{"report_id":"3d295965-b426-427a-a4fa-42069d8e0964","version":0,"status":"done","tags":[],"date":"2026-06-17T14:27:05Z","url":{"schema":"http","addr":"andafpro.com","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"104.21.43.155","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"andafpro.com/pc/#/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"title":"ANDAF","dom":{"size":130644,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51074)","md5":"4c5aa83c24b1b838d4d9ff98e7d4919a","sha1":"a22dfe6e0468673357947bd9ce335085e47579f0","sha256":"57aa1bb795bfeadc90283f555be0e15b619f615a9f7dc026ea4fe204e9d98d0f","sha512":"6489aed97791508ea183ca2915d02cf9d215db5644026fd76e9e9976bc9c3513d9a977c6f2fd8cb06e73c1ec224abff3435fe62653b0b4a1d752656e3762dccd","ssdeep":"3072:daLWouFzYGR2yIBXD1QZhBVft1s4yhBVft1MthBVft1MxhBVft12xZzZzZzZzZiw:wW+Y","tlshash":"dbd3d564b1251573cc73d2d8d0623f0d3d9af20ba8c6eb91baed0a961fc7db825024e5","dom_hash":"domhashe16f7fe7b3f3a0933cb7c5576e6ab3a4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"andafpro.com","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"104.21.43.155","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T14:27:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"andafpro.com","ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-26","domain_rank":0,"first_seen":"2026-06-15T12:33:55.91146Z","last_seen":"2026-06-15T12:33:55.91146Z","alert_count":30,"request_count":30,"received_data":5763587,"sent_data":14756,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"api.cvbhrfsh.cc","ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2026-04-07","domain_rank":0,"first_seen":"2026-05-06T11:01:18.226106Z","last_seen":"2026-06-15T12:32:12.016062Z","alert_count":0,"request_count":27,"received_data":189218,"sent_data":14353,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cvbhrfsh.cc","ip":{"addr":"43.98.179.84","port":3000,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2026-04-07","domain_rank":0,"first_seen":"2026-05-06T11:01:18.226397Z","last_seen":"2026-06-15T12:32:11.919664Z","alert_count":0,"request_count":1,"received_data":182,"sent_data":578,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/jquery-3.4.1.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-17T17:58:44.993296Z","times_seen":6989,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/swiper.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","size":122748,"data":"","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba448ca16546feb29537dcfe87a3e57a","sha1":"66f7d20839c5a801b6cd04aa111277e027e46317","sha256":"691f6422b39b6d633223188332bfdd3158cb31fd11cede187237a1094f48c963","sha512":"ce7f95be58dc89ffd344a5406d769d104c2bc9c2b6ee449a27e4a2f63b2c5869359f2a74bfa72da8738a702e5a32acf8676de6d90dfa47097dd7f1f75a2195ea","ssdeep":"","tlshash":"5c4156ae0c70009155b3a13c177f0788351466db8c497c997a1c61a47f0a9afa3fa7de","size":2298,"data":"","first_seen":"2026-05-06T11:01:26.081876Z","last_seen":"2026-06-17T14:28:04.649974Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"302cbdb6aea49ee5b7645b7ff97b199a","sha1":"aed456157d46e526bf1cdc12a08e69279df9beb4","sha256":"5b2db6f12417a528eed2e2a339c34f45f06787830f2a38fb35c57094d8072331","sha512":"4da22cd85c748d38060051d3d142f8aad46da0d8917a1eca586929fd25471ddaf9d5900d098f685f5985b880505d6e023231dc8c786feca36505bc3162c37159","ssdeep":"","tlshash":"b6011289fc42b07696963628723bfa07516212251888a4335afec37fef32d87811368c","size":838,"data":"","first_seen":"2026-05-06T11:01:26.084391Z","last_seen":"2026-06-17T14:28:04.65088Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/app.31018229fcf5d01e8fdf.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f80bc5699e39388cf8fb98d7903cdcfe","sha1":"29b495e0c45017e1cd6b5c94bd58842406d980fd","sha256":"a1b6aeaa0c0b15c3f435ccb06c26dd48b0cf4c45070d1fc963892e9799dea8d7","sha512":"0851a10f3ce6d8b420277c7441e67747551ccebdc0bdf97e45009eeb72a2eeadaf17cc44cae1403ea72e0fc5c08f8f2318b58f3987727e2153d449aa37d98930","ssdeep":"12288:INrGFZCEcWjM98NI+NMJGNynMlRPGNpiEj7ay0fDxEMoshD6UcV9FY0ZconS//Cg:IwFvjMr/ii8","tlshash":"ddd46d7b11ce59a819428a06b28b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","size":631173,"data":"","first_seen":"2026-06-15T12:32:19.659759Z","last_seen":"2026-06-17T14:28:04.638947Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba448ca16546feb29537dcfe87a3e57a","sha1":"66f7d20839c5a801b6cd04aa111277e027e46317","sha256":"691f6422b39b6d633223188332bfdd3158cb31fd11cede187237a1094f48c963","sha512":"ce7f95be58dc89ffd344a5406d769d104c2bc9c2b6ee449a27e4a2f63b2c5869359f2a74bfa72da8738a702e5a32acf8676de6d90dfa47097dd7f1f75a2195ea","ssdeep":"","tlshash":"5c4156ae0c70009155b3a13c177f0788351466db8c497c997a1c61a47f0a9afa3fa7de","size":2298,"data":"","first_seen":"2026-05-06T11:01:26.081876Z","last_seen":"2026-06-17T14:28:04.649974Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"302cbdb6aea49ee5b7645b7ff97b199a","sha1":"aed456157d46e526bf1cdc12a08e69279df9beb4","sha256":"5b2db6f12417a528eed2e2a339c34f45f06787830f2a38fb35c57094d8072331","sha512":"4da22cd85c748d38060051d3d142f8aad46da0d8917a1eca586929fd25471ddaf9d5900d098f685f5985b880505d6e023231dc8c786feca36505bc3162c37159","ssdeep":"","tlshash":"b6011289fc42b07696963628723bfa07516212251888a4335afec37fef32d87811368c","size":838,"data":"","first_seen":"2026-05-06T11:01:26.084391Z","last_seen":"2026-06-17T14:28:04.65088Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/w3model.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","size":428813,"data":"","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/web3model.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","size":430146,"data":"","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/country.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","size":44047,"data":"","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/#/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-06-17T20:06:04.666655Z","times_seen":23061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/0.00b555ba9b391581c2cb.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d871780635e6b48c72d88f1846de6732","sha1":"039b7055b907bab64c056eb2a7d3e80e4c887a94","sha256":"a68e69197ad302e0ee0e9fde51b75237529e95f699c668c1d792a0104e9feae1","sha512":"78147bccd39f2533885de0a0397aedbff7e264ff3a2ad02da78fbc9d2bd367b43fd411443acf9d74fabffcc6c4a0734b1b1d1cde484845f5835ecfc3d18a8c2c","ssdeep":"3072:3WR3NF/5VHhkVBozVrWogaYmC5DwhvvxHK2kKS:30r/5DkVyrFCxwRvwsS","tlshash":"f4345c19b043b679487a4061202f2129b0752fd96809d0a6f778dce5adf4eb9232ff7d","size":239822,"data":"","first_seen":"2026-06-15T12:32:19.673594Z","last_seen":"2026-06-17T14:28:04.635636Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/manifest.d8d9138c1b12d4ddc3be.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f93eee94772d8216216eb6654f45ce6b","sha1":"66fb756699d2c027ba4fd13cfaa984ec33fb6120","sha256":"a82dcae9d5484a0dc9c6246e33c3955d59d88f14ff1fa67ecee6256ad7470006","sha512":"b4de77572ea85520a15c42ec036aa0d0ac91e47b78c852160cde52ee0406a586bdeee63f0246457e7294c0eec288aec1f20ec904b00ee3a636caa09d65118070","ssdeep":"","tlshash":"ed51f6ae767dfcc6a1b008c04577a2a4a22c68267c6ccc65c3d4e2a47c31e859312bf9","size":3145,"data":"","first_seen":"2026-06-15T12:32:19.703817Z","last_seen":"2026-06-17T14:28:04.649442Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/#/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba448ca16546feb29537dcfe87a3e57a","sha1":"66f7d20839c5a801b6cd04aa111277e027e46317","sha256":"691f6422b39b6d633223188332bfdd3158cb31fd11cede187237a1094f48c963","sha512":"ce7f95be58dc89ffd344a5406d769d104c2bc9c2b6ee449a27e4a2f63b2c5869359f2a74bfa72da8738a702e5a32acf8676de6d90dfa47097dd7f1f75a2195ea","ssdeep":"","tlshash":"5c4156ae0c70009155b3a13c177f0788351466db8c497c997a1c61a47f0a9afa3fa7de","size":2298,"data":"","first_seen":"2026-05-06T11:01:26.081876Z","last_seen":"2026-06-17T14:28:04.649974Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/#/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"302cbdb6aea49ee5b7645b7ff97b199a","sha1":"aed456157d46e526bf1cdc12a08e69279df9beb4","sha256":"5b2db6f12417a528eed2e2a339c34f45f06787830f2a38fb35c57094d8072331","sha512":"4da22cd85c748d38060051d3d142f8aad46da0d8917a1eca586929fd25471ddaf9d5900d098f685f5985b880505d6e023231dc8c786feca36505bc3162c37159","ssdeep":"","tlshash":"b6011289fc42b07696963628723bfa07516212251888a4335afec37fef32d87811368c","size":838,"data":"","first_seen":"2026-05-06T11:01:26.084391Z","last_seen":"2026-06-17T14:28:04.65088Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/#/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/1.59a042873c3c3ebe5f78.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6ad4a93687e871b7ffb7b2a0cfa334f","sha1":"6194e0bba6295167cfbb3d0c836b35fbda554276","sha256":"404243c3d9985a90932ec7a9947af61ff8fefc8b37a760dec2bc4376ae937193","sha512":"3755b8ecac14e30442614297ebd39c5bcbd61b5e26e1f5b7e3ea6ebf66939da6452486e786147a679451d14511463cf497aa230f27b4784cd2c4f09b582daeb6","ssdeep":"768:O1g4pOx27O8/L3bYeRyHYLDJjE1VlQRL14ti/gWRLMsshai/gSas0JDd/:OS4pOx268D3V4H0DBE1UOti/gJai/g1J","tlshash":"e4233a0ab487b66dcc3a4060962f2139b03a1fe8901ad1d3f63cd9949ae5d39171fb7c","size":48322,"data":"","first_seen":"2026-06-15T12:32:19.655077Z","last_seen":"2026-06-17T14:28:04.63207Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","size":10607,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","size":9697,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","size":13418,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/vendor.e2a9e1d897f042e77815.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c1fc5a3d544e8a47e0e77df7dc335f5","sha1":"360424132b5c46736d7087b869d74919f4f9c1e1","sha256":"d14466cbe1e5cf0e2132ba461c6205920f53df4346238a89d02067323159b5a2","sha512":"45b6dd6fe9e199d5f6a1389f94fd0c546d42b80a74b1a18529e89afba635f6d32085d6000f09e5a1df89ab2e52a910bd61499fdc917109a1f9bd3e5af8fa271e","ssdeep":"49152:IH4KkoNRm5Pzk2JawX0BBL2JXzdUimRH2vDe:FLP0W7UpH2i","tlshash":"c2852b9d32c4b46247e321b5503f240ba3372958a80ac458ba75d4daacbd94e633ff7d","size":1786906,"data":"","first_seen":"2026-02-27T09:48:17.206707Z","last_seen":"2026-06-17T14:28:04.652513Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"/","filename":"https://andafpro.com/pc/static/js/app.31018229fcf5d01e8fdf.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/swiper.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.705Z","timestamp":1781706402705,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/swiper.min.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-1df7c\"\r\nexpires: Thu, 18 Jun 2026 02:26:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JuJEbLJ6MW8lgP9XS4Jqk4iP4hP2l2s5qDbphUOId1ZJk4nLTI5OotHJHqvUJGPf1awoC9cnb8Qd7r7gRJrmdbxhHSDHWBHBOqQfzv8itTB1WRjaSzeFeaMo5EmCauI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18ea5723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":122748,"size_decoded":37410,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65264), with CRLF line terminators","md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"resource_available":true,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":194,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getGG?lang=en\u0026rtoken=PnByKE38RSnh15","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.318Z","timestamp":1781706406318,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getGG?lang=en\u0026rtoken=PnByKE38RSnh15 HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76,"size_decoded":428,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1ae444c6884d1bf3b2026258cd88db35","sha1":"375ec1614715e4cebc549a24ba597ba84fb4f1fa","sha256":"7e8bdd8051776e4c0ad72dd792f0177eaeb2affba48ea3337d1f64c08ed0c3e5","sha512":"897818881c15ee1de16516a549594752eaa00faa463d7f6817812e0510e5ac8d4c524ae934614e39fe3998a8365c5c87d31cc0b9b35edd6499c54b8221a9846c","ssdeep":"","tlshash":"47a0120029042d040a05b007ac1978c0216c109748002840c9452e28c3531203742030","first_seen":"2026-06-17T14:27:13.18014Z","last_seen":"2026-06-17T14:27:13.18014Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1037,"timings":{"blocked":-1,"dns":3,"connect":269,"send":0,"wait":491,"receive":0,"ssl":274},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/iconfont/iconfont.css","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.694Z","timestamp":1781706402694,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/iconfont/iconfont.css HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-acb\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sLjOlLimop%2FYIMXJ%2FvlPReNVlF%2BeNCMT%2Fab1P6bPQtQmAaoj5hJTsv2iELZ8ck7IksBJ5%2BZaMSIFWW6wa6rxsS91zmC1C0dgD02BzMfPJvNn8yly93oxuSLCvsx1jp0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18da4f23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2763,"size_decoded":2659,"mime_type":"text/css","magic":"ASCII text, with very long lines (1881), with CRLF line terminators","md5":"33d9b388cc148e6dddd6a6a4a14c12d3","sha1":"913f02bd13b862ac68800eadaf1a484c3b20aaa4","sha256":"ae4df143a2ee5a22c936892413a619a5afb57d04f5dbac72c60e23994c804937","sha512":"ce1b4187dc69531155ec5db9fd5a2451d967cccd8b42367dd8b7f48f467c247a4317af37377dcfaf2da00a4800fc8c0c274ee2dc82f0796795aef6a802eefc91","ssdeep":"","tlshash":"ca51f8ba584d30804bb16c7073e739249e5418bf9f5a28c2b52a246d45f7e20e2d2bdc","first_seen":"2026-03-06T10:13:01.542912Z","last_seen":"2026-06-17T17:08:22.017048Z","times_seen":46,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/bg3.0733f40a.ac10c5a.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.299Z","timestamp":1781706406299,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40a.ac10c5a.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-42f69\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FxD3u4rICa0soLKkKTe08TqCmXA%2F3V0BhTXTZ3AdtPWx1UolUu2dLakqdDlDi8W4%2FtEDEpGfWIt8pvbTeTgWWYhLVt8SsvvR3rikFJLzpACJ7C8NQenSCvjdJq5o0BI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 274281\r\ncf-ray: a0d2bb2f6ee323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":274281,"size_decoded":275055,"mime_type":"image/png","magic":"PNG image data, 1050 x 542, 8-bit/color RGBA, non-interlaced","md5":"ac10c5a78c5cc6e299dc872f4588fb5e","sha1":"6352f25dfaa665e6847957bb1efc25a0eddbd167","sha256":"b2198da5aa8bbd9cad511fc8c2a09009e244c1b88023634d6b896c1f4203d318","sha512":"bfb48cb5e7e1a0bdc6ecd379b9ffc3fdab1d4d5d377d133f8b2552f0ea207e2db98ceb665661b189e443412bae668d2e5684f988036b730876baeac7e72f850c","ssdeep":"6144:HH/gszkz0HWf7ViBD/JdK1ICQz+EUtyG2BWot:HLzkz0HkpiV0Ozveot","tlshash":"894423ed4b528591d128cb0e1bec2cdc5f511448e4c84279795fa8a2a02fdef1c92f9f","first_seen":"2026-06-15T12:32:19.656644Z","last_seen":"2026-06-17T14:28:04.62404Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":819,"receive":594,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getQrcode?lang=en\u0026rtoken=yrGA8W3TtraiM","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.321Z","timestamp":1781706406321,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getQrcode?lang=en\u0026rtoken=yrGA8W3TtraiM HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":290,"size_decoded":642,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3214c82a88415980626f1ae1f1d66fad","sha1":"adf547016aae2195b2afaecb3878470ebc1bd2f0","sha256":"34814abba1f4f0e5b9294af08ca554146e0855648dea75132757e6dc913eb4e6","sha512":"5483449e4bb746e75f61b3fe3ee503b6f580c923d8a99f66937166c5a7f593d49365d02693d4719ebdcb5cb7c36dec1ca7f693dadb38d8a2359c6238dd977d5e","ssdeep":"","tlshash":"54d0c2b32e948c0416b260d1261f39dea91e91839d40306dcf840be890225332117e72","first_seen":"2026-06-17T14:27:13.189627Z","last_seen":"2026-06-17T14:27:13.189627Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":-1,"dns":1,"connect":274,"send":0,"wait":507,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/xrp.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.472Z","timestamp":1781706407472,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/xrp.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 10658\r\nlast-modified: Thu, 19 Jan 2023 04:54:57 GMT\r\netag: \"63c8cd21-29a2\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10658,"size_decoded":11001,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9570d96dea0a3383407c5269d859c7cf","sha1":"3c7077c3e8f2f13ebae17adb28013c4e79e36f0c","sha256":"fe8fdfff3112480f8b11dbe6c6d23fef3066d94bf92622dba2fed45fe3999006","sha512":"4bfa5a222d8ae0a74e02f86b3fdd7a0919a92d563b8a65da88ce1ca7ad47cd180c4a1103e6a361c124281000b42b91353b72d4f834c8df04c3e827ef398182b0","ssdeep":"192:Lkkn8Hh8N/uvVnGTzQT6yYh8uBfWQidYLS7nRC3Qvv2O3eJIP8aK:7n8B8N/uvVGPRyXu9PidYL+RE+3GIo","tlshash":"99229017d9095ce8af08fc89d574aa5beb3b54c0c841740e1855549ffaf04f595cc4d7","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T15:50:19.22262Z","times_seen":49,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":474,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/ltc.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.476Z","timestamp":1781706407476,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/ltc.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 3000\r\nlast-modified: Thu, 30 Jun 2022 09:13:08 GMT\r\netag: \"62bd6924-bb8\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3000,"size_decoded":3341,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"d2aac3e0950db13ab4de39f9b3fb3250","sha1":"7874f43168bd616b0dfc1b1dc0f80690325a6504","sha256":"8763ad8af5caefedb4b1a20bb07625cc896c037cb9b0ccf735b9f29f4b51710c","sha512":"22f9c75684a6635b92cb83e637494c0b6f0b47c22c062596b42186e8aa063bc2b2461b3ded4b4b85387ff25e8dd53e900c757ecd289182e30be2e20389b38a2b","ssdeep":"","tlshash":"be512bc2f3ee59bbdfa08d01990d4737e22894a320915ce716355e3d1a12d9dda00ead","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T15:50:19.216652Z","times_seen":94,"resource_available":false,"data":null}},"time_used":713,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/swiper.min.css","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.710Z","timestamp":1781706402710,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/swiper.min.css HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-4d4a\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OU3VBWRPgW%2FtRYXrcElne9uTVxdyX7uVoAFSx0Yeb%2BGnOU973ZY2wOYr0QpbT0He9k1uNp4ZMB2km3z6%2Bzcdkjc7%2B%2BOsaZX%2BvA%2BQ1ESqKLBLIII6arD3tx6PdSp4wII%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18fa5a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19786,"size_decoded":4274,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512), with CRLF line terminators","md5":"94160d512c97c05e7c4aeeadd30f23c0","sha1":"04261a673b7e5100f78742455b8b7eb48ae11566","sha256":"783bfe0f2494079631972de7df124e1341f235b0b37d51d3c488356c1fca06f8","sha512":"121df9bdbaa00deaada17df94f56fbe36ddce44494022760f21ce7e59dc589d62c296ca5b661d642a6ca0155081ee35c18a45c53f982b5d98df4cf3e76aff1cf","ssdeep":"192:PphaNv/lSSyJWCh8zfi5o/mXDN3eBxwdJ5R:PHa1/lS0Cifi5o/mXOGJ5R","tlshash":"b392622c17003057e2334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-17T17:48:16Z","last_seen":"2026-06-17T17:08:22.08553Z","times_seen":84,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getBanner?lang=en\u0026rtoken=2WiYtRB","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.317Z","timestamp":1781706406317,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getBanner?lang=en\u0026rtoken=2WiYtRB HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":451,"size_decoded":803,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"77fd93f474a4c2529287463c72679728","sha1":"bf1d8a783ed170cb18edee5c39a223724f083e5c","sha256":"726ed8aa251660e651d4b0db305cbacea1efd3b21acb2fa9c83870bbe812a49e","sha512":"433f758de4b485b041f4252ec4ab41a971924c73de46170212cda06abe0627a2c94daa1c336c9187e2558b8f93e91a7d7b487618a33ccbeec4e62fe290129aae","ssdeep":"","tlshash":"22f082221da86437b6c451ca081774686e8ef502dd88166ec5ce5d6d81adbb057072ea","first_seen":"2026-06-17T14:27:13.195444Z","last_seen":"2026-06-17T14:27:13.195444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":5,"connect":272,"send":0,"wait":484,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/btc.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.422Z","timestamp":1781706407422,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/btc.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4460\r\nlast-modified: Thu, 30 Jun 2022 09:13:03 GMT\r\netag: \"62bd691f-116c\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4460,"size_decoded":4802,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"9eb539141888680fff6af0fd28192cb6","sha1":"acb0616e046a9245bbbe5a103a7084aa84690143","sha256":"e1a52196ce78bb48c596194be187394057e3f8db03b2a314efbd358a9b1c0a46","sha512":"9a21f75879b30c9fb0adb138215d50e88cea6bad1fc7742ed866d21115330bed45a1a5d871e0918ab7c623f1cc309deb269bcb92cd4ead546dfad2bc509737db","ssdeep":"96:Wefn1ttzgLb0WBkw0JgfAsWEqgHcG5iU27QGmWCFCL:J1tZISnef4g8G5iU2N+s","tlshash":"bd911961ef9551fbabaa5a0e13fd0093e571ac7e5284da1528c7717f825afe10cf8d00","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T16:37:09.019484Z","times_seen":80,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/bsv.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.458Z","timestamp":1781706407458,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/bsv.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 5498\r\nlast-modified: Thu, 18 Apr 2024 13:56:43 GMT\r\netag: \"6621269b-157a\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5498,"size_decoded":5840,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0d59d213ad783528adfeb1d20e1adf93","sha1":"f8ac8bd0de83dfb109ddd7f471a4d2fc9810d5ac","sha256":"1166a5cd4f51593c9a5e08f29c6a4619645c92c96b49f42cad35335a21dd9793","sha512":"de7bbd0436b058559aeed7cc050029542db5a2d68802cb6f2d77bbf3c09e28a74353b5c080cd85d73bec9b918b3f0530afa51aba1ac12c95bb73f514caf77988","ssdeep":"96:VIrZQ20cPRHXflxra2KpD8DGvHiJa5Lkj/vqz9yP4hukLmj318f/O26GR59jgCWP:ZLSDra2AD8SvHPC3qIGuN3P2zHNa1ck","tlshash":"12b16ce76744e198af7f448723a9c6cc640ac536c8b5a169d17640d8feee244c84798b","first_seen":"2025-10-08T18:47:54.17931Z","last_seen":"2026-06-17T15:50:19.226761Z","times_seen":36,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/doge.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.480Z","timestamp":1781706407480,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/doge.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 22442\r\nlast-modified: Thu, 23 May 2024 14:06:06 GMT\r\netag: \"664f4d4e-57aa\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22442,"size_decoded":22785,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0c569ef88ad83d698e3ae278f59132fd","sha1":"b82eb090eaf49dd1580af9a66dd224eec7a54d49","sha256":"ffb0c803df2aab477ba5e0d882010316e1fcea34405c8d74bd3d9fdfcc9e1649","sha512":"f2b59960c791b606903a09a59a8a19836a80c83389f335d59ed01df748c95578937ca2665e2fd3411cc0ca00bddb8d0899e12bfab94fada70900939534026258","ssdeep":"384:5mn2pcQ1upNUsOosNpbVoT22ZV+eGzt4HexSk83+n0rNlugJbb5DJB27y:g3Gsv+yT2CQG+bh0bdbb7J","tlshash":"5fa2d155de6199819c9fb40802e93bf67ea6cb400bdf755257f28e01c8323da2d4d85f","first_seen":"2025-10-08T18:47:54.22222Z","last_seen":"2026-06-17T15:50:19.245115Z","times_seen":34,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":469,"receive":247,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/credit.css","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.712Z","timestamp":1781706402712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/credit.css HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6a2f4e46-486\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0b6%2Ffhu%2Bs7sY%2BSLmmszjoac%2FHZptUUhf6HspybfUVNbWvfzy4E3i9ILDafSiCTHLZFqoZKMJULA3JLku4VekeS%2F0QTS8yQXfn9A5fx1M9uyxxx1FcGX8upd9%2FTwP1EA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18fa6023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1158,"size_decoded":1346,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"5a7fa046f781d26b95e54a677a8fb4b4","sha1":"1757d1022877d02cfcf9942d46ed6201878c6c73","sha256":"76d1d8567e8eb407f259585548ff5c0b3c3b9cf14cc6701f359b2d812493cd1b","sha512":"4b481baf5a408f3f70eec7f360412075b2a95363daf63ad1004ee29f671b6d3445cf71534e7f65c9de541253469d41c4ce9c4227b1902cd77baf31068845b116","ssdeep":"","tlshash":"0e21d02eba0e284adbe93ed23efc2a64de7e00ea15b342d0f298c154e1d2c1913745d5","first_seen":"2025-08-04T10:45:31.520242Z","last_seen":"2026-06-17T17:08:22.007444Z","times_seen":70,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/link.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.443Z","timestamp":1781706407443,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/link.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4720\r\nlast-modified: Thu, 30 Jun 2022 09:13:07 GMT\r\netag: \"62bd6923-1270\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4720,"size_decoded":5062,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"daddfcd5b19144e686ba7f4048f9de63","sha1":"a1803333e242fd7ee0900da9f236a39f4cc2b802","sha256":"c707189076cf26f3b6c84b5c712f6f0e6b5de0279efbdb5d4d90d3698b8cd1ef","sha512":"646bbe55e2c6683959c978bd504fe71abcd8cc558129a42c9114593b70033c729a42469b919136a82e439d404518790a32ba8228e9c1245453c05cb2bb7addf9","ssdeep":"96:eqnGuMdVvZUGnDxNH6gJj0JOfJdq84MgqZIAWIJZhEHKPtZmOCGaZmPPPsj7:3mUEDxNH6gyJOhdZOqZLW7um8nPo7","tlshash":"aba16daef6781159e6d9744b030570699638d231240641a9c813c93b2a7f3aeaa426b3","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.018008Z","times_seen":92,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/0.00b555ba9b391581c2cb.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:45.001Z","timestamp":1781706405001,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/0.00b555ba9b391581c2cb.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-3a8ce\"\r\nexpires: Thu, 18 Jun 2026 02:26:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gfI%2FIZIfPn8QkyfERm3efN5L2dNR0lM9YmrrR2AG%2B7%2B1HKzaSHnXgb%2BGZr40%2B7Bnl1jDo%2Ftl3%2F0elKjJvlnO0GPcEc5psjMe5d9R%2Fc6jrLnCMgkCOacQSMbt0gn1bog%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb274d6123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":239822,"size_decoded":98742,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65516), with no line terminators","md5":"d871780635e6b48c72d88f1846de6732","sha1":"039b7055b907bab64c056eb2a7d3e80e4c887a94","sha256":"a68e69197ad302e0ee0e9fde51b75237529e95f699c668c1d792a0104e9feae1","sha512":"78147bccd39f2533885de0a0397aedbff7e264ff3a2ad02da78fbc9d2bd367b43fd411443acf9d74fabffcc6c4a0734b1b1d1cde484845f5835ecfc3d18a8c2c","ssdeep":"3072:3WR3NF/5VHhkVBozVrWogaYmC5DwhvvxHK2kKS:30r/5DkVyrFCxwRvwsS","tlshash":"f4345c19b043b679487a4061202f2129b0752fd96809d0a6f778dce5adf4eb9232ff7d","first_seen":"2026-06-15T12:32:19.673594Z","last_seen":"2026-06-17T14:28:04.635636Z","times_seen":13,"resource_available":true,"data":null}},"time_used":1174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":787,"receive":387,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/bg3.0733f40b.60b0adf.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.261Z","timestamp":1781706406261,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40b.60b0adf.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/static/css/app.52a5edfc6ccf52628c11dccfe52a5c48.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-670d2\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KihoAy2QyRFKsxNzJK%2B2IWYoaKbE%2FZpH8%2F%2BthdUFlsBXEOjJzOlia1aFouFgx7DIcNYXvqZN7xUSBVtXQAj9dREbzuDbxsYa4Ic2NpRGbRE5K3HjSuCYAs4QaQZNXJ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 422098\r\ncf-ray: a0d2bb2f2ed323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":422098,"size_decoded":422874,"mime_type":"image/png","magic":"PNG image data, 1307 x 880, 8-bit/color RGBA, non-interlaced","md5":"60b0adfc61a61f25a34b3648928c39b7","sha1":"124fcd0c6562052431508f94eb24157c09e4945a","sha256":"c19a2ec230a1d3d380a929272b0deb839fb1b212f8beb44b611941bec55d2172","sha512":"1aacc61ccea7a2c0c9cdee1d68226accddc0c497096bd7fd116494d6cce975fe41a8ef9089c6a77767177cba0ad0ebaef0bc29f7ee70b903b65fffa66dde81d3","ssdeep":"12288:fpbJCbgn7L5WTTusnECYEKS4RYTrEoDVo7s1e:RKVC7CY7RYkKo5","tlshash":"259423a04013ca025ed914d6ef439fbe4aae1844b55d807967b4f068006f3df4bb9abf","first_seen":"2026-06-15T12:32:19.721311Z","last_seen":"2026-06-17T14:28:04.642969Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1604,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":614,"receive":990,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/fil.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.454Z","timestamp":1781706407454,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/fil.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4005\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-fa5\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4005,"size_decoded":4346,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"4edc5dafe73f16af2629cfb1fd6cb4d5","sha1":"e5d6aeb9955a18693871b73a83577abdf64e5293","sha256":"586c85d6fd474cab3947b5f3e64c3fc76fb8620111231682106cc9abfdc5339a","sha512":"49d64c4278a861b60b1c0a0341a2e3b96f2988165d5c3a7deb779f8592d4242e8552669cdf9a9d9e9997d2f84f02470b926effcd5437343aee872c172a507e31","ssdeep":"","tlshash":"e4818f877f354c078c6ca096024e2b36d5bfa80264f4c8edbf6160828b5f5058f9d5dd","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99677Z","times_seen":54,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/eth.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.481Z","timestamp":1781706407481,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/eth.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 3516\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-dbc\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3516,"size_decoded":3857,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"e1bc34d227baeb59b92475d8f7642b9c","sha1":"6f0c77064b9409b0a033281f1fc61479c90944b8","sha256":"44dc496a6f8f3214e47a8ac45adf6b81792de84f5f33f5257a0759865514c8e8","sha512":"f8f0069a89d9c9b957329b574485cbe5103c5af096ea10b1289e909c35de8d5cf14ac8b418366622bda20a887d49658d792772d090179efccd4aecc6c98a45ca","ssdeep":"","tlshash":"24716df2d915033083fab0719b0492dbeb64f74519c4a0698d9c8d2924b9e34b2d22bb","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.007499Z","times_seen":60,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":467,"receive":247,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/favicon.ico","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/","date":"2026-06-17T14:26:42.181Z","timestamp":1781706402181,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T21:31:14.595228Z","times_seen":16493148,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/bannerImg.c079820a.1fb7341.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.293Z","timestamp":1781706406293,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/bannerImg.c079820a.1fb7341.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-2cf70\"\r\nexpires: Wed, 15 Jul 2026 12:33:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 179595\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BYAm0Q9Ev31R1OVWpLfYpz6eEtomh7xAUDUR8W8PG00G5vVdlwlPQ2gXsK%2BW4%2FCeu2DCmN3Cav5UTaAlkJptic5QEevCx6TCUq8NT7x5ysvw2vn7hYNRXb1pDUaWz8I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 184176\r\ncf-ray: a0d2bb2f5edc23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":184176,"size_decoded":184960,"mime_type":"image/png","magic":"PNG image data, 582 x 552, 8-bit/color RGBA, non-interlaced","md5":"1fb734195657c522bde0c92cd899ccd2","sha1":"9d84e04fb24784d7b3ccdfe80f8dd2f1ec990bff","sha256":"3a5d6ebdbb62e50b928794d0dcd97880325a8329cbe74d8910712d4b245c0a5e","sha512":"30cdb82f96dbad162cc8b8b1256e19a947b52fa95020d6025fbbafc8dcca68e2e44db083da8643cfcf421365631ea0b159a105c7d843013e9705ace59668d521","ssdeep":"3072:5wOm2sQrMFs2e+uu5nLy4ObOL2sTFQqCuHrzutjnm:Cvq6s9+ueWROgqXzutjm","tlshash":"000422a421d00acf9a464eca8de1666b5f1594e8a536f3c0c33d267984ecb31e1f6736","first_seen":"2026-06-15T12:32:19.688011Z","last_seen":"2026-06-17T14:28:04.61743Z","times_seen":13,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/picture_new@2x.769f9c2.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.303Z","timestamp":1781706406303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/picture_new@2x.769f9c2.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-8520\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ICiuz7bpYJyTNt1i854GEW6egD8tlB4sna3L1m3rp4%2FIWztrEWWUFHuPidHPH9HhSnvxk4EJHDfS3sE9d79%2BfFZRx5DlYN03S1jn4cyr9S71p7nQdbiuIhYhPbUYafY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 34080\r\ncf-ray: a0d2bb2f6ee823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34080,"size_decoded":34850,"mime_type":"image/png","magic":"PNG image data, 200 x 201, 8-bit/color RGBA, non-interlaced","md5":"769f9c2af46d6a271546ab97f4f02b06","sha1":"1e3fe4a2f6757efa8ee52f84ae0f33f2d4bdaaaf","sha256":"af552312a572bf6db3dcd4d629ab73df1882bf661c80dbe161bbb7205c9fdae2","sha512":"4814cba3d3fcf0442b94c2edf206ab211f665f10f7caa55db85bb31ec6faadeed33cf7782c17bcbc5e37cb69d38e020f1e2355a0b86f9ec0115a9809ebb029a3","ssdeep":"768:23Hcm/4DpPplZvf3a+m3eFVE8VFVPc42rsiLxKAc+ui56NDYQ:23palhQ3eF283VEFr9lu+l56NkQ","tlshash":"a8e2f1c95bc28d880905ab3499bb25809cb31bdcd5a55c23e7b54c11c7371b1d99ffc9","first_seen":"2026-06-15T12:32:19.676821Z","last_seen":"2026-06-17T14:28:04.63737Z","times_seen":13,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":777,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/Practical-functions3.5acc6f8.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.305Z","timestamp":1781706406305,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/Practical-functions3.5acc6f8.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-5b86\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gGOki4K9Y1Ha7tr1VGRZdkCwTX9zf3lrcFR%2F5xZHk%2Bj4ue8aKPOtQtaBPpdk5f7h7jnVax3jdyFKqOXlptWry6ZwD53Z7IpQ4Q%2BAQscdqPJWu9HM771JsOOeLDCnhc0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 23430\r\ncf-ray: a0d2bb2f7eea23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23430,"size_decoded":24202,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"5acc6f8b118e4a91b38451943b172e3d","sha1":"7876bbe1cd4f35a87e56c250731a21d4c1c78845","sha256":"3486d1c4722298dcbbff9b1de1978b0daf061072547d89760bd87a02950b618f","sha512":"c68971f48fc5d046c2118962ad351ba4b7d1cbe4e9e7524caf2c27ef45d8a82a2b84add313a12b32cd831b8d61f05d14526bc73e56b20b5d651aa932ba2ccf4e","ssdeep":"384:1+nbuslHnGlxOnaLvDl4dvXV3O9HI654+u7SNYQ2M6eiVwuYQNg32TShO8b90dPD:sBHyxIaLvDyRVeZI6TuqYxeiGIiO8ed7","tlshash":"8bb2d137ba956d6b1385b28648ea75cb314059dc86f08910bd5dc8f431bbb7f1c2c36a","first_seen":"2026-06-15T12:32:19.677903Z","last_seen":"2026-06-17T14:28:04.624579Z","times_seen":13,"resource_available":false,"data":null}},"time_used":787,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/sol.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.440Z","timestamp":1781706407440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/sol.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 15133\r\nlast-modified: Sat, 11 May 2024 09:15:11 GMT\r\netag: \"663f371f-3b1d\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15133,"size_decoded":15476,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"367f1436ee9b3610228944bd3fff5688","sha1":"53a3635989c5d1ef5f3e5c4fbf38c61c9dd9484c","sha256":"bdb5738b9fc51dc6c2fa4abf481cf26c772c1cdaf1db2501f7f8723afd7ef5f6","sha512":"4f189650a7c61be87eea1dac761a5d0065fe7c6f356f4b949ad4b22de9ce77aa09a0bef6a844d7df4c7eeb43ebd72f8a571d42290f52cd3d3785e744ea647b71","ssdeep":"192:WSlJknydbmXHNX8ELXgjuy263TxjpRXs6qaVlbgAg1wB6pDqcwtuWSnQYT+asefE:5InlB3LSo6qelUAg1OVBtuWSndTIeSNl","tlshash":"b062cf6a9c707e4c075479448e7c769ab31b028163d3dc8eecdee00ba8a25b48d9dcc7","first_seen":"2025-10-08T18:47:54.131475Z","last_seen":"2026-06-17T16:37:09.027557Z","times_seen":50,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/logo/home_logo.png?v=1","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.281Z","timestamp":1781706406281,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/logo/home_logo.png?v=1 HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-8e9\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0lAU%2BaThv4koW5RV8v0X5Rap5dnR7XjjFs8zRqMvCJDpwj5qvDZGqp9vgYuRmEadM42OMVyyMynifZqpljhzniv5f736DMBBICT%2FnuaafoUY0IhWzOphjbU1v3RiSoI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2281\r\ncf-ray: a0d2bb2f4ed923eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2281,"size_decoded":3049,"mime_type":"image/png","magic":"PNG image data, 227 x 60, 8-bit/color RGBA, non-interlaced","md5":"3b7b33d28c928fc1b9e227b937c8f422","sha1":"11b08bda9d0c0d097c543a5b4f06921e12e1b2e8","sha256":"5d0775ee54c7f87936a96a7989e1e747f33b5533bff53499e09ef0f1a88150e5","sha512":"abbe61d75aff9b0549d05078de801efdeee1b80bba5f07022815fe2cbf45c518f812daf29fd3a669b726c44a17fe523954fb88a91ebeb949ff83fcb52cf2bb72","ssdeep":"","tlshash":"85412bc4917b076b038711398b26e966d632730c4f43da51c002e527f28ede9ea4a950","first_seen":"2026-05-06T11:01:26.046632Z","last_seen":"2026-06-17T14:28:04.641931Z","times_seen":15,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://cvbhrfsh.cc:3000/","fqdn":"cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":3000,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.288Z","timestamp":1781706406288,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:09:28 GMT","end":"Mon, 06 Jul 2026 08:09:27 GMT"},"fingerprint":{"sha1":"79:21:6C:9D:2D:64:0F:D9:C6:06:5E:C4:23:98:02:31:60:6C:83:4E","sha256":"82:9F:F5:A9:4B:20:00:8B:8A:7D:50:D3:AD:44:AA:67:61:36:E8:56:73:50:7D:2E:D0:5D:70:A0:67:12:F5:65"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cvbhrfsh.cc:3000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://andafpro.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: ODwod76I2w75mkFJbr8jeA==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: lihSGt3SNWKNxY2evltl1A3A5SM=\r\nServer: workerman/4.0.18\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":182,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T21:31:14.595228Z","times_seen":16493148,"resource_available":true,"data":null}},"time_used":1064,"timings":{"blocked":0,"dns":15,"connect":261,"send":0,"wait":260,"receive":0,"ssl":528},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T14:26:41.201Z","timestamp":1781706401201,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:41 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TDbgy9dSR3NzmfX0ki2VMQH6HwAGQA3tzZbJNUHecvmn9inIbCxK9V4zYgQyfDRuVwknvBnx%2FlDP94BxZRVN%2BXmP%2FpKYdeY4ZzN6Fi1r2Ka7gclZsF3ql%2FmG9loa6vw%3D\"}]}\r\nlast-modified: Mon, 15 Sep 2025 09:03:32 GMT\r\npriority: u=0,i\r\nstrict-transport-security: max-age=31536000\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0d2bb0fb8e723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T21:31:14.595228Z","times_seen":16493148,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getLogo?lang=en\u0026rtoken=KUY1t4n11k\u0026key=web_footer_logo","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.313Z","timestamp":1781706406313,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getLogo?lang=en\u0026rtoken=KUY1t4n11k\u0026key=web_footer_logo HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130,"size_decoded":482,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9010b5c29cdcb1e48794a04bcc38eafb","sha1":"af110cb2348142a4fa27d5f38cf4590f42186359","sha256":"53dcb806331caa145bf6d0b48ccc113c778387d7e963f0433faca8f9d65a0766","sha512":"f4e650924a058401d386dba609ad1b356423c5a3c6a276194a805e1e8579642017fcafb3bbd1c202fb8d25773e6d6ae68ede1331fed6a8f1b252a5775e8b6698","ssdeep":"","tlshash":"c4c02b733b805c041702a0c26d5f34c8511d11c38c003810ce4cacd4c2131303307531","first_seen":"2026-06-17T14:27:13.227628Z","last_seen":"2026-06-17T14:27:13.227628Z","times_seen":1,"resource_available":false,"data":null}},"time_used":820,"timings":{"blocked":-1,"dns":9,"connect":259,"send":0,"wait":286,"receive":0,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/bch.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.474Z","timestamp":1781706407474,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/bch.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 16801\r\nlast-modified: Thu, 23 May 2024 14:06:05 GMT\r\netag: \"664f4d4d-41a1\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16801,"size_decoded":17144,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"2bd4379737af182cf6b374660ad7109b","sha1":"a0b1196695abbf8f226436f418d59d5e063f21bc","sha256":"f1af00d76c161758b8516a1744561a53d56cf64f531e069daee8707a483e995e","sha512":"358bd403fd26907aed06b9e3eb3f0b0d830e0302559d321ad3f5561b7316d14c47fff6ecef97708e69a397c6aa3bf966e7ef399327b19fe8d3f38b899340dd62","ssdeep":"384:5mnidTfSuu0nTbEaiXIpCg5uxNRiv5jq2a9NLTt7aeXgbA:g+usUa+Tg2iv5DSZ7xQ0","tlshash":"ee72d1c99f085c93730aaa4465b5f51337363fa9c99249e638f3142abff05b0442abc2","first_seen":"2025-10-08T18:47:54.181689Z","last_seen":"2026-06-17T15:50:19.214683Z","times_seen":34,"resource_available":false,"data":null}},"time_used":715,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":474,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/reg_checkcode?lang=en\u0026rtoken=HAWtjjKWjlW3GgTV","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.310Z","timestamp":1781706406310,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/reg_checkcode?lang=en\u0026rtoken=HAWtjjKWjlW3GgTV HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74,"size_decoded":439,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"6d8cdb6ae446fd3b6842c627dae2a9f3","sha1":"f840365184c67ccb105db95cc0742674504611e5","sha256":"013c8075dd5198b118e390c7f2454c5ede8892e56b998309b24e83dafa646480","sha512":"efce6f351378d2a0a7abf51a9f4ab5435f61cd5eb86b3489cd27a7a6a6d507a623f5ed6c65a6ebf681e85501f17ec63988d7114db063e9f353871f96376fe738","ssdeep":"","tlshash":"8fa0244314dd303345034013cd0d1f014f3c10311d00100cdc4d534457730343131017","first_seen":"2025-10-08T18:47:54.152661Z","last_seen":"2026-06-17T16:37:09.020988Z","times_seen":46,"resource_available":false,"data":null}},"time_used":814,"timings":{"blocked":-1,"dns":12,"connect":256,"send":0,"wait":278,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/ada.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.455Z","timestamp":1781706407455,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/ada.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 16287\r\nlast-modified: Thu, 19 Jan 2023 04:54:56 GMT\r\netag: \"63c8cd20-3f9f\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16287,"size_decoded":16630,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ddbd783f7bcbbf07bc974485aabfacbe","sha1":"db97ab8ca9e8938781f7f8f42f7b97b5f2a8efa4","sha256":"963ea06d1c04c2ae26332fcb8b0f1e45f2f3eba148a0b1a77ec66aadba47b55f","sha512":"8bf0121ce9c2b6b3716f12414ba5dca7e2b951e3e8204a1a2a9c737d220a2fd9915385f87a1070c42f3b8d9ebf49e94c349f902bc949f4294d7525460ce67f8a","ssdeep":"384:7nKBaor7iF6iT9pMRYHT/B6uKF1DDCm7PwGnwNAO:7qrGHT9pMwTmDCE4R","tlshash":"7f72d082c4d0df9c77c7f28528cf13aba912468269c6f912bfc4e432be54825f6893c1","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99839Z","times_seen":59,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/eos.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.477Z","timestamp":1781706407477,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/eos.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 14068\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-36f4\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14068,"size_decoded":14411,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"da9ba5e4a0300c76b10d5ae5169c5240","sha1":"9979b71310904ba882a05f526bfd81d9ffa8c155","sha256":"cf10f279b4d4d76e376495bc25361df686073d54c0fc35fd12679a8932c99199","sha512":"37645c70e3c862e21a52a3d5f7424a6fb4a70f6112c1d5566b684039d1616942e07ab907e681c08e1982d04b6d0f7af0d9e8ad625e9114c8eff5e03187147c14","ssdeep":"384:5enmj5rmwyZNMTHdD8NIkmEfJ99paN+FZ1YW5NNekk1wA6:MM9mwyZWFLdSGDgNlzA6","tlshash":"dd52cf075e460893ad08bed24dba466f7d76e7ecf402792db47b4d394ca0ae14217346","first_seen":"2025-10-08T18:47:54.191908Z","last_seen":"2026-06-17T15:50:19.248897Z","times_seen":36,"resource_available":false,"data":null}},"time_used":711,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":470,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/jquery-3.4.1.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.700Z","timestamp":1781706402700,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-15851\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fEaEWxHrjzM23RN1U3FUFgwq91OOFN%2B3TqYdhFO6Ec%2FBb%2BJ3qZbnoOiXIJeYYa%2FJIKslUbw3nHc%2BPKyvjU%2B%2FfWeaPcAccOSDV%2BJBNvloY0%2BwpCq%2FGjfdKyiFeMbPcIo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18ea5423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88145,"size_decoded":35294,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-17T17:58:44.993296Z","times_seen":6989,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":800,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/country.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.708Z","timestamp":1781706402708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/country.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-ace1\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P3%2FOncjSt0D5SBHWF46qrMLaMBgvV6SUMk49s2c4Y9o2X8YDiiNLR0GJqmFfCzc1f9hreUqqOWc2hzjAgan25yzHP7uUvWNB7wM1v19b6ZVKXJZdXtgeSAb7QL77pSA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18ea5823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44257,"size_decoded":12392,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"resource_available":true,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":776,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/css/app.52a5edfc6ccf52628c11dccfe52a5c48.css","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.713Z","timestamp":1781706402713,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/css/app.52a5edfc6ccf52628c11dccfe52a5c48.css HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-84090\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ojT6QZd3a%2FgxHYLBoatNHMG3hl27PRO23HdWMjpp%2F1BTEW%2BvzFl3TDi8iE890ogwgKg7pPCcDjvBJNzY9VXqzBJbEWWA1XK9UOT2djIreAyQJMWyjHFwjhvbwHEu%2FVU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb190a6523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":540816,"size_decoded":100496,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"5a5fa9aa233358693f39de0a0381eaf7","sha1":"41fc3e93af7a2e79133f65edc2dd2cb0e2375c84","sha256":"bcbdcf670b63c24200041fc3a217d9efc385872809c644f756473923bcca6a5c","sha512":"37e68c5e931dcd71ec746f510032550e89f6d888f3aac953a8905cf424a51c28ae2511cbb1e056c9552515bf4e99150908baccf1f7926d878b2a27390f3fc963","ssdeep":"12288:47WJvdK948PKIiyfpwo1OAPkuD336ya5hrCez0eT7:kWJvdK948H1fpwo1OAPkuD336ya5hrCg","tlshash":"d8b4c723971b1619a02bca64a6c46bd96b14d373d02317fefa433c19cfc759a226670f","first_seen":"2026-06-15T12:32:19.719969Z","last_seen":"2026-06-17T14:28:04.638406Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":786,"receive":375,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/etc.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.470Z","timestamp":1781706407470,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/etc.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4097\r\nlast-modified: Thu, 30 Jun 2022 09:13:05 GMT\r\netag: \"62bd6921-1001\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4097,"size_decoded":4439,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"25142b79a3de886616c73a68e453d984","sha1":"43299b672ed710ce0a0e1b9ccd2d552b5accb15e","sha256":"b5b056cda87836b811627fb320e1cdcbf98edbfc30c68a4a20013c0c37b43bbe","sha512":"62b866a53db06bf11581d30f68d6bf1f40881d03f8470052612978c595b96d194195fd4aa55600af07d3f6a380f413125c7a94446f253d24647e6a944a70db41","ssdeep":"96:iP9Sli9htPIcpQU+lU8L4qna1u7LvpSBafIn:iP9CitNpWS8xa1ufvpY","tlshash":"ac818fc3c812c295104682f94e8dd0b831d04e5f5b05fc67369d6dbd542ca07eda5ace","first_seen":"2023-05-28T01:03:43Z","last_seen":"2026-06-17T15:50:19.227439Z","times_seen":81,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":478,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getmarketList?lang=en\u0026rtoken=qoplhmBisV8gOM\u0026id=1\u0026type=1\u0026limit=200","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.326Z","timestamp":1781706406326,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getmarketList?lang=en\u0026rtoken=qoplhmBisV8gOM\u0026id=1\u0026type=1\u0026limit=200 HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11598,"size_decoded":11950,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2ea21804ce316560684a49534f513d63","sha1":"efc62a65d7274ddf03fc3f135d9f9164763f2992","sha256":"5b2e641235621c301f5495112829bb80811a17ac98185f6a2612b3acb35e167f","sha512":"ab65e8bc1eb5047a50e613adb6da57943ca8e77a72319e2b045a529e09990548bc912137db16105cd7a77c681c01383b28f4fab2c6d38df091f4117941c90172","ssdeep":"192:mcvTtJv1Exn5utQykKJB+jkHQuosjDtvCZJl0uRDDs/DDTGSxvZs1YevEPC7T:mcvTtJtExn5utQyk++jkHQuXYJl0uWb0","tlshash":"fa32e25626d84eb0b3b28dc897c7d4b4a67ef04abcc28f8343ed996544d0a57770af12","first_seen":"2026-06-17T14:27:13.237237Z","last_seen":"2026-06-17T14:27:13.237237Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1049,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/xmr.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.464Z","timestamp":1781706407464,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/xmr.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 3356\r\nlast-modified: Thu, 30 Jun 2022 09:13:12 GMT\r\netag: \"62bd6928-d1c\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3356,"size_decoded":3697,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"1a427fee0bd67c531b69fd143c56405a","sha1":"a3985aba306276b834887763bdcbd291f123270c","sha256":"c60054e81964269ce55dbfc325e99e3d4d491952bb516e3f68097ba475cf65ba","sha512":"40106610c0056285dfe7a02b810b456e19d1f96049874853b3fe76572f02fd9a477d764eb08270309f7f05d47d7049322cb9a6e753af492bb53a5b1f6efa1658","ssdeep":"","tlshash":"18615ce3dd6f1d7637369351b717b80288603df1ad5e733d5515181225120bbce553a8","first_seen":"2023-05-26T11:52:40Z","last_seen":"2026-06-17T15:50:19.231585Z","times_seen":50,"resource_available":false,"data":null}},"time_used":729,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.698Z","timestamp":1781706402698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/polyfills.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-25e1\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJfl%2FZnjCTi9tr82DfKWpGsKClbvT8agGoVqDevzWxNIxpgvuXeOXuidHbhiy%2F%2FgtToEs3QC0ScrQzSG0C%2BK5uR7SHidVedftc%2Fzlrlrmvm2FVYihOerCkk%2Fkcgbmw4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18da5123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9697,"size_decoded":4343,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9695), with CRLF line terminators","md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"resource_available":true,"data":null}},"time_used":615,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/vendor.e2a9e1d897f042e77815.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.717Z","timestamp":1781706402717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/vendor.e2a9e1d897f042e77815.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-1b441a\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UFfLrJG5XWsqjuHFJayMWkcEhIxUog7O%2B0IRteMFrVttUseFFiXCyUJD6v%2F%2BmY3uNVTnj2F9gCH%2BMwYmdZ54cHyQFJ2U3lfAzOMjp9P5Jdqmu9MEgpQUmVYijBhJbfc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb190a6623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1786906,"size_decoded":644109,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37287)","md5":"2ecaffdebca42bfe31c2a583cb4e1e3e","sha1":"48c242c015b378e863efc5310e473a5334e95e03","sha256":"67cdadd6721bbdbb17c1271102e1a48a452d8a7181490b6e5a26b442822ecd26","sha512":"6edf57984e10ac46c373e6763922297142757c1b6f60210286d734521be4db7e2c022fc99bd4d45d5dcaba738e8cf125bbafb529510ab22e7aed0c558f1bf086","ssdeep":"12288:O/5H4KEh+NlpJ8ei75Gm5PiMta2JpIuuiXuHBBL2O:OBH4Kkoj8eQGm5Pzk2JaRiXuHBBL2O","tlshash":"2725199d32c4b06643e331b5503f240fa3372959a80ec558ba26d4daacbd55e623bf3d","first_seen":"2026-02-27T09:48:17.072719Z","last_seen":"2026-06-17T14:28:04.636868Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":816,"receive":974,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/app.31018229fcf5d01e8fdf.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.718Z","timestamp":1781706402718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/app.31018229fcf5d01e8fdf.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6a2f4e46-9a185\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AUZksq%2FdNBmNhwZSJz7MyZXNLeNgPtmUekP21G8T5%2Bc241Jkp1rL1NBPEvKfbQ%2FUv09gF9VmyQ8hfW8o4%2BNciOTP%2FvpDbdPWIbzYSulXJH7GRgfaybs0CXQAfb97KEI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb190a6823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":631173,"size_decoded":234356,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65128), with no line terminators","md5":"f80bc5699e39388cf8fb98d7903cdcfe","sha1":"29b495e0c45017e1cd6b5c94bd58842406d980fd","sha256":"a1b6aeaa0c0b15c3f435ccb06c26dd48b0cf4c45070d1fc963892e9799dea8d7","sha512":"0851a10f3ce6d8b420277c7441e67747551ccebdc0bdf97e45009eeb72a2eeadaf17cc44cae1403ea72e0fc5c08f8f2318b58f3987727e2153d449aa37d98930","ssdeep":"12288:INrGFZCEcWjM98NI+NMJGNynMlRPGNpiEj7ay0fDxEMoshD6UcV9FY0ZconS//Cg:IwFvjMr/ii8","tlshash":"ddd46d7b11ce59a819428a06b28b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","first_seen":"2026-06-15T12:32:19.659759Z","last_seen":"2026-06-17T14:28:04.638947Z","times_seen":13,"resource_available":true,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/image/remind.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.724Z","timestamp":1781706402724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/image/remind.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-4deb7\"\r\nexpires: Fri, 17 Jul 2026 14:26:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=58Hk9A%2FOR%2BFtyejD0%2BYtSsDQobA8VvTZdB7Z9ZRBgwMwnwOTpA1zoeSPpo%2F8nVltwlu2okyY64n4iXybYaBUbCXSfF8AiOp2lpBZHxWcTh637mTlsnu1PKhyfaC%2Bxw8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 319159\r\ncf-ray: a0d2bb190a6a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":319159,"size_decoded":319937,"mime_type":"image/png","magic":"PNG image data, 2163 x 2283, 8-bit/color RGBA, non-interlaced","md5":"42a3301ec37986141e520b49d598e73b","sha1":"83c6e41ecfc381ef9d39dc5767272ea843e0a679","sha256":"60ddd3846aa5aaa641439a451b27834bdf41fabcf4601ed9c9239908dc5a6339","sha512":"db3eae8a9caf09de6f41e3ab079844691df7372295aabdcda662b6d042e07e707d1e8ad786c42b9eb4d0c8c5b5156039c1fc389df26b0a1230a793fb153d7b38","ssdeep":"6144:UT+B9YsJyUqYWWLq7M6jzqhyWykRcTUEWPaG/4Jb6lHGKYT:SAYCz1ZhyW9RJEKaG/Qb6lG","tlshash":"58642351da3dcc5ac5fb9635043f212ea9b84330b698fad6ca3f75501b42ca76227db0","first_seen":"2023-05-25T13:54:34Z","last_seen":"2026-06-17T17:08:22.06114Z","times_seen":90,"resource_available":false,"data":null}},"time_used":1524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":940,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getParam?lang=en\u0026rtoken=MP46YcUbJC9A","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.314Z","timestamp":1781706406314,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=MP46YcUbJC9A HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"17b6ef892f6dff760e717fc2e43da63e","sha1":"b45495c0cfa8b284d2dfd596503b27e64306cc08","sha256":"0047d9afdae6dcb43292b505e847ad51477c24b31ae4ee1adfd8ce6afbf19467","sha512":"af0d80f4ac928fef13fc7538aef4044b549a2b4bea791d93a606f600e73d683e3669b0def0ee5553f03a62e3b8a8bb776a7753588ef27724f25737d6e071e23e","ssdeep":"","tlshash":"a921024d30d80c7fe7874449ad4b5255bbe969eb24ae1cc546acedb438cbcc3840a963","first_seen":"2026-06-17T14:27:13.244333Z","last_seen":"2026-06-17T14:27:13.244333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":817,"timings":{"blocked":-1,"dns":8,"connect":260,"send":0,"wait":284,"receive":0,"ssl":264},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.699Z","timestamp":1781706402699,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/bundle.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-346a\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6xcn3JDSNH2uwmXiafl1%2BTB49UOHkVF5KaBEe4wdFSSqMRR5wrnduildJiVvqYA8vKoQ1Cjf%2B5iRSBF1qdATbi5tf29pnlAcJql0WbKQJ5VpGAHsxzFnX32cYfeg6z0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18da5323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13418,"size_decoded":5369,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13416), with CRLF line terminators","md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"resource_available":true,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/1.59a042873c3c3ebe5f78.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:45.004Z","timestamp":1781706405004,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/1.59a042873c3c3ebe5f78.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6a2f4e46-bcc2\"\r\nexpires: Thu, 18 Jun 2026 02:26:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSeVe9liOK6FumR6DNfOVyDQOZ52H9w1WKtNe4dOmf91IjcHuDn1VJBg1mY1o9eDRFq2dISawDXMj7GWuuYa765LGSZldnPUKBEO94RtX2Zg1gESNqPvn2ZEDUEInrI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb274d6223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48322,"size_decoded":23233,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48257)","md5":"d6ad4a93687e871b7ffb7b2a0cfa334f","sha1":"6194e0bba6295167cfbb3d0c836b35fbda554276","sha256":"404243c3d9985a90932ec7a9947af61ff8fefc8b37a760dec2bc4376ae937193","sha512":"3755b8ecac14e30442614297ebd39c5bcbd61b5e26e1f5b7e3ea6ebf66939da6452486e786147a679451d14511463cf497aa230f27b4784cd2c4f09b582daeb6","ssdeep":"768:O1g4pOx27O8/L3bYeRyHYLDJjE1VlQRL14ti/gWRLMsshai/gSas0JDd/:OS4pOx268D3V4H0DBE1UOti/gJai/g1J","tlshash":"e4233a0ab487b66dcc3a4060962f2139b03a1fe8901ad1d3f63cd9949ae5d39171fb7c","first_seen":"2026-06-15T12:32:19.655077Z","last_seen":"2026-06-17T14:28:04.63207Z","times_seen":13,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/img/Practical-functions1.3dc1883.png","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.301Z","timestamp":1781706406301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/img/Practical-functions1.3dc1883.png HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-5d6e\"\r\nexpires: Fri, 17 Jul 2026 14:26:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r0ArKpx8%2BzVe4eYejlTInlYgRQCkD25YraH1s1hpajdl4EuHsoPikKHlaHdeT33PnRfP0WniOzwTGTxvJBDzZ4tM02aTJVJaE%2BXGFrhGRjKhrGkiwyhcjtWv1w%2BEZ44%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 23918\r\ncf-ray: a0d2bb2f6ee723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23918,"size_decoded":24690,"mime_type":"image/png","magic":"PNG image data, 201 x 201, 8-bit/color RGBA, non-interlaced","md5":"3dc1883e1d5a2f06cdb04d94ff2b558c","sha1":"d3410b84faf1016772b14c035652fab6a84c1fd9","sha256":"d5dc4d9caaf567bb7bec7b40ed9a06409225ca6526c335f5787649400fb6cf6b","sha512":"b5be4a4b8434ec281f9a77ce25c3c5b93875bea651d990089dc409704522ce65fbf53176ea5c3475b588498af8b64883e1d809ac9929dae182b545e290e30ca4","ssdeep":"384:y+ncmAegS4GVmZ2OB70MRo4Ug1wyPaTi8B8//nn3bVHBvfz9X+KOC+QsJowZ+g:H8ekGAJB70ua6wyz8B0n3bxBDsKIQWYg","tlshash":"89b2f15fb50819a42fdbe1169cce44522fea5d80df85d206998ec0379ead1f08b2e3d8","first_seen":"2026-06-15T12:32:19.657683Z","last_seen":"2026-06-17T14:28:04.611802Z","times_seen":13,"resource_available":false,"data":null}},"time_used":785,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":785,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/trx.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.451Z","timestamp":1781706407451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/trx.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 6495\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-195f\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6495,"size_decoded":6837,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"53d1c2f9fe08b9e1876cfe48d8515b9a","sha1":"cdcf316d85014fa6ff4e3734abbb423d1059dd8c","sha256":"5a64c819fd826d8183b1eae37b023fe72fd41d0c0c38e0311131d934fd0840bd","sha512":"4690750a0d8bd06649658f8fd84eb75409177aca8ba881aed166a370c4c7a2bd2ab6d28473a4df334e218d24830c3bddadedb48a7846907c14859c64279eb713","ssdeep":"192:G8+yL4eaVKn8cDxhgtcnwDnAJ6NjKdsVTLMLasKPQ:R9dDn/DUDAJcTAOst","tlshash":"27d19eb96367e69aa9c6f5b99b39e6225f62ddd0dcca15f20e98820041f3040b5814ee","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.011843Z","times_seen":116,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/web/getParam?lang=en\u0026rtoken=jJb7YRm8DyKQ","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.323Z","timestamp":1781706406323,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=jJb7YRm8DyKQ HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://andafpro.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"17b6ef892f6dff760e717fc2e43da63e","sha1":"b45495c0cfa8b284d2dfd596503b27e64306cc08","sha256":"0047d9afdae6dcb43292b505e847ad51477c24b31ae4ee1adfd8ce6afbf19467","sha512":"af0d80f4ac928fef13fc7538aef4044b549a2b4bea791d93a606f600e73d683e3669b0def0ee5553f03a62e3b8a8bb776a7753588ef27724f25737d6e071e23e","ssdeep":"","tlshash":"a921024d30d80c7fe7874449ad4b5255bbe969eb24ae1cc546acedb438cbcc3840a963","first_seen":"2026-06-17T14:27:13.244333Z","last_seen":"2026-06-17T14:27:13.244333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":810,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/uni.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.449Z","timestamp":1781706407449,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/uni.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 7130\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-1bda\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7130,"size_decoded":7472,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"31f17f13b53757a892502af9179f6bc2","sha1":"1db9427d6720bafe36824262466d2f75c55b637d","sha256":"2e8697588da2d88c23823b1c61813280ff82d59481019553719946e2b7260269","sha512":"b591743bd756e6019aff32d5e817948a6dc5544818b83df383f4a1cec447ae9b864ba86b61401a4f76c1ec907c1211e7f75ca1a45a2d49220a6bc75d4fb2f07a","ssdeep":"192:pDOYGPzaIfpNIreNg5HRBC9ocE/jPJJcc6pM644Y:2eo/uHbFRD6SMY","tlshash":"0ce19df0f63b540d4adc9e270ce424c11ae31559750334bfed8f099ee39340a0a94ad5","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.003264Z","times_seen":60,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/fonts/element-icons.535877f.woff","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:46.340Z","timestamp":1781706406340,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/fonts/element-icons.535877f.woff HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/static/css/app.52a5edfc6ccf52628c11dccfe52a5c48.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:46 GMT\r\ncontent-type: font/woff\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\netag: \"6a2f4e46-6e28\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5g40RbjfELX7AK7JpKQJasz43C05DGqKqQ0JvrhsTz7dotoh9mMKA3%2Bkza8jhatVKhGyYKa%2F%2BBCRTjNXEk41xtKvF1%2B6SQ%2F3%2F5ncCkHy8Nqb1G2BpAf7fCajb2jWBIE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 28200\r\ncf-ray: a0d2bb2faeef23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28200,"size_decoded":28939,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-17T20:32:42.030458Z","times_seen":26262,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/aave.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.434Z","timestamp":1781706407434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/aave.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 7463\r\nlast-modified: Thu, 30 Jun 2022 09:13:01 GMT\r\netag: \"62bd691d-1d27\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7463,"size_decoded":7805,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"5cdd0aee69e8122fd5c09e5cdcd98624","sha1":"68ebafd85948ed3aaac87fb683aa655fdfaff4d3","sha256":"9ef23fac5df6aa17c2df63f9a9bd75116a079378ff33e407f6c17ff044738c23","sha512":"125f42ad5b32cafa0859d96226838798c7c5ed8fbb193bf0a698132415220ecbadca205521d858abbf31c56efa7e9681fe9b0ddefbb57021090ca32213f0dc06","ssdeep":"192:UP03OA6fWgKMO01wvKfgHwK+41cWvoRtjNPxrwo9hoWlA:80+A6f1NqvB31Ct1xrxhTW","tlshash":"27f19edd4fb240cefcbfe649c87720e67a04d211b78afa408bae7c96a990405c1a1d31","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.024304Z","times_seen":51,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/w3model.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.701Z","timestamp":1781706402701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/w3model.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-68b0d\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eUqAs35xGE1Zr3AAUw%2BDe69V7p0jKiuCcySSOcZ%2Fv%2Bxul7g2wbyEFAB7ZB8dLI0%2BWGCgRXjqOM3EkFLKh5YQfkENBpPhIXpE0R6wNoTGPAFzrh4jqr5O%2BW3Hl2hjr0k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18ea5523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":428813,"size_decoded":217373,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (62529), with CRLF line terminators","md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"resource_available":true,"data":null}},"time_used":1355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":780,"receive":575,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/web3model.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.703Z","timestamp":1781706402703,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/web3model.min.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-69042\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rSDHy1DfJ3PPPRHssfF%2BYvBFMGZIFESlRhgVC1d9xitjzWmuGXRGQNx3bLPulpczJ8iVM21FhHHLfsqwdL8cTVm9MIpR%2Bw7L6iSqqHtpQ4MZU53k5Qwv7a6VVCTexgQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18ea5623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":430146,"size_decoded":218041,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44112), with CRLF line terminators","md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"resource_available":true,"data":null}},"time_used":1316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":554,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/logo/favicon.ico","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:45.319Z","timestamp":1781706405319,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/logo/favicon.ico HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:45 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aah%2FnIUNv66ppEKFLRMBvNA9O0pTD9ypRSmm8MfyRbGk4baK2MbNn0FqvnHxwCQl9Uy7Q8b0A7PXVpWbNvJB%2F4lXf87SPpX3KRl69jFd4cZtHfxzgei5Z%2FOwuIqxgXI%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a2f4e46-37f\"\r\ncf-ray: a0d2bb293d9d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":895,"size_decoded":1620,"mime_type":"image/x-icon","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"f4cc99fd1cb9d852ee80502e1b4e887a","sha1":"07a9f634275a7581bbc77d9c050b4340018b9fa5","sha256":"65e633339568e53ab3a5c2525dbb9cad16151a81cada37404125ef5354c191fd","sha512":"7b21adc744386b22ad8a444b6277f3a3db75110d55b955f961bb9503f4ae538443da35143b7a8ce2359519550d1b7fc20702536aae09b866a2329fadc0f52c99","ssdeep":"","tlshash":"091163d7a1789f19eb394371885e8300883989998b05056c9dc54ab6fb6de8680ed320","first_seen":"2026-05-06T11:01:26.079334Z","last_seen":"2026-06-17T14:28:04.641398Z","times_seen":15,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/dot.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.468Z","timestamp":1781706407468,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/dot.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 7934\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-1efe\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7934,"size_decoded":8276,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"74ed062f033581755bd71e7005d22502","sha1":"4c7208a79fa9851a34a749e19835ef0925bdf272","sha256":"1748a91695619836aac60ea1bc9d38a4a6e7909a92d98f36c15651ccb05ebb90","sha512":"303c13483ca5c01fce0b6fa254c4fdb93740844b08ded84ca8a0bb4e5989669b9b8fd0116ab20c57d4c91b0b625b5936b1abef6dbab829031d7cf709aa114a43","ssdeep":"192:WSYkkn9099VHqYV04cZcGTtSN3DNjiuydjwElcU9GQtt:58nSKYV0fODxiZ1aU9JL","tlshash":"8cf1aee3fca9dd123b6ca4866cf542b7626b12248194d64aff4cd807c81e6fda61e481","first_seen":"2025-10-08T18:47:54.120882Z","last_seen":"2026-06-17T15:50:19.248311Z","times_seen":24,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.cvbhrfsh.cc/wzpic/xaut.png","fqdn":"api.cvbhrfsh.cc","domain":"cvbhrfsh.cc","tld":"cc"},"ip":{"addr":"43.98.179.84","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:47.426Z","timestamp":1781706407426,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.cvbhrfsh.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 08:03:56 GMT","end":"Mon, 06 Jul 2026 08:03:55 GMT"},"fingerprint":{"sha1":"96:0E:AF:7E:27:AE:8C:01:22:DD:31:7F:0F:CB:0F:F8:4F:58:10:2F","sha256":"4A:D5:60:5D:00:24:B0:ED:4E:FB:A3:ED:4E:4F:24:6C:24:B1:FB:C5:7B:32:2E:CD:74:0C:B7:58:9F:8F:53:27"}}},"request":{"raw":"GET /wzpic/xaut.png HTTP/1.1\r\nHost: api.cvbhrfsh.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 14:26:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 7688\r\nlast-modified: Wed, 15 May 2024 02:03:33 GMT\r\netag: \"664417f5-1e08\"\r\nexpires: Fri, 17 Jul 2026 14:26:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7688,"size_decoded":8030,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"2615bb8aeb247f2b56501d9b299ca398","sha1":"6f94dbc3a1df9b6a69ef9a9d3fcbe8bfb3665593","sha256":"6bdc89d90af3a27056a874c2906ae19ce5bcee9884334303031251e25a4a50f0","sha512":"71ab52b12c29407996836faf6d7eb0a1737ccc02665e11e3bb55e19517f58e646870830e0654dd6b83abe2b6af9b81ada71dcaf7a0b702ddcfcc41620db18b5d","ssdeep":"192:W/0Mq6bv4UW4Z+vp+3saH4xSznCf398CsN7aqOk:W/BTv4x4gvI3JYxSo3983N7aG","tlshash":"37f19f00c064231ac30246b6ab45ea87ecdcd27ce76b792f9479eb44a9d00afe983546","first_seen":"2025-03-05T16:19:54.140594Z","last_seen":"2026-06-17T16:37:09.024848Z","times_seen":48,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T14:26:42.064Z","timestamp":1781706402064,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/ HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:42 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RVBPiQTrH5Ga2i7mrHNLHlzRMLhZURZPMqIPaRQQc02s9jS7hivyveKRMAIpVNuXnhdCu%2BMBwVqYYdBtnmC441w0O0ysm1R7vqj5oKG9QZQYzkEzLHn7JGFvvWfpQss%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\ncf-ray: a0d2bb14e99f23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6928,"size_decoded":3144,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (956), with CRLF, LF line terminators","md5":"589670f79f1f0bb5713665106e0a31d3","sha1":"f799bc96d6be2c03abfd27b07114fd37fb32f00a","sha256":"709d46e99cfb0fd2bd9b1e90d58203a8fe3674aeee7221960b12a8e2044b7afc","sha512":"f8d5d679d837fff344b1c2609c071c096b509e7bf3b2ba85ee3ac6c25e0229af15730e851dce7714cb53cc371ed3a2ed7839da19b9ee04b672de0ef0daeee06f","ssdeep":"96:DWJGQt7D+y4unBzlV7TCD5SfWiZwDLZ7/iFKS4/O2t5BAAuW:Di9XbKD5oWhDL1/Hvrt5BA5W","tlshash":"7ce1855e1c12c066197366587733ab18e10797e78601c816bafc91a4af70fce52bafcc","first_seen":"2026-06-15T12:32:19.689006Z","last_seen":"2026-06-17T14:28:04.619924Z","times_seen":13,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/js/manifest.d8d9138c1b12d4ddc3be.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.716Z","timestamp":1781706402716,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/js/manifest.d8d9138c1b12d4ddc3be.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-c49\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=41ey%2FGk%2FtVEZhyB1bincexIeKXr1aNk0RSziFjwh5nHyrzCDZZVkCkcSuigHnJ4ehm4RksILInIEXwb6YaGAd%2BMr0619tjTUAik0ppVRI6GvxpuCEtmxexFarAg%2FBzU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb190a6723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3145,"size_decoded":2696,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3087)","md5":"f93eee94772d8216216eb6654f45ce6b","sha1":"66fb756699d2c027ba4fd13cfaa984ec33fb6120","sha256":"a82dcae9d5484a0dc9c6246e33c3955d59d88f14ff1fa67ecee6256ad7470006","sha512":"b4de77572ea85520a15c42ec036aa0d0ac91e47b78c852160cde52ee0406a586bdeee63f0246457e7294c0eec288aec1f20ec904b00ee3a636caa09d65118070","ssdeep":"","tlshash":"ed51f6ae767dfcc6a1b008c04577a2a4a22c68267c6ccc65c3d4e2a47c31e859312bf9","first_seen":"2026-06-15T12:32:19.703817Z","last_seen":"2026-06-17T14:28:04.649442Z","times_seen":13,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"andafpro.com/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"andafpro.com","domain":"andafpro.com","tld":"com"},"ip":{"addr":"172.67.181.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://andafpro.com/pc/","date":"2026-06-17T14:26:42.696Z","timestamp":1781706402696,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andafpro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Apr 2026 07:55:43 GMT","end":"Sat, 25 Jul 2026 07:55:42 GMT"},"fingerprint":{"sha1":"76:52:7B:43:D8:B9:D1:4A:F9:39:D8:AD:50:C6:2D:42:2D:36:BA:4C","sha256":"2F:F7:F1:F1:D2:6B:D9:9B:6D:D2:92:37:06:B7:57:74:B0:42:A7:C5:80:4E:C1:60:FE:00:FC:D4:BF:16:28:77"}}},"request":{"raw":"GET /pc/static/tradeview/charting_library/charting_library.min.js HTTP/1.1\r\nHost: andafpro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://andafpro.com/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:26:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 15 Jun 2026 00:58:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2f4e46-296f\"\r\nexpires: Thu, 18 Jun 2026 02:26:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nmULvo2CNfvs9W0xDXBB348Z2bMiFIV9d3S9WyqC89ZydoJFOxUDVVwPwOIyXE6gEhQ7ynXikWrOO2vfBEJBkl6UBjvHKlPUk3gkGe3j81JfJE2VcMja2EtBvPNoLgc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2bb18da5023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10607,"size_decoded":4167,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10605), with CRLF line terminators","md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"andafpro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}