qingtian.aascxzgt.com/WhatsApp_files/progress.d6b49e71f39a81300686.js
104.21.27.160200 OK 5.9 kB URL GET HTTP/3 qingtian.aascxzgt.com/WhatsApp_files/progress.d6b49e71f39a81300686.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type ASCII text, with very long lines (12281)
Hash d6b49e71f39a8130068686a4fc351e3f
f56bd6ca25b354df6a2fc887ebac0dc0198e8b9e
956a484097417e953d97fd922b864bb9584bf8d619b53df91ceed45092ddf3ae
Analyzer Verdict Alert openphish WhatsApp
GET /WhatsApp_files/progress.d6b49e71f39a81300686.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:25 GMT
content-type: application/javascript
last-modified: Tue, 23 May 2023 05:16:52 GMT
vary: Accept-Encoding
etag: W/"646c4c44-3036"
expires: Wed, 07 Jun 2023 12:57:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbAtCf8d8cE6ECrXn40hQtiJObt4fJoBanclRhcBD32gr0maIWmTk%2Fp07WyUaJWjOcet7Oo4SWvq34fzaSj6fTMKpoic58LyVyEitu21hsx4LwtAf5UU5JuDshJbew7UYf%2Fzu%2BjxlMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0dd9af2fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.staticfile.org/jquery/1.10.2/jquery.min.js
47.246.44.211200 OK 33 kB URL GET HTTP/1.1 cdn.staticfile.org/jquery/1.10.2/jquery.min.js
IP 47.246.44.211:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerDigiCert Inc
Subject*.staticfile.org
FingerprintF3:77:67:81:E3:F1:30:9E:CC:CE:EB:B9:2B:C0:7B:08:AE:D4:60:15
ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 03 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32072)
Hash e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
GET /jquery/1.10.2/jquery.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 32989
Connection: keep-alive
Date: Tue, 06 Jun 2023 13:18:52 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz"
Vary: Accept-Encoding
X-Reqid: KeIAAACnAYJkFGYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:54 GMT
Ali-Swift-Global-Savetime: 1686057532
Via: cache23.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache1.se1[0,0,200-0,H], cache8.se1[2,0]
Content-Encoding: gzip
Age: 41914
X-Cache: HIT TCP_MEM_HIT dirn:11:439254771
X-Swift-SaveTime: Tue, 06 Jun 2023 13:20:59 GMT
X-Swift-CacheTime: 86273
Timing-Allow-Origin: *
EagleId: 2ff62c9c16860994467694715e
web.whatsapp.com/ws
31.13.72.52 101 B IP 31.13.72.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 224f509a3fd14a249091412f6c32603d
e20d67aec7c6ebbf703ba991c97863a32ac5f9e1
a0dda4693b29f504c2bd54eb77d2b4b01875ca3c3e4d9b92ef2db81dc3a5f71f
GET /ws HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://qingtian.aascxzgt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZBzU0S+CBYyBbMM+IBLmHA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 404 Page Not Found
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Proxy-Status: proxy_internal_response; e_isproxyerr="AcLVNEb2_YnJc84sF_o62pX_LAWXo-TmNU3Ir9PI5UTSyHf5XaPQ75b50tLbcQ"; e_clientaddr="AcJGEQZw01XvAP9LSD6zx8NasgtT_knsRxAcotpyWdBHYPgEku9alKb0kdrVpqm6tNTCvCSgaLExU_c"; e_fb_vipaddr="AcIVQ-fdfLdXHkzOPMSDtsD-nbexjVVYNQ3MNkfwaFKzisvwkFvpWOB3CyFhcRkr5TOyqFA"; e_fb_builduser="AcKla2q72wrU5zi6rbv4l_NtotA2RKfHJrNyH9m9H9EX5_pMfMJRlXWpBy0YHug0yAo"; e_fb_binaryversion="AcITWfDqv_U7bgosIfFnS2QiC0HETQEHMCuOweL7kV18UE4VjrIMqQM10ZVqRhACJf3FpiEM6MD9ppyG5g4EU6WbBCQne7R695k"; e_proxy="AcJpDzjmBnuyiHUenchMsGrTHnVEYn2PiiL3mnfufATM5XpGirewI92027fTzZ1XiL8x100guht0quHP"
Date: Wed, 07 Jun 2023 00:57:27 GMT
Connection: close
Content-Length: 101
crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af
31.13.72.52400 Bad Request 166 B URL POST HTTP/2 crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af
IP 31.13.72.52:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint8B:AE:DB:F8:4C:C1:75:25:4A:AB:66:CF:51:BB:F8:C1:44:EA:58:D3
ValidityFri, 17 Mar 2023 00:00:00 GMT - Thu, 15 Jun 2023 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash 80565ebac1be2bf2918d4dc3e1529b3a
05dd227b230299fc4f86a119d45c18e9c59e4277
7cf3663b91b7e88030f3d13a253694ef2c27a280f68c7b4b823a34806af95365
POST /wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af HTTP/1.1
Host: crashlogs.whatsapp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------1533327563393654219960846983
Content-Length: 869
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
vary: Origin
x-fb-rlafr: 0
content-type: application/json; charset=UTF-8
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#403) Upload is forbidden"
access-control-allow-origin: https://facebook.com
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
pragma: no-cache
cache-control: no-store
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-fb-request-id: Ao3WMRpjCV9XTBx--VnaEEL
x-fb-trace-id: ARcDsdyoPvg
x-fb-rev: 1007626553
x-fb-debug: xq3Q0GLlKVwKNOiEFXkvlfcTtm/Abm+3i4SSd2rQYL6ekNI5N9WrUEHhT5kkiBWJ9FGS6VRjIF4KT4cznJ5VfA==
content-length: 166
date: Wed, 07 Jun 2023 00:57:27 GMT
x-fb-trip-id: 1679558926
X-Firefox-Spdy: h2
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774
172.67.163.159 0 B URL 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774
IP 172.67.163.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://qingtian.aascxzgt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kyKyMlF86mvk25o3pn1wtA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 07 Jun 2023 00:57:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lph+aHvBUpewjcQJU0+pIJArjKw=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK5vbYhjVNEd3RXZghCDjawCRxMX%2BkYcxfJaGAoMtMFySjXER7GwpFT4O0%2FV6lnIpMqQGkIbt5Zh3nrt5TMMh5MMJR9vAiHw3TPxwPFKhTlVFiqDnUoC3zjQ8AQF%2FiVeRzxBALU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d34f0e7af451bfa-OSL
alt-svc: h3=":443"; ma=86400
104.21.27.160200 OK 5.9 kB URL User Request GET HTTP/2 IP 104.21.27.160:443
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2059)
Hash e1aba1d45c02b8be6fac25952fc2c1ae
38608de2abb76178233322f9baf82a5a59269441
f215623ec38bff49cc7f77b5731ace2f67b4dbc46270751b729cec3f4e483856
Analyzer Verdict Alert openphish WhatsApp
GET / HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:57:25 GMT
content-type: text/html
last-modified: Tue, 06 Jun 2023 11:49:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmLEnE%2FRSopSjKbPa8fkQrEfqTfETAP%2BrlwoJiZ%2BOk5C5bu5SE%2FhlyEbtyVZNdt7TYkA5%2BoQZV32i%2BdGFQlrTVuKSOytzI7B3Qeq%2BsXO3XWskpSjWmBSIcgSf%2FzIXr9vGbynDIYrldA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0d9cd8a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af
31.13.72.52400 Bad Request 166 B URL POST HTTP/2 crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af
IP 31.13.72.52:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint8B:AE:DB:F8:4C:C1:75:25:4A:AB:66:CF:51:BB:F8:C1:44:EA:58:D3
ValidityFri, 17 Mar 2023 00:00:00 GMT - Thu, 15 Jun 2023 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash d33ae0ed926aae0c997f606e4e307f81
7ae262a440af47ceea28a029449f73932454832d
3b91b3881b32a4a942600030f6ede8e547f4ddfad4130a3b637dd64ef84d3525
POST /wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af HTTP/1.1
Host: crashlogs.whatsapp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------216239679225956623813690045451
Content-Length: 879
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 400 Bad Request
vary: Origin
x-fb-rlafr: 0
content-type: application/json; charset=UTF-8
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#403) Upload is forbidden"
access-control-allow-origin: https://facebook.com
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
pragma: no-cache
cache-control: no-store
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-fb-request-id: AX4RMIJ8zLpIc5we7D2ctFC
x-fb-trace-id: G/GcegJbuGY
x-fb-rev: 1007626553
x-fb-debug: rdBX6pEGNrN6NJiUmEeTu/wX0Q6800Sql/r9DfP61RI85Sdn5pQDowy0Ty1u6Ew9pLwWfpDx6p4O70Mk8JBGWQ==
content-length: 166
date: Wed, 07 Jun 2023 00:57:28 GMT
x-fb-trip-id: 1679558926
X-Firefox-Spdy: h2
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099448033
172.67.163.159200 OK 0 B URL GET HTTP/2 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099448033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099448033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:57:28 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9STeEuya17psl1y4agoADXvIEdOZdtVjyz%2F4YK9JIJ6ahVxRE%2FwBAh%2F89DzW5w890TwjPUrJJ%2BKjmhw43Q5tXKM6WjphctJxMon%2FipKk7BQIMiWjgv49V8BYLVuU%2BkGRnfJ%2BTyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0f179fcb518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099449034
172.67.163.159200 OK 0 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099449034
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099449034 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:30 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtgrIGn1haDq%2FfpebT9JKYDA3RKGguyTKyUQax20cxds%2B0DQT6wqGd7MC1fA76sG0eIEd%2FMhAGNHr7Pd5dJB9GFbPSIRO%2F54FEWL1FY362GuZdmsVprJ3drV6XUuysY%2Fwj9Yiv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0f7bc830b41-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099448032
172.67.163.159200 OK 172 B URL GET HTTP/2 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099448032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099448032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:57:28 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTLHnv1yTOkEM%2FP6M1fWPls9hqA6RfVQtqz%2BXcy%2F4bDxyCe8eu0i7EWEll%2FxQ4kooCiE1U289Ee1zo5rsTv3AcS%2FsxCsbvAdcqPGD3ecMN%2BXywZrClunRXxbsTH7Re%2F0G0yfLYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0f179fbb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099450339
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099450339
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099450339 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:31 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KuQ45AHJBkpYUgddAskvv4AlLoRzhVdzItPFK4SVKU3YN40sw6pnItLRDh2Lo67dmaE353tmyfCqmskxrQ%2BtQjc1%2B%2BL9%2FD1aD%2BaTzki6Ay%2FBIQoFRDh78hFI8%2F4ojV7y86%2ByhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0ffea3ab518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099451338
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099451338
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099451338 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:32 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuAgXLytH9HVuMBvquG5kZpIZxlq8EKIk3OhvoBzO8OvGpKPTG4de3S4H2WFU8q2WLEF15jsprAxA35EYcR4lOdwVohUVT6mM7Z1swSlIXCPztg390AApM%2FTcEkpjqWFTnwGHx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f1062d39b518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099452324
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099452324
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099452324 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:33 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhCrcjMU0qO64t2VoelAlzL2U2spjz8CqTvRZEcnnH1wLM3y6AN5e2mDaVnpRsbqGSHXfBgQLeawiqBaPwD2553Tr%2B57cexWhKmlXO7mPJbPO1YtaN3OHyRwu8gNOO%2FaHZee%2BWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f10c48e7b518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099453342
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099453342
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099453342 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:34 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UsCymXUyPpq6yZiH71dTxKggVW%2FKtukYmQVlvVUT7jhBRZ4FkDx0PbCXhb2TgTRpD0XFDl7qqKGqwxGx2BGbuBrmD2nejgUZcbqGe9BEErb8JYKZn6e%2FUdiH23gZLKkSr8iPSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f112ac29b518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099454034
172.67.163.159200 OK 1.9 kB URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099454034
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099454034 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:34 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l47spqBht3tknqhVvNwGCzip%2FRncxuK12BHpwSeJa65u15KUERFNYSqXtu2qsFs8qXcthrAvv57XHA24GIchl7sufrh%2BfyNaOS3nwR%2FatZDPZPeknIDb9Oe%2BfMNvbfDelNO%2F9vQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f116fe6f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099455034
172.67.163.159200 OK 1.9 kB URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099455034
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099455034 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:35 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myksVkjwPCuJahUJUMEwY9X0mQQWXanc9jbYTO%2BjgUtVXNt5bkg8R3ESc885oJphK935bVLfAgD5ENzKTtfiHy85H%2FnEfwZPVSmVX%2FBtMT96i7VoIGwe2DxX7A7ziGmu51Wmyh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f11d39050b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099456035
172.67.163.159200 OK 1.9 kB URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099456035
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099456035 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:36 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiesiHv11mfMixVlelavca6KIFCzg2wswJ4UPc%2BiEBIF8frzIqwbrHnVnD10evaZwNgoQwERwytAp11fZSZAYHDJ6cAP7AkecirNNWh7T9JyF0qM8HkqrSUtnMHLar0pZQPftoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f1237b420b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099453035
172.67.163.159200 OK 1.9 kB URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099453035
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099453035 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:33 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjNSHxakojtqXsQClW2Z8cFxe4VZUl%2Bm5I8y5p4klJZqGDX0fRf2kfrpepidcOFFDRJZtHjBO35zP42chNebIrvc1GgMtov8CqEmhaBkUU2beSvqtVLhNN%2Fqx0pKSEwreOvXgvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f110bc470b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099458343
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099458343
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099458343 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:39 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9CBhjvb8xVNHDaXOeidQ50KhvR6h9U1Kvg13CpCPG%2BYJPGyy2LtF3y1NvL0Vu5CoIVfXe47o0JmExctGlwCo0Ncbk5x7xcQHzEY3tG2wTdOyGCxA%2BRZlk6ynWZsTokt2V1zK5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f131edebb518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099453032
172.67.163.159200 OK 1.9 kB URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099453032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099453032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:33 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=720X7RYtdPYCtrZUtRw0iKzJsBGDTA9kOxF9PS9Q5LPYCP3E%2Fcxplz7ncBBqtaSCQJ0wGLcbtROJW459HyxW6ngZ0YtzInk2C2%2Bxtm9roB45%2BkT0w84vdCwvc3MSLR6hzbj2%2F6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f110bc450b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099457037
172.67.163.159200 OK 217 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099457037
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099457037 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:37 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQO3ENxVF0%2FQtnAMv1T4cNOJNMHbkABYkRFPpnu%2BJIV4Be7va3HoggkKCSda9%2FV%2F9s94Wu0cZirRrqv2T4vrp%2BKqn%2FB%2B4GrRIlxGRC%2Fkh8xOUwaUwCate%2BgjptVBB5kRLD06CU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f129cd740b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor2.ec3b8281cb6ba51b3d53.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:28 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU7KN1jb%2BJlk%2BVI4oUX5f9ImI1b6Fkrrk5QMHh2NH6iyDrOb7RUiG3odYZJI67P8AYV8su%2BmMUTtjIa7DDl76hWnPzhmMMwCiCSL3sxucjUNYM8N8QdhwpWB6Ad1R8IX%2FWAmHyUR%2Bj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0efdf72fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099450032
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099450032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099450032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:30 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3m1ZYFTCGATXnLXnnZ5OHHpMrweu6RpF6XdGlhzlrZnVu6sm%2F0pt0VAMADpRFkRXHSuRq8LB7YJLxIJPr9Y0ZBcTA9frAssvM4wip7nji%2FHVOAIgTHnfc8BXnAd4jZo2bzCnpqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0fdfe670b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099452034
172.67.163.159200 OK 217 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099452034
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099452034 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:32 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzF0LhjTH7YI%2FmK%2FrNCBiYBBPPhGHdq4%2BdTRMHvMtW4JcV2P6Rg9%2F18uCb10TsBXsNCJcSVvH4SHoGwaqZeej8wGN6pmO8Ba9yNx%2FeF0UZAl4LLxVa2sQwivLY5av2E3xetimYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f10a7a880b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099455354
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099455354
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099455354 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:36 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QE7dg8Zd99bIj1y%2BjpLy9lftWERyJDSyc3Os%2F7g6SKWiDesSlOIN3q6lGBybTMrEmx6uKD%2BEUkbgGadPWL9sPRwBIoJZLM3q%2BRFW%2B6p7u6WeOWHqbverRaEvXoLXv2DcK1S2IM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f11f3cd0b518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099456033
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099456033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099456033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:36 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVXjFRbT7QRfTu1rFNWwqu5kD%2BcpHf5m%2FLMAZcrK5D9Ipf%2BzRH%2FaJOlTJWzp1VhsrawNYKpfHkpmdYdMWvbrfCxj2iMjtyxfnCBmBfLVmPzzbbKprFjkAdEOylBP51Qu4%2F6nIWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f1237b410b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099457350
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099457350
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099457350 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:38 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diahSLfR2BxlJ73sS%2F22RYfKvDR0Mlkwp%2FS4G%2BElhvRx9%2B1RAn%2BOCuRw9241AKMczx65wsBVT67QVvKN%2BALEbqnxq2tvPrCm4H4yjAvg9zqOJCxhPtg4bHk8BRaslLbpimOrGCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f12bbaa5b518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099458034
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099458034
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099458034 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:38 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5VzQklNMXIZsbd2UyVJp51Yy42ltoSpt%2FytSS%2BOmGoIYUWVWKs3XN6fXgLRAVFX4z4RzbRZ15boNaBPPgQAWHJ%2FNZRDKMWwr6MPFSAkCIEBdsWe59Ba6rI1vEIO%2BBb2j4pv4Oo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f12fffef0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor2.ec3b8281cb6ba51b3d53.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:27 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GXVnsSn02fVFASq0XJE%2B7Pua7I2CjDI%2BIK8boh8cm7c%2Bs0MOtTLgCQc4qj7YknX0ZZPcGrmOhoWQF4l6Tf5gwwSZorTFN8oM9Bq9KfVeu3dl04eU%2BZlkZX%2BYcsQCD05RF%2BX05egx%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0e70d2cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446365
172.67.163.159200 OK 2 B URL GET HTTP/2 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446365
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446365 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:57:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RShIOiCbrbU1qEKlJhBXvzr38HQpvdAepOU6RuRv9RyRlprYXRz7uchlZP6rXtptYu%2B5LmPqLc4mFbOx2e%2F2c74meSSO16mG3Ti6asZB%2B0vKpu3IwKZ1XN6hkAiNa2CgIjxZ420%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0e76d21b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099449032
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099449032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099449032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:30 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTACVe%2BHmoWlXJzwgTjSdk6Du3cQ7OGceRJ3saiZLApdBTqGf5PqqgZFmvEwS91dOhsW326twVMEPsKejkOoD4yksMtd79IgKoqwGV7PktDhKheOIYGRIXgZjt7sslGvaoagTag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0f7bc820b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099458036
172.67.163.159200 OK 217 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099458036
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099458036 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:38 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWz9JCtEjCyXk%2BhVunQH%2BPoGm5ZHaFE9JJhbKB7xxPN67SY6bBD%2FJBzc3242r0jwVIW3cYuloSONhExIMj18lUeWG0RLBThsUhN4axvWnZ%2BChrJbgdDQZOlEpJA4wqrtbbCJrSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f12ffff10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/WhatsApp_files/cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css
104.21.27.160200 OK 244 kB URL GET HTTP/3 qingtian.aascxzgt.com/WhatsApp_files/cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 244 kB (244294 bytes)
Hash aaa9f35c34c2bd47b672edaf77e8bba4
55781d7539a900e254985f834dd339cae3a422df
cc4c1420afc60b8d8cab06a650c3e5616217dda0ed312b4bbd9a5cc58c322a6f
Analyzer Verdict Alert openphish WhatsApp
GET /WhatsApp_files/cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:25 GMT
content-type: text/css
last-modified: Tue, 23 May 2023 05:16:52 GMT
vary: Accept-Encoding
etag: W/"646c4c44-3ba46"
expires: Wed, 07 Jun 2023 12:57:25 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6c1R%2FtA5hh2hxyPYPHEX8S1qdeu8y3iMKV9z1fZikDj8CDwbqBeA%2F1jI0wedV2jR51nSfp9%2FtLFkKM2XiGkdFhS1htLZ1TuJeftm%2BKGGk6fS88e27KyOzmE9Q89fLbULvcq%2FQbqrqYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0dd8af0fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099452032
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099452032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099452032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:32 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daXirJcQAqaMA7gR8W1TdSqnCg97oYyE3zEix%2BaRNBIq%2FnYxc2lSR5CXrad26i0I8uARDJ1Wvd4B%2F2HfVNHMoXIxlHO%2B5eHhhNMP9WpsJrceqV3K%2FCi9bnDnyv3J%2BGQc83NOZoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f10a7a860b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/vendor1.99c20f1ecd87cc34efff.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor1.99c20f1ecd87cc34efff.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor1.99c20f1ecd87cc34efff.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:27 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVMQ4PexDTcDHOsZ%2BLgdYo7Laa4YmVQ2kSr0ExGqPuxF4l5%2F6OACZO%2Fte6Ph29FaRQXzcI3AGKvN7cWbwMqLLsMmx0dnl7dPlg47ZNTwuSDaCspcMICFPJfR7C4rrR4n0KfvI%2FBRvgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0e70d2bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/app.fcc4530fc12b9a9a1faa.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/app.fcc4530fc12b9a9a1faa.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /app.fcc4530fc12b9a9a1faa.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:27 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ%2FNgjN7D2wgtfp4LqKyxTdTt0QuzFbq3kGif2mU3D%2BcCRZJyWsm4q3cScC7Odit5V67QFo96rQEhj1HxBad6EXfnbCK0lheqEadpjLqphxS4NqcgsuaYfh1YMrD%2FyYceVsnGGM%2FKXQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0e70d2ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor2.ec3b8281cb6ba51b3d53.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:33 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7ZUeNXAZY%2BI9enJulHdJPd5pRtgF1AgPVz6y27FI%2BU9CNRwifUsQm6MI4o90%2B1lLIE4zNlJVn7qDE%2BhAL%2FpPp9jt%2B0yQ%2BTYpPjoH%2BzGjczFO5MbLH8pqnfxoWXDx3hud5kkYsx2%2FQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f10f4817fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099451033
172.67.163.159200 OK 217 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099451033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099451033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:31 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9qHeHCOj2T61s1tZPHwCZhpX3L%2BDhg49xdRE3un5INaBnBCcsOST3vGjyJ8RXUa9Zd8v20cBhSZn0X7T%2B5aHpSy5%2FZP6d4tOmBPocMljOAJ9JDgxDDyMGY2T59dtPRlCVv%2B43U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f104387a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
web.whatsapp.com/ws
31.13.72.52404 Page Not Found 0 B IP 31.13.72.52:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint8B:AE:DB:F8:4C:C1:75:25:4A:AB:66:CF:51:BB:F8:C1:44:EA:58:D3
ValidityFri, 17 Mar 2023 00:00:00 GMT - Thu, 15 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://qingtian.aascxzgt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZBzU0S+CBYyBbMM+IBLmHA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 404 Page Not Found
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Proxy-Status: proxy_internal_response; e_isproxyerr="AcLVNEb2_YnJc84sF_o62pX_LAWXo-TmNU3Ir9PI5UTSyHf5XaPQ75b50tLbcQ"; e_clientaddr="AcJGEQZw01XvAP9LSD6zx8NasgtT_knsRxAcotpyWdBHYPgEku9alKb0kdrVpqm6tNTCvCSgaLExU_c"; e_fb_vipaddr="AcIVQ-fdfLdXHkzOPMSDtsD-nbexjVVYNQ3MNkfwaFKzisvwkFvpWOB3CyFhcRkr5TOyqFA"; e_fb_builduser="AcKla2q72wrU5zi6rbv4l_NtotA2RKfHJrNyH9m9H9EX5_pMfMJRlXWpBy0YHug0yAo"; e_fb_binaryversion="AcITWfDqv_U7bgosIfFnS2QiC0HETQEHMCuOweL7kV18UE4VjrIMqQM10ZVqRhACJf3FpiEM6MD9ppyG5g4EU6WbBCQne7R695k"; e_proxy="AcJpDzjmBnuyiHUenchMsGrTHnVEYn2PiiL3mnfufATM5XpGirewI92027fTzZ1XiL8x100guht0quHP"
Date: Wed, 07 Jun 2023 00:57:27 GMT
Connection: close
Content-Length: 101
web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
31.13.72.52400 Bad Request 0 B URL GET HTTP/2 web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
IP 31.13.72.52:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint8B:AE:DB:F8:4C:C1:75:25:4A:AB:66:CF:51:BB:F8:C1:44:EA:58:D3
ValidityFri, 17 Mar 2023 00:00:00 GMT - Thu, 15 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/favicon_c5088e888c97ad440a61d247596f88e5.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: iQ0NDIMM14xQsXD7JfUp6rXUf0bow8srpMgCy4FP9wGuOp/Cxc95ckbbAihMbLee0KmKMlb+eWmnHIHvhKsr1g==
content-length: 745
x-fb-trip-id: 1679558926
date: Wed, 07 Jun 2023 00:57:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor2.ec3b8281cb6ba51b3d53.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:30 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZShjY2L78OyehSycaWTALW1IQfYHMI6r3hs2YRRwATFFp%2F%2B%2BeNnhIwfK%2F1OJaFk6UXAR0gi9dxkUlpEuKKtrz%2Bd7ujSroeol8QEAE0s7g6LxWctnEp%2FMo7Q7rtgOLhwdt1Uhw%2FXI%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f0fc7aeafac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099450033
172.67.163.159200 OK 217 B URL GET HTTP/3 34srv.anscxnyn.com/qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099450033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 016d2e1619e41ef9fd5910f20e88b97d
6d01cff9363f5ec5ea95eb85963da3af7a48d8e4
52c5468c4120a92f33333d219f1407658024ca378727b04bbf607c7bf09ea178
GET /qrcode-c91f0ac5-0302-4e68-abb2-0f55e0ef3774?timestamp=1686099450033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:30 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGgM1aiRaP6EGArlDAo9iPPiTuxn6i75I7OeN%2B5FeD%2Bbg6R2JcYEsJwqoNKuR8nLO07XO8yffwGtI8VFFTHtJQJr544sQys6rCiezvukFkhaasO%2F3Zlh1jld8JMqX4xsmc%2FZzSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0fdfe680b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/WhatsApp_files/cssm_qr.fd652868ecd9e5bd5fccf5a20a5da0d1.css
104.21.27.160200 OK 65 kB URL GET HTTP/3 qingtian.aascxzgt.com/WhatsApp_files/cssm_qr.fd652868ecd9e5bd5fccf5a20a5da0d1.css
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type ASCII text, with very long lines (64972), with no line terminators
Hash 94d17ee5608e9ef3926c1da14b2ed1c8
601c044e13331c2d2f5b26547550bbc2f83b605d
65dc95f0c6c655162478c4ad552330a77cf38f31a94ba0646c20d1761de554ab
Analyzer Verdict Alert openphish WhatsApp
GET /WhatsApp_files/cssm_qr.fd652868ecd9e5bd5fccf5a20a5da0d1.css HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:25 GMT
content-type: text/css
last-modified: Tue, 23 May 2023 05:16:52 GMT
vary: Accept-Encoding
etag: W/"646c4c44-fdcc"
expires: Wed, 07 Jun 2023 12:57:25 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IOuknfRX1BNveQqiPD53QiXta1TKMbAEoA2Vw1P2r5Tg4KosWa1JcshC4Ab1%2FF%2Fu7xeRQAQ6BGYfrwhnRPW0X0%2BF4aqN9ZZoiDExudyOC7eW08NUwd1ljrA5QV2jjYqsXJhhS6G3Ew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0dd8aeefac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099451032
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099451032
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099451032 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:31 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR5xdM%2B1qk1QcXoM4DyXqpndy3%2BrxW0N5L26b6ua3hmpCJTu0gptw0WUxTJyOAMY59qLYyG69IspkbyuBvUTsPmpstw%2BXmY2v1bnq0Gq2oiXl1JIt925gFCWSTgQXZFd2Yi1G00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f10438790b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099454337
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099454337
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099454337 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:35 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UEX%2B39x4WQ6ag%2Bae1BpsaXr%2B9DJh5jKKN3DIbv3%2BNpJvx2t%2BWYQsEHtJaWDt3Tsr7rgrYVK688e0MPP%2BGCWiCrdz6iNId9MfkjDcRXPb9ZoRyuCSDmXGCNnYN72MCMs9tF%2FfaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f118dfaeb518-OSL
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
104.21.27.160404 Not Found 146 B URL GET HTTP/3 qingtian.aascxzgt.com/vendor2.ec3b8281cb6ba51b3d53.js
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert openphish WhatsApp
GET /vendor2.ec3b8281cb6ba51b3d53.js HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 00:57:37 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LVD%2FlWEG9eW5diTDx2uFao2I8LzdIKllMTcmC%2BPvOFRoD1VGKrV7r0IY4Y%2By4u4%2FhR8VAQMt1XRlpVHSii0F1iK9Rv7wuRoRw1C6l8RbztIR6zqQZVRs6cVlcOaJ0yMJdlUyHtnhhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f1286dcdfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/Init?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446367
172.67.163.159200 OK 7 B URL GET HTTP/2 34srv.anscxnyn.com/Init?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446367
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 16deb034c40ffd50a64896393ecea0e3
3c7fd676031419997acfa51fa4eedf01309eaf48
8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1
GET /Init?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099446367 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 00:57:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-ratelimit-limit: 2
x-ratelimit-remaining: 1
x-ratelimit-reset: 1686100849
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlEpqig90EKnp6VvkrRmeE6GKFywrRInNK5NqdrHkTJJAu52n9jZrUq8NrWBDFDZO7SjTyZHqoP0R2hdLJ9v2n6IZoRygQkXVdd5F2FyXZnNbHxs1T5PAstIQNDCxh83g6p86Hc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0e76d20b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099455033
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099455033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099455033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:35 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBy0Mb7Y%2B9aUTBbms2o35Uy5doE1qFbnxIIhDnGIK2wjF0iKPFcRHGeBPslGH9eITvfRnqOHD19Z6VktU8gm7RNPVmcVYMGGptvEuK7jvCBIb96OR8MVo6cpSM1OboSr5zDlG9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f11d39020b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099456339
172.67.163.159200 OK 1.7 kB URL GET HTTP/3 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099456339
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type PNG image data, 345 x 345, 8-bit grayscale, non-interlaced\012- data
Hash 1197653e2927309eaee668eae03fdb63
858461a4277a7620909ec4f1ad48f531933efef5
e2d738aa32ac3963619d7d5fed04204f0c29ea3fa309360cef92abf1e02ea921
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774.png?1686099456339 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:37 GMT
content-type: image/png
content-length: 1699
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Wed, 07 Jun 2023 00:57:19 GMT
etag: W/"6a3-188935bafc8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXMVdyIVIoTwGd0tzFysSJhG6P1UkkeaBvtuglQZ4zy8Z6QBlAKMBXONpXomw8QlmDh6tNwC97k2hjDrP9A7fojXIYXVlHd8W4Kp5Oe6%2BN%2B2CwUL%2BzkeYKEPUGlM0eQz5CyNDbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d34f1256fcfb518-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099457033
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099457033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099457033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:37 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bnzoa40oEbeHmykEC1jy52n24k7h9SEybWHOWFIjn08%2F9yJjEVMmIjCV7TPX3aStN%2BdfbcV8a6BWs%2BKY3BUV7C3eiuAI1jZWi3Z6qtN3jLqhnI1ERt49QlHy5BNUf7ZfvlTp0lw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f129bd710b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
qingtian.aascxzgt.com/main.js?ver=1.206
104.21.27.160200 OK 2.1 kB URL GET HTTP/3 qingtian.aascxzgt.com/main.js?ver=1.206
IP 104.21.27.160:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectaascxzgt.com
Fingerprint3C:61:AE:1F:16:EA:25:22:03:13:1E:00:5C:0C:EA:74:F8:CB:2F:BE
ValidityThu, 01 Jun 2023 12:35:08 GMT - Wed, 30 Aug 2023 12:35:07 GMT
File type Unicode text, UTF-8 text, with very long lines (2271), with no line terminators
Hash a8c56ecc6fa0edeca1794d4967400a7f
c12887296805dc2273e86eb1fdbb4633884b1f72
98d767cea3cdc447bfffb6f92301d919987c462a374befe084546401011d32fd
GET /main.js?ver=1.206 HTTP/1.1
Host: qingtian.aascxzgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:25 GMT
content-type: application/javascript
last-modified: Tue, 06 Jun 2023 11:49:07 GMT
vary: Accept-Encoding
etag: W/"647f1d33-84f"
expires: Wed, 07 Jun 2023 12:57:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcoorsScxiyDhyA5HiKcCzSKQmd%2B32LdM8LhK%2FnSrGTsdTuGOf9w14p6Sw0NPHfH3ul0%2F4Df%2FdQZGxsxVi5XDPepNcOMTXKZ2twxcl6b3SxPSMRC71A6NLtyHXCosLsqu4eeo9N5Wfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f0dd9af3fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774
172.67.163.159101 Switching Protocols 0 B URL GET HTTP/1.1 34srv.anscxnyn.com/c91f0ac5-0302-4e68-abb2-0f55e0ef3774
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c91f0ac5-0302-4e68-abb2-0f55e0ef3774 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://qingtian.aascxzgt.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kyKyMlF86mvk25o3pn1wtA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 07 Jun 2023 00:57:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lph+aHvBUpewjcQJU0+pIJArjKw=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK5vbYhjVNEd3RXZghCDjawCRxMX%2BkYcxfJaGAoMtMFySjXER7GwpFT4O0%2FV6lnIpMqQGkIbt5Zh3nrt5TMMh5MMJR9vAiHw3TPxwPFKhTlVFiqDnUoC3zjQ8AQF%2FiVeRzxBALU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d34f0e7af451bfa-OSL
alt-svc: h3=":443"; ma=86400
34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099454033
172.67.163.159200 OK 2 B URL GET HTTP/3 34srv.anscxnyn.com/status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099454033
IP 172.67.163.159:443
Requested by https://qingtian.aascxzgt.com/
Certificate IssuerLet's Encrypt
Subjectanscxnyn.com
FingerprintB4:3F:6D:1E:D8:91:43:E7:4E:0F:21:7E:17:E2:FA:78:C2:B0:9A:60
ValidityTue, 06 Jun 2023 08:55:13 GMT - Mon, 04 Sep 2023 08:55:12 GMT
File type ASCII text, with no line terminators
Hash 5d7b9adcbe1c629ec722529dd12e5129
3d81ef27eba95e8237b3f30072bc5c32bf8c0c35
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
GET /status?uuid=c91f0ac5-0302-4e68-abb2-0f55e0ef3774×tamp=1686099454033 HTTP/1.1
Host: 34srv.anscxnyn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qingtian.aascxzgt.com
DNT: 1
Connection: keep-alive
Referer: https://qingtian.aascxzgt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 00:57:34 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leNPBqf5kZTbh3IkBVNrK%2FQ9newETzs2Qk55DegsvmHXF9clVg4nMwUbQZ7azrTp7KtXg1iHEJYsued49vSsAtAeWlWW63LkkcXQz8DDGP2BCndHeziJhB1AgjrjBlvxDh1ELMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d34f116fe6e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400