascript 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/uploads/astra-addon/astra-addon-650f11d7578ea2-05432716.js?ver=3.9.3
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757d0a459f4d44b3dbe2ae842394baba3558a7eb58c73620c75adf932aded23b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "1844-6060931fc5296-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeYWW1DPRt1OHbpTlgYVy3M%2B7%2Fv1MFRy8r29gQxWA8y4jYeapt84gHQS1s7W91fs8TkC%2FT4I2dpPZUD2WjPp4PE4gd9yC6ruFnxa9bt3iICWav6Fb0nRAJxGucIfz2nF"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30293&sent=102&recv=57&lost=0&retrans=0&sent_bytes=96147&recv_bytes=10724&delivery_rate=40836&cwnd=32400&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=5016&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:38 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:27:03 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879211825b918-AMS
accept-ranges: bytes
content-length: 1772
server: cloudflare

GET
H3 200 woocommerce-smallscreen-grid.min.css
zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 6 KB
2 KB 634ms
628ms Stylesheet
text/css 172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=4.1.5
Requested by: Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cef1c0962160f3be4c3207528d2993a37be6b7916119defe7ba7ea255c81b2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1775-5fc0ecd708b80-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xnVHJEyZUo%2BmI9dE9bXR16opy1ZQlZSNdQUYyIC2%2B0M5A%2FrODPw6RTyuSZKjGDKW7qal9Upp2elt5X2epFuFDQk%2FRJWwM1yd%2F90CYtcY9QBMWyg16RlMRIo%2Fr3mSJge"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22018&sent=121&recv=76&lost=0&retrans=0&sent_bytes=115666&recv_bytes=11893&delivery_rate=78727&cwnd=37200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=5665&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:39 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 16:56:30 GMT
vary: Accept-Encoding
priority: u=4,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8879265d57b918-AMS
accept-ranges: bytes
content-length: 891
server: cloudflare

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 825ms
334ms Script
application/javascript 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?45c25af568664051e5aa8c375c7e0452

Requested by

Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

155404b2ccf95139ef4875439c4b22334a2f86c736bbe265c161b425edf8ea73

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 17b149025c7ca6ece8e5e5b9df113b39
Content-Length: 11286
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sat, 26 Oct 2024 06:43:39 GMT
Content-Type: application/javascript
Server: apache

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 335ms
335ms Image
image/gif 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=9D6944973F8406E6&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=nl-nl&lo=0&rnd=1780617212&si=45c25af568664051e5aa8c375c7e0452&v=1.3.2&lv=1&sn=63160&r=0&ww=1600&u=https%3A%2F%2Fzq1.aaaqqq.cn%2F&tt=AAKKKK

Requested by

Host: zq1.aaaqqq.cn
URL: https://zq1.aaaqqq.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Sat, 26 Oct 2024 06:43:39 GMT
Content-Type: image/gif
Server: apache

GET
H3

200

w-logo-blue-white-bg.png
zq1.aaaqqq.cn/wp-includes/images/
Redirect Chain

https://zq1.aaaqqq.cn/favicon.ico
https://zq1.aaaqqq.cn/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

616ms
615ms

Other
image/png

172.67.202.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zq1.aaaqqq.cn/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H3
Server: 172.67.202.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://zq1.aaaqqq.cn/

Response headers

cf-cache-status: MISS
etag: "1017-5fa75f7057180"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9mpoElvMRb8KSIIEs1yx9iAFMfyUJB2H%2FkSmHk1l8cht%2F5iDF%2BpLQIPVSjnimfUmqKV2MATzKVX43Y1VVG2VAK2LWM4vXajWS2E9YILpBSyK25EqaYD8BPe7uy6b3Dg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20883&sent=126&recv=79&lost=0&retrans=0&sent_bytes=118023&recv_bytes=12858&delivery_rate=492&cwnd=37200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=8437&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:41 GMT
content-type: image/png
last-modified: Sat, 29 Apr 2023 09:10:46 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d887937becbb918-AMS
accept-ranges: bytes
content-length: 4119
server: cloudflare

Redirect headers

x-redirect-by: WordPress
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://zq1.aaaqqq.cn/wp-includes/images/w-logo-blue-white-bg.png
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1Gu2o%2FBmzSPWGQL3WPzNcuh%2FitqlAzC4Z2YRIstO0MXDbO3AYNO8dkFlROjaHujT6XfeXsyTHnkIkPXM28cIzmE%2FNqmpoL2kNxid7zc2IhzyBR%2By2n6oUxRRtwnAGsJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d88792ecddcb918-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21410&sent=124&recv=78&lost=0&retrans=0&sent_bytes=117293&recv_bytes=12383&delivery_rate=76598&cwnd=37200&unsent_bytes=0&cid=5a5baaf5f2715ceb&ts=7822&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 06:43:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| astraAddon function| astraToggleSetupPro function| astraNavMenuTogglePro object| _hmt boolean| _bdhm_loaded_45c25af568664051e5aa8c375c7e0452 number| link number| len

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 10:08:05	Name: HMACCOUNT_BFESS Value: 9D6944973F8406E6
			.zq1.aaaqqq.cn/	1970-01-21 09:17:41	Name: Hm_lvt_45c25af568664051e5aa8c375c7e0452 Value: 1729925020
			.zq1.aaaqqq.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_45c25af568664051e5aa8c375c7e0452 Value: 1729925020
			.zq1.aaaqqq.cn/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 9D6944973F8406E6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exploranter.com
hm.baidu.com
zq1.aaaqqq.cn
111.45.11.83
172.67.202.181
188.114.96.3
2a06:98c1:3121::3
01bbef9001235d2cf740879b7b88769ff2f169a6d70f77b0007adde4ceaef491
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
155404b2ccf95139ef4875439c4b22334a2f86c736bbe265c161b425edf8ea73
29906a351fdc908a391a36a49d2d4b60ef65caf765f6566860842021b505d47a
2cef1c0962160f3be4c3207528d2993a37be6b7916119defe7ba7ea255c81b2c
3e00f328633eccb116ed74ae31ffb435407709d081ee6296f9ecf200ecc2e9ee
50cb095a6e3277cdd47882f0f371e7d7f9ecf8206bf660c47b126054df0e2bbc
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
694da45e033114445455ea32bc0448bd950165a0eda0f92e16b9ed32bf5eb493
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
757d0a459f4d44b3dbe2ae842394baba3558a7eb58c73620c75adf932aded23b
870fb4a72ce2fcf4e582f977cb446389a1c48f7dff799175834e8e5032c93360
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
941f4a6e3289d03b0c5f43742ddb849889ed8f00507e88a8cb4df75d6f6ca925
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620