{"report_id":"4c0ea872-58a3-493c-b821-a5c09015cc77","version":6,"status":"done","tags":[],"date":"2024-09-05T04:22:34Z","url":{"schema":"http","addr":"q-r.to/bfMim7/","fqdn":"q-r.to","domain":"q-r.to","tld":"to"},"ip":{"addr":"54.240.174.35","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"guatexgt.top/GT/","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"title":"Paquete - GUATEX"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T22:32:23Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-04 18:12:06","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"guatexgt.top","ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":48,"request_count":58,"received_data":1585346,"sent_data":26068,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-04 18:12:09","alert_count":0,"request_count":5,"received_data":4437,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"q-r.to","ip":{"addr":"54.240.174.122","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":674135,"first_seen":"2013-08-06 23:11:00","last_seen":"2024-08-10 22:02:29","alert_count":0,"request_count":1,"received_data":10617,"sent_data":468,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/f6170fbbQW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/index-39fb359f.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/650ef575HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/650ef575HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/b1090594HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/b1090594HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/4cd1ec68QW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/api/MC44NTE0NjE4OTEyMDY5ODY4","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/294db625QW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/796de064QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/f4397cedQW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7841612aHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/index-39fb359f.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7841612aHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/3dc5d0c5QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/289e0afcQW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/bce2f309QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/d0b4256aQW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/643e38d8QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/55.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/54.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/62.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/125156b3QW743.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/56.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/53.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/57.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/61.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/60.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/59.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/api/MC4yOTc5NTkxMDg3NzE4NjMwNQ==","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"guatexgt.top/GT/","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3cb9786af5e65ff7a58c24c85677a40a","sha1":"1dcbd37c74e0e059f17066831f594c4c2cd531f7","sha256":"8bc5a4a4db521fb00a74ed14b2351db552ca6530233a4d403dfe004b6fd38f6a","sha512":"31c232355c031ab9f5db941411958404cd989bd2d54eb625c58ede002ce7502ae44ef29c04503157de596e56a641c952c527e5eb8b72e81cb354c8500b2663a4","ssdeep":"","tlshash":"6fe02608fb29d7b2058e695b627eb71c64e110c65c1a850159afdcdc9935af431a1423","size":328,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2025-03-18T21:01:32.866956Z","times_seen":9141,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/650ef575HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"52ef13ba51613b0e0bea6ccfe913eb58","sha1":"19baf60427756972d2041ec49537a73307c3b93a","sha256":"1647dfb387d8699af836fb039bb6c53bd85f520178cf0d4dc02f43f0612f162a","sha512":"217606362a9f6453ef530713062f0e293f27cfcf605b1c502c3b54f12503be452e24c35dff7c5d2605e5484f7f4b5bf6fbe63852c7671c41461a319c04ea30fb","ssdeep":"768:SKVqb0eKJAr/nPCY3MCEZuF7uel5MTIqBnmMKLw/sL3c81edmGK6e+cWdxNEu7XT:DA7zlMtcWdQgvzzyxJYcjFuEFe","tlshash":"693361943fc069d137878ffb772bb4f4e41a185e3889498bd11cfc1838a652ae6d1a35","size":53709,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.095193Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/b1090594HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"abe76f0fc07fcf212757d57fb3807762","sha1":"561aba1a2e6964bf3a81ef6bc9053d7ba2f1d541","sha256":"b19336d85b86225dc2e28a326b3fcb13538adf4bc23899c87ed4afa61f680da0","sha512":"d83221fee06c18a4193320b4a29110f008c32142199695458ecb08daea6392d1b28a4527839f16a81e39604b117c09e6add6e709f4925d5ecb96dd734bfb5ebc","ssdeep":"768:sRe61pAXSIjnafI1RZfvskjJiqcbOsAm7PydYooJmlhL9vlYKX6zdV/iFoPcdE9V:EevjmKUj1","tlshash":"44f2c7c6bf90a85903d79f3bb21bb1d2f52e2d1d305c4449e122b98079a4637eef1a71","size":35036,"data":"","first_seen":"2024-07-10T07:00:20Z","last_seen":"2024-09-19T22:51:23.096677Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"467c266a95ca807164133c5f8d58620a","sha1":"9543576066f185be92b8541b1128c622fb874857","sha256":"3d899a5131f756cec3f4ea5d469405dedfff4b7fe7b966503fb25b66e242e333","sha512":"486eb45310017154036c5f77cb26dc7b27d534a1c07a7b6faa820c1b633dfe5efbb5d5fc088cccbb06a45b64dc0a9affd0f1688cfe4a4db13f2bd3ae80c41779","ssdeep":"3072:ewm+J+bulBjEUtUPiFB7QzpZfSv4Ifd6PY3uGhqx3QPHaIHejQPGAnMj5JlimiF:e3m+bulBjEUtU6FB7Q36AIfd6PY3uGhP","tlshash":"b3b354212bc0555933669ebb321760e2e1792c7d388e448ef32c7c786d9a267faf5530","size":112855,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.107134Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1d8a8cfbda7f20d7f04ed45f0215381","sha1":"e41c3ffbc524408ce56780e55373cb2647ec5beb","sha256":"5c12ac16cb9d835f4a2e085b1321d0ab416152cacef8c1fa81784b704878a687","sha512":"5a530c53f596b53c396183ce995237a2a8a740545799509ea068d32f7630be0365e134566f150bac9e1bfa1fa00d396c966a4f44062860bc2c976598c9665a94","ssdeep":"96:+IYYqAqKNiZEj915YxIcHQeg4OEObmTTdh:zKEj9yHQeg4rObmTTdh","tlshash":"6d91525a6b723e500b1d7ba2332374c1ccd2677b3b5b9cb6a6045cac283c564bc57632","size":4587,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094771Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"94852930e9442959c71bb1741fbb5872","sha1":"c8599a57da0361e13e5e16012f9b9bc2f85fa994","sha256":"5344468c16eb735c28476b0205e122fc3e43b0819fab0110b46e7835c9805293","sha512":"d64bf69a62516a813b26de9b56b30d4265729b034d06d353b16c13ef26bc29f9bde064dd8c6abd1baf819ea36f22e88d9a0cac1367f3fb077c60ea3b1fe9881a","ssdeep":"","tlshash":"ba41f0547e80618813472ebb5033e5e4eb75dd7eb4884d4a90746cf93da0839d1d6a38","size":2107,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097123Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"b3fdaa2637b1e94aed44a1c64babca0c","sha1":"7e6cd172422144daa91419ae9527b7222af94d2e","sha256":"c2d2e96660abcedd77805cab88b39910572ec800e86208e8683f71592e6fc72b","sha512":"657d86d3b652a11f466539f923b3096b9989520ffc9487347319a1b938e98234d78cc30f35cdd6ccb4438055190d0b55deef1e87ac077d8e257eb1a78b3f9e38","ssdeep":"","tlshash":"4b41dee9bbc23260b3a61ff3356ba1c8e416d85535944496d408bdec3c42035d5e7bb4","size":1990,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.108386Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/index-39fb359f.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c44379fc53d985e1258cda762817fb10","sha1":"3b5cd099b6351cf012b75e85943c5d71a8013c3b","sha256":"e9c97bb7d7e8036ac0b07ccaa82f5397cc7f003be07dd69726cb3e9f34973bbe","sha512":"decb2ba71901390582ab650e52e53113831e26675fd7eb70b6ef7a4fd96330bb3b16e6d7f0b512986670759a49391266306c36a52076db7a7ed2afbe65d9a341","ssdeep":"6144:1YmwEYY+FUgiQDS062sz1m/xkEuAfe+ce7w96v0gavfaXDJCY7C59pGFnQdIokg6:5Nz1mztNcK7C58gyx0brZJnxmZWmt","tlshash":"f5b4b48136c07848538b5fb7732fb0eae85a2c5e79884c8be214fd94a5e5617efe1530","size":504531,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094318Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-05-06T01:30:07.600216Z","times_seen":36253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"5b71975a40d5e2b11fa38177cbaffa28","sha1":"4c86098730a009133fa5f8127f1fa8fae995debe","sha256":"b4757d014bc1c6be3eebcbbc38f194afac08a9017a0170dda50497ace17ef59f","sha512":"eda9621c7c1b4b24a2ec8b1c6a15330cc25e2a1b896c2a403be3d5d4d9ef8d25f92670474257ceccb9952ce14f3dddaa50120882a0a6d9bd271dba57286f8c46","ssdeep":"","tlshash":"9b51de64af90355e03472ebb3b2b75d0e056805cb6d04865931da8d8e5b8a35d2f2f39","size":2746,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097942Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"658877293a5eefeb39410d03527bd68b","sha1":"ea597acddfa37eeb9b3f7df8da16f6d1d3e00573","sha256":"7c41662ea17e7372530275b0d85386e9f2c10e2e412489dd959f22cd277fc459","sha512":"eb7724c44f191c5f8effa6ca0151b5f2b207b164987ed00cbebd0409a89ea04f18920fea3bcfb4c591836992ebe248640af687f81724fa09f03620ee65b34dfa","ssdeep":"192:wxkVORAJRrQF1wrNypBIRgTWb51t3oB5n/jxf4pAll+M+wb:YdR8RrQF1wrP3Il/Ops+Vwb","tlshash":"98d1725d7f90d7e97b122daf8e22b4fed83d365a18838caee14168702f44025e596733","size":6443,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.104471Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"eaa2f278de27a53e0cd9060e72f48f8e","sha1":"7df3da8490073fe4f4ef63b40d7a3be331d4ceb1","sha256":"93b0d2df6d962642e1d2654daafeb7deacc5376ed1e93f317fb1054e3f3823b6","sha512":"a6681c886645810fee6c18a8c52837a526acabf50c9ac7606efab208ca3eae433f818c84e6bbaf15132f1116408c0fc8257999595c35bc45f35af4245ab0f83c","ssdeep":"768:OWds8sFYC1jYE1hmSZJCI3SY/z1WaAm9bUJo+nCVDrl7VYRxYjJMpwb4p7SQ1rny:WlF1LdQ6F/j9spz+rH7L","tlshash":"2a83b4441f55f2ea534b2f12691e30bde00d6d19e58fad9f91a17cecadd8a203f62630","size":85932,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.110906Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7841612aHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"58a79c3e880b5174360c0c963da44614","sha1":"0fc14c913e2b0326717df1509e9c6c83eb5742a7","sha256":"80f3a47ac3e2481b36dbb5b206127a8bece87ff4f9ef31fa58e8542f1ce55e00","sha512":"a1cb10379afa88d93ed515d5757363e6c7764d87d02401efcb3bc9f310d7f9644c3e1507ccfebc521af94cf1ee3616b9bf0c1eb670d2b3fc0c9c60fd9a1f9f61","ssdeep":"1536:k7dizI7Wp3ZXSIImbMCuGIwduyEoJBDQn3Z373BrtpzCIVD6yq0NOHjMp/CiKob6:NQWtfbTdBdrBDQ3/p5CIVD9ZNjNlTOFJ","tlshash":"edb3aae815e421d1a025375f6742efb4f42fa46ab443bfc3b26dadf94a486216b3d031","size":116298,"data":"","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.118382Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:06.643557362Z","timestamp":1725510126643,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"ED538EA400323F4C987F91C0B0AFC79A8526B62F7AA317DD62BD107CB37850A2\"\r\nLast-Modified: Tue, 03 Sep 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5107\r\nExpires: Thu, 05 Sep 2024 05:47:13 GMT\r\nDate: Thu, 05 Sep 2024 04:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8d2e6150f7d0845dc26f5bd5cd6f28dd","sha1":"6aad5091620585a5f76065c1888456ee70b88257","sha256":"ed538ea400323f4c987f91c0b0afc79a8526b62f7aa317dd62bd107cb37850a2","sha512":"dd2b8ba0eb764244c92b404bd053d75174a13127c61027fff0a538fa2d3375f480ee774bb73c01010e728b0f9ad66bc3dc9c6a1357e24ef34d10fb84b89bc9a1","ssdeep":"","tlshash":"31f0c0ba27ad7511adf1612025b4e83c2b546cfb74405aa874949041ed10ff8298241c","first_seen":"2024-09-03T15:32:51Z","last_seen":"2024-09-19T22:57:09.758778Z","times_seen":28107,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:06.693861784Z","timestamp":1725510126693,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7\"\r\nLast-Modified: Mon, 02 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3766\r\nExpires: Thu, 05 Sep 2024 05:24:52 GMT\r\nDate: Thu, 05 Sep 2024 04:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"66fbf7f95cb55f388373a20d4b1a736e","sha1":"afc34259758a563362367848629ff7639982e1fb","sha256":"41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7","sha512":"80f0c1a3f29e795722e05ea6260e1ec92780f3f554ace63e7a0e4ad5d030be18b0cde8397bffc652a92306b23ba802aa8a0db463bac3a6827e645816bd5759a0","ssdeep":"","tlshash":"02f00e7956f2e6c3faf8112314a6ed606c227aab780021a279800ac239c67f6678545c","first_seen":"2024-09-02T19:20:57Z","last_seen":"2024-09-19T23:09:36.632755Z","times_seen":35846,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:06.961458058Z","timestamp":1725510126961,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ED97A3678824305419366056FD0BEE73359522822CA42A16FABDCC3AD982BE\"\r\nLast-Modified: Mon, 02 Sep 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3733\r\nExpires: Thu, 05 Sep 2024 05:24:19 GMT\r\nDate: Thu, 05 Sep 2024 04:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3b182d2525d361002ced8590b8a9ce07","sha1":"12cd4e482375e47fdc8cde29fe98a6e3498260df","sha256":"62ed97a3678824305419366056fd0bee73359522822ca42a16fabdcc3ad982be","sha512":"a9af0e3420d2ef7b1e515e4014c080aa80aca75d801f852b484ac418bafb12eda0ff0e4d2ae943bc5fab828c296a2ec8ec22c6b66222a285f3dd6a5c7fe82cfd","ssdeep":"","tlshash":"4bf005b9a5b5ba148aed1c4468f5c51d9b107efd3cc111c3acc5c1b52e5575c019410d","first_seen":"2024-09-02T21:43:18Z","last_seen":"2024-09-19T23:06:53.189609Z","times_seen":16139,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:07.002118584Z","timestamp":1725510127002,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C\"\r\nLast-Modified: Mon, 02 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13734\r\nExpires: Thu, 05 Sep 2024 08:11:00 GMT\r\nDate: Thu, 05 Sep 2024 04:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cabaaa7c3e6a621cc5836be05eee4924","sha1":"c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8","sha256":"2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c","sha512":"7da36317a8c4f485281c503bcc03813f77f4339dd43124bdba3345414625f7dbb71911cd5eb19e1d4afb482b9ce0ffb5678bd41d4d5e6e77f56069bd2f99817d","ssdeep":"","tlshash":"a0f00efb12f33260dbf59d293989f23a0610ad9ebc2198e624c5d1cb9442fec408890c","first_seen":"2024-09-02T19:36:30Z","last_seen":"2024-09-19T23:09:22.854855Z","times_seen":22244,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:08.485Z","timestamp":1725510128485,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nConnection: keep-alive\r\nLocation: https://guatexgt.top/GT\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":169,"size_decoded":169,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5584cd241a762d7a7488f14d5409293c","sha1":"a88c6560e46f39dca33a1bbbc74c319e89adfe2a","sha256":"56fd937f2948b7fc1b223fc1da61e781a93f6b4c74cfd88e1115bb74418c7dff","sha512":"5d9781bc4a570e8c3695cf5895cf678ee9409c8f24cf9f0e8b33ec734ee47f1be2d32e258e5d98e70b9f36a15449e00bfbd4500349d793385e292445b33c393a","ssdeep":"","tlshash":"d2c08cadab023cd8b8a73b3871c360a0e2ed807012d9461281b0060bf1cf1a79ec33d1","first_seen":"2023-04-16T08:38:35Z","last_seen":"2025-03-01T04:34:53.145042Z","times_seen":5148,"resource_available":false,"data":null}},"time_used":2312,"timings":{"blocked":929,"dns":1,"connect":252,"send":0,"wait":454,"receive":0,"ssl":674},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:08.942826757Z","timestamp":1725510128942,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7716\r\nExpires: Thu, 05 Sep 2024 06:30:44 GMT\r\nDate: Thu, 05 Sep 2024 04:22:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:08.944810272Z","timestamp":1725510128944,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7716\r\nExpires: Thu, 05 Sep 2024 06:30:44 GMT\r\nDate: Thu, 05 Sep 2024 04:22:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:08.946179704Z","timestamp":1725510128946,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7716\r\nExpires: Thu, 05 Sep 2024 06:30:44 GMT\r\nDate: Thu, 05 Sep 2024 04:22:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"q-r.to/bfMim7/","fqdn":"q-r.to","domain":"q-r.to","tld":"to"},"ip":{"addr":"54.240.174.122","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:07.380Z","timestamp":1725510127380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qrco.de","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 19 Aug 2024 00:00:00 GMT","end":"Wed, 17 Sep 2025 23:59:59 GMT"},"fingerprint":{"sha1":"94:0B:3C:F5:A8:65:A5:90:3D:6A:FC:E6:E1:D8:55:2F:D6:71:3C:6C","sha256":"36:99:DB:AA:5B:9C:69:2A:23:2C:FE:81:95:F4:89:26:9D:DF:2F:B7:A8:2A:8B:C8:DF:F2:60:A8:E0:6C:ED:0F"}}},"request":{"raw":"GET /bfMim7/ HTTP/1.1\r\nHost: q-r.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: http://guatexgt.top/GT\r\ndate: Thu, 05 Sep 2024 04:22:07 GMT\r\nserver: nginx\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: bMwrzfFcdSeuv0KUHpBM6jPH462TEw3l0Y4E3GkIL8JoV8Ea11CziQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":10146,"size_decoded":10146,"mime_type":"text/html; charset=utf-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3","md5":"fa75d13692977ba4be6693ebd9025449","sha1":"b15a8d2ab27fbeb3ec79bd403a826a4be733a80d","sha256":"bafec1a2d582a451d27b11d97d7eeabf3236f05907e30e0e6003f521a8f64338","sha512":"f82f60eb079f64fab0b6a230b5158e078031372c12ca680825decace28cf825d3abc409a18374f5157be5efd37ba6aa6c7d6bcc6e7e5decefc01bfb07d5a5d2b","ssdeep":"192:qEC4H8Eug4X1akbT+xDatRCxYAwweFZ9FLPLmbJTU414FqjjvxBxL1mvT9Pr6M2i:qE/IgCCxD9eVVL6TB14Fup1St8+D","tlshash":"0322dfb1a3933c5e317d733801af65548f780b1e9882f7a3b9606e63193118a62dc7dc","first_seen":"2024-09-04T11:17:26Z","last_seen":"2024-09-19T22:45:15.994234Z","times_seen":17,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":10,"dns":0,"connect":1,"send":0,"wait":167,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:09.413057031Z","timestamp":1725510129413,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"04F005C8C0FC17BD1AB18FE29DE95C1D175E6D047C9794479029A0AA2201CEEA\"\r\nLast-Modified: Wed, 04 Sep 2024 14:40:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21600\r\nExpires: Thu, 05 Sep 2024 10:22:09 GMT\r\nDate: Thu, 05 Sep 2024 04:22:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"7169f392803619d8bc52ad089814c1c0","sha1":"adee2a544a7382b6db54b29626b2b8aa1bf99292","sha256":"04f005c8c0fc17bd1ab18fe29de95c1d175e6d047c9794479029a0aa2201ceea","sha512":"08f55f02a66a64cdfce1972fc79babf66feb7752181c94365580f216b9cba4b1febc2308a81194d4152dcf3f8502efee8694a2ff578820f8e035266e6fc8ab72","ssdeep":"","tlshash":"37f005b317a0b4501ae10b3f9ce9e0761930be6c2d84849e15f853f5b526fed0f40448","first_seen":"2024-09-19T22:32:26.195824Z","last_seen":"2024-09-19T22:32:26.195824Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:09.413814976Z","timestamp":1725510129413,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"04F005C8C0FC17BD1AB18FE29DE95C1D175E6D047C9794479029A0AA2201CEEA\"\r\nLast-Modified: Wed, 04 Sep 2024 14:40:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=21600\r\nExpires: Thu, 05 Sep 2024 10:22:09 GMT\r\nDate: Thu, 05 Sep 2024 04:22:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"7169f392803619d8bc52ad089814c1c0","sha1":"adee2a544a7382b6db54b29626b2b8aa1bf99292","sha256":"04f005c8c0fc17bd1ab18fe29de95c1d175e6d047c9794479029a0aa2201ceea","sha512":"08f55f02a66a64cdfce1972fc79babf66feb7752181c94365580f216b9cba4b1febc2308a81194d4152dcf3f8502efee8694a2ff578820f8e035266e6fc8ab72","ssdeep":"","tlshash":"37f005b317a0b4501ae10b3f9ce9e0761930be6c2d84849e15f853f5b526fed0f40448","first_seen":"2024-09-19T22:32:26.195824Z","last_seen":"2024-09-19T22:32:26.195824Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:08.485Z","timestamp":1725510128485,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:09 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nLocation: /GT/\r\nVary: Accept\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":64,"size_decoded":64,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"b3cd78c40a5e456fcc44654c49e05dd1","sha1":"4d2ed4567a2e64ae03304d24e57dc981815adb1f","sha256":"f2d1b5002e3cfbeb4b64b883135b148b50d7c10c100b66ab58a55770c859e17d","sha512":"1d481e25f357c6232cf1d40407cb7a0bd86434529b35b08842a2a5b21759d8ea522ee404c4a918f0fce611517961861f08cac16cef9473d256f02561ff9602e1","ssdeep":"","tlshash":"89a002b6abe011f962a6373da470533c975bb5987b898a1f053067d6d8055521a300cb","first_seen":"2024-09-04T01:45:53Z","last_seen":"2024-09-19T22:51:23.092238Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2312,"timings":{"blocked":929,"dns":1,"connect":252,"send":0,"wait":454,"receive":0,"ssl":674},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:22:09.872Z","timestamp":1725510129872,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/ HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:10 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"666-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":781,"size_decoded":1638,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (435)","md5":"201752d2b4ccaeed7a1f32a9363dd709","sha1":"3d48dab64569e9634ec8a0b3a757775c9c1135a3","sha256":"b064a68d0899638131bf25d40f660dfdd818a45d4cb41138da35da2c35d826f7","sha512":"f27d400d0d21fb30422344c3f9829e3a9e1238027a07d577dc606698e0289ac6c29f528abbd8614bc8ff6f4685b87a58d2ffd61d528dbb25b8393d31db9be551","ssdeep":"","tlshash":"96312497fdf4c5f605982d5b7c25f5083ce10b93891e984035ee84e49f11ee54d5bc94","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.093313Z","times_seen":7,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-04","alert":"Other","trigger":"guatexgt.top/GT/","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/f6170fbbQW743.css","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:10.349Z","timestamp":1725510130349,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/f6170fbbQW743.css HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:10 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 952\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"3b8-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":952,"size_decoded":952,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (951)","md5":"32fac03c421dcba16fb4a965fc089e7a","sha1":"f6ac75910f20381d4478c1d302b4dd30fd1ee9ad","sha256":"f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911","sha512":"dc554f5bd2c040133218f74a8caf624789b2afff8505547899d91bfdd03b70ef5deb7ac9834e255cae9177c61e5344728b13a0546e956b723e65f5d1c4d3efd8","ssdeep":"","tlshash":"3c11cb52a5c3713c8127c93b29b1b25d743ba461df720b58d6b2e653cbca68d34146ac","first_seen":"2024-01-20T20:58:19Z","last_seen":"2025-09-22T10:24:48.027402Z","times_seen":3646,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/f6170fbbQW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/index-39fb359f.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:10.347Z","timestamp":1725510130347,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/index-39fb359f.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:10 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:46:02 GMT\r\nETag: W/\"7b2d3-1907ba27210\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":149437,"size_decoded":504531,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c44379fc53d985e1258cda762817fb10","sha1":"3b5cd099b6351cf012b75e85943c5d71a8013c3b","sha256":"e9c97bb7d7e8036ac0b07ccaa82f5397cc7f003be07dd69726cb3e9f34973bbe","sha512":"decb2ba71901390582ab650e52e53113831e26675fd7eb70b6ef7a4fd96330bb3b16e6d7f0b512986670759a49391266306c36a52076db7a7ed2afbe65d9a341","ssdeep":"6144:1YmwEYY+FUgiQDS062sz1m/xkEuAfe+ce7w96v0gavfaXDJCY7C59pGFnQdIokg6:5Nz1mztNcK7C58gyx0brZJnxmZWmt","tlshash":"f5b4b48136c07848538b5fb7732fb0eae85a2c5e79884c8be214fd94a5e5617efe1530","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094318Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1030,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":509,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/index-39fb359f.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:11.458Z","timestamp":1725510131458,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/af45cd74HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"11eb-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1466,"size_decoded":4587,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4529), with no line terminators","md5":"d1d8a8cfbda7f20d7f04ed45f0215381","sha1":"e41c3ffbc524408ce56780e55373cb2647ec5beb","sha256":"5c12ac16cb9d835f4a2e085b1321d0ab416152cacef8c1fa81784b704878a687","sha512":"5a530c53f596b53c396183ce995237a2a8a740545799509ea068d32f7630be0365e134566f150bac9e1bfa1fa00d396c966a4f44062860bc2c976598c9665a94","ssdeep":"96:+IYYqAqKNiZEj915YxIcHQeg4OEObmTTdh:zKEj9yHQeg4rObmTTdh","tlshash":"6d91525a6b723e500b1d7ba2332374c1ccd2677b3b5b9cb6a6045cac283c564bc57632","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094771Z","times_seen":7,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":247,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:11.458Z","timestamp":1725510131458,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/af45cd74HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/index-39fb359f.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"11eb-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1466,"size_decoded":4587,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4529), with no line terminators","md5":"d1d8a8cfbda7f20d7f04ed45f0215381","sha1":"e41c3ffbc524408ce56780e55373cb2647ec5beb","sha256":"5c12ac16cb9d835f4a2e085b1321d0ab416152cacef8c1fa81784b704878a687","sha512":"5a530c53f596b53c396183ce995237a2a8a740545799509ea068d32f7630be0365e134566f150bac9e1bfa1fa00d396c966a4f44062860bc2c976598c9665a94","ssdeep":"96:+IYYqAqKNiZEj915YxIcHQeg4OEObmTTdh:zKEj9yHQeg4rObmTTdh","tlshash":"6d91525a6b723e500b1d7ba2332374c1ccd2677b3b5b9cb6a6045cac283c564bc57632","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094771Z","times_seen":7,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":247,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/af45cd74HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/650ef575HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:11.455Z","timestamp":1725510131455,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/650ef575HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"d1cd-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16657,"size_decoded":53709,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (52671)","md5":"52ef13ba51613b0e0bea6ccfe913eb58","sha1":"19baf60427756972d2041ec49537a73307c3b93a","sha256":"1647dfb387d8699af836fb039bb6c53bd85f520178cf0d4dc02f43f0612f162a","sha512":"217606362a9f6453ef530713062f0e293f27cfcf605b1c502c3b54f12503be452e24c35dff7c5d2605e5484f7f4b5bf6fbe63852c7671c41461a319c04ea30fb","ssdeep":"768:SKVqb0eKJAr/nPCY3MCEZuF7uel5MTIqBnmMKLw/sL3c81edmGK6e+cWdxNEu7XT:DA7zlMtcWdQgvzzyxJYcjFuEFe","tlshash":"693361943fc069d137878ffb772bb4f4e41a185e3889498bd11cfc1838a652ae6d1a35","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.095193Z","times_seen":7,"resource_available":true,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/650ef575HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/650ef575HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:11.455Z","timestamp":1725510131455,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/650ef575HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/af45cd74HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"d1cd-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16657,"size_decoded":53709,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (52671)","md5":"52ef13ba51613b0e0bea6ccfe913eb58","sha1":"19baf60427756972d2041ec49537a73307c3b93a","sha256":"1647dfb387d8699af836fb039bb6c53bd85f520178cf0d4dc02f43f0612f162a","sha512":"217606362a9f6453ef530713062f0e293f27cfcf605b1c502c3b54f12503be452e24c35dff7c5d2605e5484f7f4b5bf6fbe63852c7671c41461a319c04ea30fb","ssdeep":"768:SKVqb0eKJAr/nPCY3MCEZuF7uel5MTIqBnmMKLw/sL3c81edmGK6e+cWdxNEu7XT:DA7zlMtcWdQgvzzyxJYcjFuEFe","tlshash":"693361943fc069d137878ffb772bb4f4e41a185e3889498bd11cfc1838a652ae6d1a35","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.095193Z","times_seen":7,"resource_available":true,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/650ef575HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/favicon.ico","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:11.909Z","timestamp":1725510131909,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: image/vnd.microsoft.icon\r\nContent-Length: 7281\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"1c71-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7281,"size_decoded":7281,"mime_type":"image/vnd.microsoft.icon","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, baseline, precision 8, 192x192, components 3","md5":"b085ebf16bb93384d157574bb1713f61","sha1":"fbdeb3d7b09720d95b42668c81889030bf084a48","sha256":"85eaab5ef28f41f7151934d35e67772eba0135ff7f6e45cb37342c02268fe74e","sha512":"2d7d6498da053b034f5d340cde9b105d8c333af5f6d990057713765d46d5c48c0a354d299f1859a7e03a64e46af35459096ddbbc59e73f3d186c68babdadbde1","ssdeep":"96:U5Ip604pwZZ/TrlXkcWJL2Zsp0if72MZ5X9np6jNqE+YIs5xJDB7N7X+BDUSn7aO:U5IpnQwDrXaqZkZ5CJqEd/j9+BDD+YQI","tlshash":"bde18d6a498e5b02feac3d2eb5e16276fc1c922717ed488d20f6db807d14dc63a54034","first_seen":"2024-07-09T16:16:09Z","last_seen":"2024-09-19T22:51:23.095619Z","times_seen":9,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":297,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":252},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/b1090594HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.279Z","timestamp":1725510132279,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/b1090594HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"88dc-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10967,"size_decoded":35036,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (35036), with no line terminators","md5":"abe76f0fc07fcf212757d57fb3807762","sha1":"561aba1a2e6964bf3a81ef6bc9053d7ba2f1d541","sha256":"b19336d85b86225dc2e28a326b3fcb13538adf4bc23899c87ed4afa61f680da0","sha512":"d83221fee06c18a4193320b4a29110f008c32142199695458ecb08daea6392d1b28a4527839f16a81e39604b117c09e6add6e709f4925d5ecb96dd734bfb5ebc","ssdeep":"768:sRe61pAXSIjnafI1RZfvskjJiqcbOsAm7PydYooJmlhL9vlYKX6zdV/iFoPcdE9V:EevjmKUj1","tlshash":"44f2c7c6bf90a85903d79f3bb21bb1d2f52e2d1d305c4449e122b98079a4637eef1a71","first_seen":"2024-07-10T07:00:20Z","last_seen":"2024-09-19T22:51:23.096677Z","times_seen":7,"resource_available":true,"data":null}},"time_used":430,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/b1090594HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.276Z","timestamp":1725510132276,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/09bf01f8HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"83b-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":880,"size_decoded":2107,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2107), with no line terminators","md5":"94852930e9442959c71bb1741fbb5872","sha1":"c8599a57da0361e13e5e16012f9b9bc2f85fa994","sha256":"5344468c16eb735c28476b0205e122fc3e43b0819fab0110b46e7835c9805293","sha512":"d64bf69a62516a813b26de9b56b30d4265729b034d06d353b16c13ef26bc29f9bde064dd8c6abd1baf819ea36f22e88d9a0cac1367f3fb077c60ea3b1fe9881a","ssdeep":"","tlshash":"ba41f0547e80618813472ebb5033e5e4eb75dd7eb4884d4a90746cf93da0839d1d6a38","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097123Z","times_seen":7,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.723Z","timestamp":1725510132723,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/7e71b23dHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"aba-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1061,"size_decoded":2746,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2746), with no line terminators","md5":"5b71975a40d5e2b11fa38177cbaffa28","sha1":"4c86098730a009133fa5f8127f1fa8fae995debe","sha256":"b4757d014bc1c6be3eebcbbc38f194afac08a9017a0170dda50497ace17ef59f","sha512":"eda9621c7c1b4b24a2ec8b1c6a15330cc25e2a1b896c2a403be3d5d4d9ef8d25f92670474257ceccb9952ce14f3dddaa50120882a0a6d9bd271dba57286f8c46","ssdeep":"","tlshash":"9b51de64af90355e03472ebb3b2b75d0e056805cb6d04865931da8d8e5b8a35d2f2f39","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097942Z","times_seen":7,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/b1090594HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.279Z","timestamp":1725510132279,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/b1090594HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/index-39fb359f.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"88dc-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10967,"size_decoded":35036,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (35036), with no line terminators","md5":"abe76f0fc07fcf212757d57fb3807762","sha1":"561aba1a2e6964bf3a81ef6bc9053d7ba2f1d541","sha256":"b19336d85b86225dc2e28a326b3fcb13538adf4bc23899c87ed4afa61f680da0","sha512":"d83221fee06c18a4193320b4a29110f008c32142199695458ecb08daea6392d1b28a4527839f16a81e39604b117c09e6add6e709f4925d5ecb96dd734bfb5ebc","ssdeep":"768:sRe61pAXSIjnafI1RZfvskjJiqcbOsAm7PydYooJmlhL9vlYKX6zdV/iFoPcdE9V:EevjmKUj1","tlshash":"44f2c7c6bf90a85903d79f3bb21bb1d2f52e2d1d305c4449e122b98079a4637eef1a71","first_seen":"2024-07-10T07:00:20Z","last_seen":"2024-09-19T22:51:23.096677Z","times_seen":7,"resource_available":true,"data":null}},"time_used":430,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/b1090594HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.276Z","timestamp":1725510132276,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/09bf01f8HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/b1090594HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"83b-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":880,"size_decoded":2107,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2107), with no line terminators","md5":"94852930e9442959c71bb1741fbb5872","sha1":"c8599a57da0361e13e5e16012f9b9bc2f85fa994","sha256":"5344468c16eb735c28476b0205e122fc3e43b0819fab0110b46e7835c9805293","sha512":"d64bf69a62516a813b26de9b56b30d4265729b034d06d353b16c13ef26bc29f9bde064dd8c6abd1baf819ea36f22e88d9a0cac1367f3fb077c60ea3b1fe9881a","ssdeep":"","tlshash":"ba41f0547e80618813472ebb5033e5e4eb75dd7eb4884d4a90746cf93da0839d1d6a38","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097123Z","times_seen":7,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/09bf01f8HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.723Z","timestamp":1725510132723,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/7e71b23dHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/b1090594HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"aba-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1061,"size_decoded":2746,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2746), with no line terminators","md5":"5b71975a40d5e2b11fa38177cbaffa28","sha1":"4c86098730a009133fa5f8127f1fa8fae995debe","sha256":"b4757d014bc1c6be3eebcbbc38f194afac08a9017a0170dda50497ace17ef59f","sha512":"eda9621c7c1b4b24a2ec8b1c6a15330cc25e2a1b896c2a403be3d5d4d9ef8d25f92670474257ceccb9952ce14f3dddaa50120882a0a6d9bd271dba57286f8c46","ssdeep":"","tlshash":"9b51de64af90355e03472ebb3b2b75d0e056805cb6d04865931da8d8e5b8a35d2f2f39","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.097942Z","times_seen":7,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7e71b23dHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/4cd1ec68QW743.css","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.286Z","timestamp":1725510132286,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/4cd1ec68QW743.css HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 323\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"143-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":323,"size_decoded":323,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (322)","md5":"bffc12e40f0d227772826cc4ab6b1d99","sha1":"348bed4d1364d4933bbfe5feb5f9c61e3c5a1a6e","sha256":"4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64","sha512":"dc372ec6d46d3e58619e5f9db56f4f26d683f79507ebb3a6f871b4d962bc1cb32b73362fcdfdaceb1692ce501acd48575370c7b32e3c157fa9743cd2e7352b0a","ssdeep":"","tlshash":"ece0cd6576ca40123937c4eb5c992554f56762070ad5f530fd2316355fcecd2355430c","first_seen":"2023-09-04T23:55:43Z","last_seen":"2025-09-22T10:24:48.037494Z","times_seen":3500,"resource_available":false,"data":null}},"time_used":1294,"timings":{"blocked":503,"dns":1,"connect":252,"send":0,"wait":275,"receive":0,"ssl":256},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/4cd1ec68QW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/api/MC44NTE0NjE4OTEyMDY5ODY4","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.022Z","timestamp":1725510133022,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"POST /api/MC44NTE0NjE4OTEyMDY5ODY4 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/encrypt\r\nContent-Length: 300\r\nOrigin: https://guatexgt.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nETag: W/\"440-uwbsYy3U89gJxDHzqVUUkxQ0A6w\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":879,"size_decoded":1088,"mime_type":"application/json; charset=utf-8","magic":"openssl enc'd data with salted password, base64 encoded","md5":"17337e28e637d5224935e5dc50c1db26","sha1":"bb06ec632dd4f3d809c431f3a9551493143403ac","sha256":"cf6a6e371552790aaf430b1081e2362c79b5fa7b6aa1fe68c4fa0adba84bdccd","sha512":"80ccf3f713e2416d0370dea175f375aa1ee458154a596378b1d6592301c95144b593242073150562c6f60f3670f50c871e86de36314430a8c42feb30d7ca1b1f","ssdeep":"","tlshash":"aa11b9b117eb43cc360872ace751dd13b1678c0af86936537f5982cfc008059b9e215a","first_seen":"2024-09-19T22:32:26.217215Z","last_seen":"2024-09-19T22:32:26.217215Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/api/MC44NTE0NjE4OTEyMDY5ODY4","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.070Z","timestamp":1725510133070,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/51aa9dd4HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/af45cd74HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"192b-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2385,"size_decoded":6443,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6438), with no line terminators","md5":"658877293a5eefeb39410d03527bd68b","sha1":"ea597acddfa37eeb9b3f7df8da16f6d1d3e00573","sha256":"7c41662ea17e7372530275b0d85386e9f2c10e2e412489dd959f22cd277fc459","sha512":"eb7724c44f191c5f8effa6ca0151b5f2b207b164987ed00cbebd0409a89ea04f18920fea3bcfb4c591836992ebe248640af687f81724fa09f03620ee65b34dfa","ssdeep":"192:wxkVORAJRrQF1wrNypBIRgTWb51t3oB5n/jxf4pAll+M+wb:YdR8RrQF1wrP3Il/Ops+Vwb","tlshash":"98d1725d7f90d7e97b122daf8e22b4fed83d365a18838caee14168702f44025e596733","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.104471Z","times_seen":7,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/294db625QW743.css","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.281Z","timestamp":1725510132281,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/294db625QW743.css HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:12 GMT\r\nContent-Type: text/css; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"9025d-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84048,"size_decoded":590429,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (40117)","md5":"1a85c58ece89bc5b27ad56bd6843f5c4","sha1":"5c42fd28773041a4125b36ccc75bba96d1fd8c22","sha256":"294db625339a0644271bcf64751058f1ff52308961e763faf0fd22bea56e9d61","sha512":"3b39ea98f89bce4b1f358b536471749b0f886dd0647a6167ffca19219ee6e013ed8f9956b26c5b6d79e1ac4f17e71ebefad65c7569788b3a93cfe9bde9383523","ssdeep":"6144:LwuMQxrtJDLXbLMz7O+PyLRsS/1F6LpjyLjOJd4CPx0yFTS9qrSh:wQxtZXbLMz7O+PyLRsicjvOyFTS9qrSh","tlshash":"efc461a0bd0710d9733fc82fa783b35c1164f5c5d5525e9af0aa540f89f6e9133a2b2a","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.105357Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1761,"timings":{"blocked":498,"dns":1,"connect":248,"send":0,"wait":496,"receive":260,"ssl":255},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/294db625QW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.299Z","timestamp":1725510133299,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/2a4a2c6fHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/b1090594HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"1b8d7-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33256,"size_decoded":112855,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65476), with no line terminators","md5":"467c266a95ca807164133c5f8d58620a","sha1":"9543576066f185be92b8541b1128c622fb874857","sha256":"3d899a5131f756cec3f4ea5d469405dedfff4b7fe7b966503fb25b66e242e333","sha512":"486eb45310017154036c5f77cb26dc7b27d534a1c07a7b6faa820c1b633dfe5efbb5d5fc088cccbb06a45b64dc0a9affd0f1688cfe4a4db13f2bd3ae80c41779","ssdeep":"3072:ewm+J+bulBjEUtUPiFB7QzpZfSv4Ifd6PY3uGhqx3QPHaIHejQPGAnMj5JlimiF:e3m+bulBjEUtU6FB7Q36AIfd6PY3uGhP","tlshash":"b3b354212bc0555933669ebb321760e2e1792c7d388e448ef32c7c786d9a267faf5530","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.107134Z","times_seen":7,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":237,"dns":0,"connect":0,"send":0,"wait":262,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.290Z","timestamp":1725510132290,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/c27b6911HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/51aa9dd4HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"7c6-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":827,"size_decoded":1990,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1990), with no line terminators","md5":"b3fdaa2637b1e94aed44a1c64babca0c","sha1":"7e6cd172422144daa91419ae9527b7222af94d2e","sha256":"c2d2e96660abcedd77805cab88b39910572ec800e86208e8683f71592e6fc72b","sha512":"657d86d3b652a11f466539f923b3096b9989520ffc9487347319a1b938e98234d78cc30f35cdd6ccb4438055190d0b55deef1e87ac077d8e257eb1a78b3f9e38","ssdeep":"","tlshash":"4b41dee9bbc23260b3a61ff3356ba1c8e416d85535944496d408bdec3c42035d5e7bb4","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.108386Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1547,"timings":{"blocked":1246,"dns":0,"connect":0,"send":0,"wait":300,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.070Z","timestamp":1725510133070,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/51aa9dd4HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"192b-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2385,"size_decoded":6443,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6438), with no line terminators","md5":"658877293a5eefeb39410d03527bd68b","sha1":"ea597acddfa37eeb9b3f7df8da16f6d1d3e00573","sha256":"7c41662ea17e7372530275b0d85386e9f2c10e2e412489dd959f22cd277fc459","sha512":"eb7724c44f191c5f8effa6ca0151b5f2b207b164987ed00cbebd0409a89ea04f18920fea3bcfb4c591836992ebe248640af687f81724fa09f03620ee65b34dfa","ssdeep":"192:wxkVORAJRrQF1wrNypBIRgTWb51t3oB5n/jxf4pAll+M+wb:YdR8RrQF1wrP3Il/Ops+Vwb","tlshash":"98d1725d7f90d7e97b122daf8e22b4fed83d365a18838caee14168702f44025e596733","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.104471Z","times_seen":7,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/51aa9dd4HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.299Z","timestamp":1725510133299,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/2a4a2c6fHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"1b8d7-1907ba24330\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33256,"size_decoded":112855,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65476), with no line terminators","md5":"467c266a95ca807164133c5f8d58620a","sha1":"9543576066f185be92b8541b1128c622fb874857","sha256":"3d899a5131f756cec3f4ea5d469405dedfff4b7fe7b966503fb25b66e242e333","sha512":"486eb45310017154036c5f77cb26dc7b27d534a1c07a7b6faa820c1b633dfe5efbb5d5fc088cccbb06a45b64dc0a9affd0f1688cfe4a4db13f2bd3ae80c41779","ssdeep":"3072:ewm+J+bulBjEUtUPiFB7QzpZfSv4Ifd6PY3uGhqx3QPHaIHejQPGAnMj5JlimiF:e3m+bulBjEUtU6FB7Q36AIfd6PY3uGhP","tlshash":"b3b354212bc0555933669ebb321760e2e1792c7d388e448ef32c7c786d9a267faf5530","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.107134Z","times_seen":7,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":237,"dns":0,"connect":0,"send":0,"wait":262,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/2a4a2c6fHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:12.290Z","timestamp":1725510132290,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/c27b6911HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"7c6-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":827,"size_decoded":1990,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1990), with no line terminators","md5":"b3fdaa2637b1e94aed44a1c64babca0c","sha1":"7e6cd172422144daa91419ae9527b7222af94d2e","sha256":"c2d2e96660abcedd77805cab88b39910572ec800e86208e8683f71592e6fc72b","sha512":"657d86d3b652a11f466539f923b3096b9989520ffc9487347319a1b938e98234d78cc30f35cdd6ccb4438055190d0b55deef1e87ac077d8e257eb1a78b3f9e38","ssdeep":"","tlshash":"4b41dee9bbc23260b3a61ff3356ba1c8e416d85535944496d408bdec3c42035d5e7bb4","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.108386Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1547,"timings":{"blocked":1246,"dns":0,"connect":0,"send":0,"wait":300,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c27b6911HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/796de064QW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.651Z","timestamp":1725510133651,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/796de064QW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 11028\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"2b14-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11028,"size_decoded":11028,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11028, version 1.0","md5":"1f6d3cf6d38f25d83d95f5a800b8cac3","sha1":"279f300ca2cbbdf9f5036ef2f438607fbf377daa","sha256":"796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f","sha512":"716305f4d2582683b64c61b5e2390983579ea0fb33c936dd3ea8362872176625fbcb6f5ad18d2abf85da82d14c33a9640dfc5749922cb2fc079ddf37864f361f","ssdeep":"192:4oijUxKA0B3BxJPeLrh00JWNhi5A5HWdZ6SfroKthzwbMcYfQKvwpFVX2T+:Nx4bexHAE6STltlwbMcovaET+","tlshash":"9032cf5eaa417172974b5791e296fbc0e627186438fb02fef85185bbc4045e437092be","first_seen":"2023-04-05T08:50:36Z","last_seen":"2026-05-06T00:31:19.322594Z","times_seen":74081,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/796de064QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoV_","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.767Z","timestamp":1725510133767,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoV_ HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 118\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":118,"size_decoded":118,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"270a98fe29c0e11b96ee7c484b275d05","sha1":"2e25ec6a28e5bdbcc3f2a9f989dffeecae05a095","sha256":"0aac46350b57776a511f47a6a6ff266f26d5b41b21b20087680e21f72ec06a84","sha512":"5f5ebba8d02179ae07a90193e512c1d9fe323836d5fe8a73bf1d5b4a2b55d5f58e1ea8e124a2e696cab8b0b847b5c63465846949d7289fb1ee8c576be82f9a8e","ssdeep":"","tlshash":"6cb09294911d93c5fa70b78071f7be1e09d8795fa9c95598222908a8894ba102122a6b","first_seen":"2024-09-19T22:32:26.22621Z","last_seen":"2024-09-19T22:32:26.22621Z","times_seen":1,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/f4397cedQW743.css","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.772Z","timestamp":1725510133772,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/f4397cedQW743.css HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 400\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"190-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":400,"size_decoded":400,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (399)","md5":"2b914e8858486eab2dcfeaa859ea8357","sha1":"b782507d4e8cedba35aad5cbd1c4778115a1cb12","sha256":"f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917","sha512":"1416a0872268429581e96e0a8facb8757041cf92d74f0c0a7c1897644fbc2c4422329242e6cab50ac1caf366ce5d3b2ce085f20beabb17e0893aa0d3197365cf","ssdeep":"","tlshash":"fde0ab8039543210440b0176f1d7abdc01290400de3b371c012a6bf84b69c883b36e4b","first_seen":"2024-06-05T19:38:44Z","last_seen":"2025-07-14T19:00:29.022894Z","times_seen":3460,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/f4397cedQW743.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.621Z","timestamp":1725510133621,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/c54b3400HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/af45cd74HC7Z4.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"14fac-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17870,"size_decoded":85932,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"eaa2f278de27a53e0cd9060e72f48f8e","sha1":"7df3da8490073fe4f4ef63b40d7a3be331d4ceb1","sha256":"93b0d2df6d962642e1d2654daafeb7deacc5376ed1e93f317fb1054e3f3823b6","sha512":"a6681c886645810fee6c18a8c52837a526acabf50c9ac7606efab208ca3eae433f818c84e6bbaf15132f1116408c0fc8257999595c35bc45f35af4245ab0f83c","ssdeep":"768:OWds8sFYC1jYE1hmSZJCI3SY/z1WaAm9bUJo+nCVDrl7VYRxYjJMpwb4p7SQ1rny:WlF1LdQ6F/j9spz+rH7L","tlshash":"2a83b4441f55f2ea534b2f12691e30bde00d6d19e58fad9f91a17cecadd8a203f62630","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.110906Z","times_seen":7,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":91,"dns":0,"connect":0,"send":0,"wait":506,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70Qoa9\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.028Z","timestamp":1725510134028,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"POST /socket.io/?EIO=4\u0026transport=polling\u0026t=P70Qoa9\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 2\r\nOrigin: https://guatexgt.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 2\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-06T01:09:59.085862Z","times_seen":406365,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoaB\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.035Z","timestamp":1725510134035,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoaB\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 32\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32,"size_decoded":32,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"08539f6ef8b0f93f409b4167d53d4034","sha1":"7d3de6a31fd74996f25f97f5d26a13d2915d2eb4","sha256":"14418a418b47c7c564db59fba6f7e3595dc050f8a36fdb563bc618b472561f28","sha512":"b6eb89fdc45e84bd8a41a1368a35d7f6b94fd3a61f39d02a790c05e1ad41087349d712f9c0bc74f3340fa55b6b8ef1baaff0f88fca39bae32a3bf8fb96092ecf","ssdeep":"","tlshash":"14800000000228038a030a03a0b00a00b8bcba88e8328a0b2208e0002a230002c2e03c","first_seen":"2024-09-19T22:32:26.23303Z","last_seen":"2024-09-19T22:32:26.23303Z","times_seen":1,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7841612aHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.775Z","timestamp":1725510133775,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/7841612aHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/index-39fb359f.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"1c64a-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36067,"size_decoded":116298,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59874), with no line terminators","md5":"58a79c3e880b5174360c0c963da44614","sha1":"0fc14c913e2b0326717df1509e9c6c83eb5742a7","sha256":"80f3a47ac3e2481b36dbb5b206127a8bece87ff4f9ef31fa58e8542f1ce55e00","sha512":"a1cb10379afa88d93ed515d5757363e6c7764d87d02401efcb3bc9f310d7f9644c3e1507ccfebc521af94cf1ee3616b9bf0c1eb670d2b3fc0c9c60fd9a1f9f61","ssdeep":"1536:k7dizI7Wp3ZXSIImbMCuGIwduyEoJBDQn3Z373BrtpzCIVD6yq0NOHjMp/CiKob6:NQWtfbTdBdrBDQ3/p5CIVD9ZNjNlTOFJ","tlshash":"edb3aae815e421d1a025375f6742efb4f42fa46ab443bfc3b26dadf94a486216b3d031","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.118382Z","times_seen":7,"resource_available":true,"data":null}},"time_used":919,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":278,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7841612aHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.621Z","timestamp":1725510133621,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/c54b3400HC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"14fac-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17870,"size_decoded":85932,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"eaa2f278de27a53e0cd9060e72f48f8e","sha1":"7df3da8490073fe4f4ef63b40d7a3be331d4ceb1","sha256":"93b0d2df6d962642e1d2654daafeb7deacc5376ed1e93f317fb1054e3f3823b6","sha512":"a6681c886645810fee6c18a8c52837a526acabf50c9ac7606efab208ca3eae433f818c84e6bbaf15132f1116408c0fc8257999595c35bc45f35af4245ab0f83c","ssdeep":"768:OWds8sFYC1jYE1hmSZJCI3SY/z1WaAm9bUJo+nCVDrl7VYRxYjJMpwb4p7SQ1rny:WlF1LdQ6F/j9spz+rH7L","tlshash":"2a83b4441f55f2ea534b2f12691e30bde00d6d19e58fad9f91a17cecadd8a203f62630","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.110906Z","times_seen":7,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":91,"dns":0,"connect":0,"send":0,"wait":506,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/c54b3400HC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoeM\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.296Z","timestamp":1725510134296,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"POST /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoeM\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 49\r\nOrigin: https://guatexgt.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 2\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-06T01:09:59.085862Z","times_seen":406365,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoeI\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.293Z","timestamp":1725510134293,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoeI\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58,"size_decoded":58,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"47d12d343c1b854ce82615adba93c0c1","sha1":"74a58e9cfbb0f55c1a656eb08f188a9e77dbdb15","sha256":"5656aca6c38b0564dbc0dd3ebcda6c8ab755056b0ae69a7273573c5f57d1902c","sha512":"03fa0e9d4c204314c38cecb979205995ae4fbc4cc438e75b3744c7b5a8fb58817bab808892dba83650afb66cb791727fa5b6d005aae45caa5641b94b74f67e19","ssdeep":"","tlshash":"5ca00240546324936a030615912559553c7c65192b2718505960d11126ae18b155f8ae","first_seen":"2024-09-19T22:32:26.238873Z","last_seen":"2024-09-19T22:32:26.238873Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/index-39fb359f.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:10.347Z","timestamp":1725510130347,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/index-39fb359f.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:13 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:46:02 GMT\r\nETag: W/\"7b2d3-1907ba27210\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":149437,"size_decoded":504531,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c44379fc53d985e1258cda762817fb10","sha1":"3b5cd099b6351cf012b75e85943c5d71a8013c3b","sha256":"e9c97bb7d7e8036ac0b07ccaa82f5397cc7f003be07dd69726cb3e9f34973bbe","sha512":"decb2ba71901390582ab650e52e53113831e26675fd7eb70b6ef7a4fd96330bb3b16e6d7f0b512986670759a49391266306c36a52076db7a7ed2afbe65d9a341","ssdeep":"6144:1YmwEYY+FUgiQDS062sz1m/xkEuAfe+ce7w96v0gavfaXDJCY7C59pGFnQdIokg6:5Nz1mztNcK7C58gyx0brZJnxmZWmt","tlshash":"f5b4b48136c07848538b5fb7732fb0eae85a2c5e79884c8be214fd94a5e5617efe1530","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.094318Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1030,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":509,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/index-39fb359f.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/7841612aHC7Z4.js","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:13.775Z","timestamp":1725510133775,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/7841612aHC7Z4.js HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://guatexgt.top/GT/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:52 GMT\r\nETag: W/\"1c64a-1907ba24b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36067,"size_decoded":116298,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59874), with no line terminators","md5":"58a79c3e880b5174360c0c963da44614","sha1":"0fc14c913e2b0326717df1509e9c6c83eb5742a7","sha256":"80f3a47ac3e2481b36dbb5b206127a8bece87ff4f9ef31fa58e8542f1ce55e00","sha512":"a1cb10379afa88d93ed515d5757363e6c7764d87d02401efcb3bc9f310d7f9644c3e1507ccfebc521af94cf1ee3616b9bf0c1eb670d2b3fc0c9c60fd9a1f9f61","ssdeep":"1536:k7dizI7Wp3ZXSIImbMCuGIwduyEoJBDQn3Z373BrtpzCIVD6yq0NOHjMp/CiKob6:NQWtfbTdBdrBDQ3/p5CIVD9ZNjNlTOFJ","tlshash":"edb3aae815e421d1a025375f6742efb4f42fa46ab443bfc3b26dadf94a486216b3d031","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.118382Z","times_seen":7,"resource_available":true,"data":null}},"time_used":919,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":278,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/7841612aHC7Z4.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=websocket\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:22:14.808000609Z","timestamp":1725510134808,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://guatexgt.top\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: lpf5XmbRxU4hwiT0Prh3og==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Z6LeoYQqBFQk9lytwlx3DmQJtJg=\r\nAccess-Control-Allow-Origin: *\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T01:09:53.296706Z","times_seen":14713570,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoiV\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.562Z","timestamp":1725510134562,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QoiV\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 98\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":98,"size_decoded":98,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6f3b4ad69aa5980085587193e6c8fadc","sha1":"5938417d91287d685fcfc6a700199b32e39ad63b","sha256":"bc665c4cc7a1fa0a97925f53e5401f021b5c11bd9a7a3205a07e6300c3de22c5","sha512":"c8ef3a71179b74a7927d0edba447b202fcb238c2c61b9472f005dba30f75d67c9c19625bbd9bfe8079eaf2ea78d2dc8a540a0135dca3cb19b092b422a4344923","ssdeep":"","tlshash":"9eb012708d3c2833930040f40f0e3f9933ae97478aa44770ec085a44010518627d822d","first_seen":"2024-09-19T22:32:26.24109Z","last_seen":"2024-09-19T22:32:26.24109Z","times_seen":1,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/3dc5d0c5QW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.443Z","timestamp":1725510134443,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/3dc5d0c5QW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 7900\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"1edc-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7900,"size_decoded":7900,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7900, version 1.0","md5":"43751174b6b810eb169101a20d8c26f8","sha1":"7e48d54b1df1d3f657fc90227590308183ff9ddc","sha256":"3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0","sha512":"a56307976583f9f0dd41ea34a3878c1fd69d5f89577664c350be014f6485da077cecf03f315104dc00e3cb0b6036d9b58e602ca19e963bf500016f090ca80ff2","ssdeep":"192:J2+QXwv9y8UEem7iQD+hqsNl3ahSFsd8Rq0s+Hxf49:J2+9vI8XX+DxrFe0/f0","tlshash":"dcf1bffef23115d580b66bb6c307bf24d9298147fc772608a61c6978a4e9f0c194cf0a","first_seen":"2024-03-26T19:18:23Z","last_seen":"2026-05-06T01:25:39.214652Z","times_seen":17915,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":252,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/3dc5d0c5QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/289e0afcQW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.447Z","timestamp":1725510134447,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/289e0afcQW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 7740\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"1e3c-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7740,"size_decoded":7740,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7740, version 1.0","md5":"792477d09826b11d1e5a611162c9797a","sha1":"bba020c0fd0426079872fdd7929a260b414845cd","sha256":"289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2","sha512":"20256b7428ae94d47202827e0d655e298034108cc927fca3a43eda383b02fd42f0c9e7551eaffa0ab4fc2e80528d17166aae09226bbf3ad21f666f08aeacc4ef","ssdeep":"192:dxQxGIAcBZH2KRme6/xXOTTsncYsl62qMXApY:LQcovWK6YlYsfL","tlshash":"88f1bf724a9790cac6e1592b83507e1ea877abdc3a4bcc1fd5d270ccd4a299123cc85c","first_seen":"2024-03-26T19:18:23Z","last_seen":"2026-05-06T00:45:10.151349Z","times_seen":8572,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":356,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/289e0afcQW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/bce2f309QW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.455Z","timestamp":1725510134455,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/bce2f309QW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 11072\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"2b40-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11072,"size_decoded":11072,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11072, version 1.0","md5":"e7df3d0942815909add8f9d0c40d00d9","sha1":"cf5032eea3399a58870e8a05e629b006a8c7c3c7","sha256":"bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875","sha512":"3632a44ee28aec0cf67ef7d3780a18db1aa84837817a3ea69a5f892d656a94b9faefc0314e2c38599410802f875df73581558ee9511ced7f717feda29336cfa0","ssdeep":"192:X+O5i60QYQyX4xOc50jR0ujO1W4qEaeFw1CsfCIRsiFDK5mvuGDP3dJGkWNZuQST:uLyYQ5Oc50+91W45FwRBseDT3fGklt1","tlshash":"6432be0ed131bba7c9fe1c3bae1307b072641e7a11badd6ab200eed5945f5a21c01db5","first_seen":"2023-04-06T07:37:44Z","last_seen":"2026-05-05T23:57:08.711798Z","times_seen":10456,"resource_available":false,"data":null}},"time_used":614,"timings":{"blocked":360,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/bce2f309QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70QomZ\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.822Z","timestamp":1725510134822,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=P70QomZ\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 1\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":1,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"1679091c5a880faf6fb5e6087eb1b2dc","sha1":"c1dfd96eea8cc2b62785275bca38ac261256e278","sha256":"e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683","sha512":"3c9ad55147a7144f6067327c3b82ea70e7c5426add9ceea4d07dc2902239bf9e049b88625eb65d014a7718f79354608cab0921782c643f0208983fffa3582e40","ssdeep":"","tlshash":"c700000000030000c00000300000000000000000000c00000000000000000000000000","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-05-05T23:35:17.509215Z","times_seen":11205,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/d0b4256aQW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.451Z","timestamp":1725510134451,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/d0b4256aQW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 78196\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"13174-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78196,"size_decoded":78196,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-05-06T01:09:32.444766Z","times_seen":136039,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":360,"dns":0,"connect":0,"send":0,"wait":249,"receive":249,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/d0b4256aQW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=polling\u0026t=P70Qomj\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.832Z","timestamp":1725510134832,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"POST /socket.io/?EIO=4\u0026transport=polling\u0026t=P70Qomj\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 571\r\nOrigin: https://guatexgt.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 2\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\ncache-control: no-store\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-06T01:09:59.085862Z","times_seen":406365,"resource_available":true,"data":null}},"time_used":477,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/643e38d8QW743.woff2","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.458Z","timestamp":1725510134458,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/643e38d8QW743.woff2 HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 7844\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"1ea4-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7844,"size_decoded":7844,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7844, version 1.0","md5":"42d3308e3aca8742731f63154187bdd7","sha1":"69002807427be874f7b46a98f8a611d2c5c5f52b","sha256":"643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354","sha512":"46957d6daf667671f237dbbf941f1c1328ee14afc5f857733ea7c39b49f95c128349e2c73411fad4a9cd5388ebe97308540731ee88acb3a0b55323dd7c34a54a","ssdeep":"96:HTaQVtWUhG/s9I7WN8HLD3zqFmsGhViQYW6kELhq97lP3NeU6o7DKKM/J/EMhE:za1jZ0iLD3eFoiQXuOZ/J6YKJli","tlshash":"e1f19ed404890d10c552aefb7657c4be6a709f09507af72fe03e38d2b933326341ab16","first_seen":"2024-03-26T19:18:23Z","last_seen":"2026-05-06T01:01:29.943568Z","times_seen":3453,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":611,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/643e38d8QW743.woff2","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/55.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.392Z","timestamp":1725510134392,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/55.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 118017\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"1cd01-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":118017,"size_decoded":118017,"mime_type":"image/png","magic":"PNG image data, 406 x 400, 8-bit/color RGBA, non-interlaced","md5":"fdbc85296accb3fc94909cebc8f28f33","sha1":"d13cd133e7308f03cbb12772be9e639ed720b270","sha256":"050bae79865587fc5a3e9b7442c9f8e5038ebba7e46a637f39b97a510c110fef","sha512":"fade44ae6d450410d57dee4096b3cc53f71f41c0cbb47288281219b50397ea2ed364a40e44ca7c4a71988d56aa6a922904b4cd9e4cc1e4f5a95ae260b36f1262","ssdeep":"3072:kiJ2k6NrkfhLjSWX5/JSmWK94iAY0BESjosW/IXLjUW+yU2Q:UPKHjXamEi5ijSBWC","tlshash":"9bb30283e7ac0bf3fa09e6b6455d12b7b4254116e43fdd84093fe682822e990f1dd1a3","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.126164Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":510,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/55.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/54.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.385Z","timestamp":1725510134385,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/54.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 110040\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"1add8-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110040,"size_decoded":110040,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"b4d45a0699a5b1edcecde47cd5814cad","sha1":"68d1963fb0f03e72810e5249884838077c846bea","sha256":"52550ddd5daeef7a7ccaf33c7288cf21f125f5d3d3a8f6ca30c7ebe97c196cf3","sha512":"ed17e51841a0845ab7dc735ff5a7a2a81a346e33e561a6d377b8e1ebaa35f74e9ccfc157ea9267620c0355a5a1dc5985d3c8fd911c8e68b5cf08dfdc8d9f9e98","ssdeep":"1536:Y7Q/YABuRccOl+nIts49Yq3zQlLz0PLNtlM6FIz43DWD35xUas1Xy+d8nmwFyCA:Y700nIG4lQLgtGz2DOxYkmwyCA","tlshash":"d8b312eff6ef3d33d2ce334bc5178c45b6192d28668159280ad6e059238771f2b45aa2","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.1245Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":732,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/54.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/62.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.435Z","timestamp":1725510134435,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/62.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 5850\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"16da-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5850,"size_decoded":5850,"mime_type":"image/png","magic":"PNG image data, 394 x 124, 8-bit gray+alpha, non-interlaced","md5":"525a8dd5f03bcaf1ded1ee3337abcdd6","sha1":"0fa6fb07bbd273eb717fc960a2a47bb6d452ec36","sha256":"1ac699625073b29df7ad63c96d35d0903e9e5c561c76244410ad7bce53755f6b","sha512":"9203ead8bdee963a61f62518fffadb91718024aa3d67e8e15b6dd03117641d6b7c0d0b3fe536b030cabc08227c68913827ad88d4008645dac3e861e909681bac","ssdeep":"96:sRe0P2erMCKf15nqW4EL2O+Mzmb2ZoyShRiJ/fLSZ2m78JwRftQpgD3Zc8XG:gRnIvnJTL2UmSZ3/JGZ28wpgDpcGG","tlshash":"02c19debac90e52e48bb8c9062c97a40a78691f5e49260ef7363294258773d1d0f0fb1","first_seen":"2024-07-10T07:00:22Z","last_seen":"2024-09-19T22:51:23.130671Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":875,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/62.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/assets/125156b3QW743.svg","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.439Z","timestamp":1725510134439,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/assets/125156b3QW743.svg HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/assets/294db625QW743.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1218\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:50 GMT\r\nETag: W/\"4c2-1907ba24330\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1218,"size_decoded":1218,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11eff03fe9e5ae73e19d39399885f091","sha1":"d6f6f85cda36a3058855627a63da9f19d02e22b2","sha256":"125156b395a4441d633c63327e59e4c01ded8c07dd3520ed65681a4363526ad9","sha512":"123e3d4084441d37b89f2d524e630086c2c550bdba48cf652d660cae1b6111bfa8e9c91c06e2954e0c17929adf850a3f20c5218f07b31b6dd109bd4e6a1099b5","ssdeep":"","tlshash":"f621029ad138507fc143cbe492fa7516121eb5ffb1954ded9abcd8e02311cb9d447881","first_seen":"2024-07-10T07:00:22Z","last_seen":"2024-09-19T22:51:23.1314Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":885,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/assets/125156b3QW743.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/56.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.394Z","timestamp":1725510134394,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/56.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 95232\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"17400-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95232,"size_decoded":95232,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"e9e38ea4bc56db0cc71b410089824736","sha1":"923ffac596f19753fc38b2d85ae6119b97aa60af","sha256":"7886c301b96da2a0aff4202b5ec45cee90dd23019f33daea14092eb1e4d32423","sha512":"0591cef005c7a2dbd5c8fd4653ee7f7b0e12351551e18db1ac827d52f41f1285f7cd8d8e9dbea843385559f957c4cbb4493653cd06d45250e2fe3aea0a43860a","ssdeep":"1536:L313bBS6yDruWXbsegXh+9wmx/z6yhYGn5u67Mt3UaZpwi0Q3A36kBg:L3FNryf3AeAhkz1qkgfXwbQ32O","tlshash":"15930112e74a1a6402c5efc1c92fbfb7c86050a4d35e83ba86c76a5e71ed448de449fc","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.125635Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1273,"timings":{"blocked":1014,"dns":0,"connect":0,"send":0,"wait":256,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/56.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/53.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.432Z","timestamp":1725510134432,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/53.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 137105\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"21791-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":137105,"size_decoded":137105,"mime_type":"image/png","magic":"PNG image data, 1536 x 864, 8-bit/color RGBA, non-interlaced","md5":"e3b243a112777274baf93b13b5c90e39","sha1":"a57499aa308e6526cf026cc4c6f75099b6245ef4","sha256":"e8e622848800bf14c3a5c357baf0e4fffcdb74a71109874ca283918e416d021f","sha512":"50ee6510259dfa09ae3c4008c416038f13a6565013be60b86408270430baa0fd32bda827e4d1936c690dbbb37f2bdba6d3f60eaa7fb6a4aced8633c13496ed79","ssdeep":"3072:AQQpY2TgSAiZaN2gO621WqRLBopg0I7GGdetegQUIYv:1rSA/2g4opgTHdSdIYv","tlshash":"15d3010206b2d567cd06693cfef4a1de1592b636d638adedd312ae80e492c1d7d21cc7","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.1321Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1254,"timings":{"blocked":741,"dns":0,"connect":0,"send":0,"wait":255,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/53.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/57.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.396Z","timestamp":1725510134396,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/57.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 49981\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"c33d-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49981,"size_decoded":49981,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"d5d9ea5dc8632e36e7977b8bcca0bc45","sha1":"c14bf39df63564539c3ae97c0b209dfde3e4ddaf","sha256":"895cc4a7dff4584cae3f48194cb352bfc87d1771ec60da16848bbc43bbae687c","sha512":"52d5291fda7b0d082a7c93088198c3ede2803d512c8606fcd6186d0757ef73967005297d3e37102baa8ab41e965238f1669850ca60ecd9ae4412098b4cd3fe31","ssdeep":"1536:bJkfTNUGGOGlLLPH7jAYI9GSWZja7I4Np:bAkC99Ws7I4L","tlshash":"de23e119bbfc7eeda5471be0284235ae923dca50e18819236f6375f20116287dcbc5ad","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.123647Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1322,"timings":{"blocked":1031,"dns":0,"connect":0,"send":0,"wait":259,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/57.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/61.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.434Z","timestamp":1725510134434,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/61.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 212053\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"33c55-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":212053,"size_decoded":212053,"mime_type":"image/png","magic":"PNG image data, 1033 x 307, 8-bit/color RGBA, non-interlaced","md5":"9e2a983fcd6ff6633dc9890a3bcff7c6","sha1":"d179b1958b631004568ad085e0fc4a86db34645f","sha256":"83cf0684d784fcfe55b19735c380c6a891a4a3a147ac2043a82bcd771a952171","sha512":"d5f4db1dda939b99cc86e286484be20d38303796041999b825afdf715020c84f3a821966ccd9cd54125e03ba7342d40d9fa9cfbed055757a31bcb62399a01236","ssdeep":"6144:/HN6Ts176GWXhcxA2xO0FnO5n3hWkch5wEUYb733e:Vx76kxUX3h8h5XUYbC","tlshash":"b024123f720acc59a30859f832ace9765ce5231154decc9a66eef014e21714ac6def71","first_seen":"2024-07-10T07:00:21Z","last_seen":"2024-09-19T22:51:23.132717Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1380,"timings":{"blocked":876,"dns":0,"connect":0,"send":0,"wait":250,"receive":254,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/61.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/60.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.398Z","timestamp":1725510134398,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/60.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 64507\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"fbfb-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64507,"size_decoded":64507,"mime_type":"image/png","magic":"PNG image data, 402 x 400, 8-bit/color RGBA, non-interlaced","md5":"6b97de379b91d864b0a5dbfb8a2063d4","sha1":"cf8a3e73388c664605544363695a1c29cbda357f","sha256":"cdf0f7d2ef8ebc4c4321c0b1b2043bcb8d40a8ff4cdf790366db88d5d66fb23d","sha512":"3510708f3c4e0b898fb910cbbb860501f29d76729cf43d038f4d9e3e9f622211f84fea94c51b9b201dbf52000ff860910a2de1e7689310abb73566465d73ee07","ssdeep":"1536:LwC1dG2YIBMaXykPc5kUedI2WRqCNHPcQPRHK8sM/eWQ1:X1djY4M4hUoIPNKHrWg","tlshash":"cf53df0a314faad699723589a8da474183d2792c18d33d78cf17eff0a7d6668c78f610","first_seen":"2024-07-10T07:00:22Z","last_seen":"2024-09-19T22:51:23.127836Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1451,"timings":{"blocked":1168,"dns":0,"connect":0,"send":0,"wait":257,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/60.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/GT/layout/images/59.png","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.400Z","timestamp":1725510134400,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /GT/layout/images/59.png HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 12225\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=86400\r\nLast-Modified: Thu, 04 Jul 2024 02:45:44 GMT\r\nETag: W/\"2fc1-1907ba22bc0\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12225,"size_decoded":12225,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"84ba60276c7b3f9e13e3dd0396514591","sha1":"f1778b4ae643050a6921f604c1fe897fe19c2e06","sha256":"0e7345db0ffe672048f8c638d47d4b3dc531c720339fd614d7d6b8293e0d26a2","sha512":"37cab4e74c88a778bfb3fc1f2d3b6020383bafb4f25e12c4878a28b98ffec34c6331e0f456dc98569b8135c7272ac7fc1b4e59a08260b431db4fc774ca429e51","ssdeep":"192:K4J444444Fx6W3x5YByrDXqgTlAZOVgYsqaYvPMxnvpXw/MjELL8Dk7FxAwXRFXX:KQ444444Fx663NjTIUgYsqTMxvxm1/Rz","tlshash":"7242bf6bf9063f8f042224224e03220499f000b77e1a6f5f1f316591d9a7addfaf5917","first_seen":"2024-07-10T07:00:22Z","last_seen":"2024-09-19T22:51:23.12274Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1460,"timings":{"blocked":1180,"dns":0,"connect":0,"send":0,"wait":269,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/GT/layout/images/59.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guatexgt.top/api/MC4yOTc5NTkxMDg3NzE4NjMwNQ==","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:16.723Z","timestamp":1725510136723,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"POST /api/MC4yOTc5NTkxMDg3NzE4NjMwNQ== HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/encrypt\r\nContent-Length: 308\r\nOrigin: https://guatexgt.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://guatexgt.top/GT/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:16 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 36\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nETag: W/\"24-C0KaDFm8HolkmzKoTpoCJvG2DYQ\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36,"size_decoded":36,"mime_type":"application/json; charset=utf-8","magic":"openssl enc'd data with salted password, base64 encoded","md5":"f78440dddd24b2fc74298c88c2021d46","sha1":"0b429a0c59bc1e89649b32a84e9a0226f1b60d84","sha256":"db8526d61662c088fbd48bd32ba255405b19b58a2b008f5fe6ec2711bb3b5ea2","sha512":"96cb4dc8c6b833640772b74b17010bf27d849665c541fb78fbef723f58a37159c722f48824a877eaf00277037ca6f8605e9425549149704bc59b0534ba6bb625","ssdeep":"","tlshash":"2b800440074050511f05153dc5414f5c4100457d4175350f140ccc347d050433411005","first_seen":"2024-09-19T22:32:26.263827Z","last_seen":"2024-09-19T22:32:26.263827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-09-05","alert":"Other","trigger":"guatexgt.top/api/MC4yOTc5NTkxMDg3NzE4NjMwNQ==","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"guatexgt.top/socket.io/?EIO=4\u0026transport=websocket\u0026sid=zWbPBhwwqlU3jgJQBb2z","fqdn":"guatexgt.top","domain":"guatexgt.top","tld":"top"},"ip":{"addr":"150.109.94.38","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://guatexgt.top/GT/","date":"2024-09-05T04:22:14.037Z","timestamp":1725510134037,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guatexgt.top","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Sep 2024 13:31:46 GMT","end":"Tue, 03 Dec 2024 13:31:45 GMT"},"fingerprint":{"sha1":"9A:F4:D6:F2:6B:D1:CD:2F:6C:F6:34:2C:7D:98:EB:D5:E6:AC:A3:A2","sha256":"64:24:71:20:14:68:B3:94:71:04:F5:1C:BA:62:58:30:FB:FB:07:37:30:3F:61:E1:04:45:C2:B0:E3:77:D1:D5"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket\u0026sid=zWbPBhwwqlU3jgJQBb2z HTTP/1.1\r\nHost: guatexgt.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://guatexgt.top\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: lpf5XmbRxU4hwiT0Prh3og==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.24.0\r\nDate: Thu, 05 Sep 2024 04:22:14 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Z6LeoYQqBFQk9lytwlx3DmQJtJg=\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T01:09:53.296706Z","times_seen":14713570,"resource_available":true,"data":null}},"time_used":772,"timings":{"blocked":-1,"dns":1,"connect":252,"send":0,"wait":252,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}