urlscan.io logo urlscan.io
SecurityTrails logo

oss.anscxnyn.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://client.anscxnyn.com/
Effective URL: https://oss.anscxnyn.com/
Submission: On October 03 via manual from HK — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is oss.anscxnyn.com.
TLS certificate: Issued by E1 on October 2nd 2023. Valid for: 3 months.
This is the only time oss.anscxnyn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online) WhatsApp (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
3 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 240e:95c:3004... 58563 (CHINATELE...)
15 3
Apex Domain
Subdomains		 Transfer
15 anscxnyn.com
client.anscxnyn.com
oss.anscxnyn.com
178 KB
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 48572
33 KB
0 anscxnyfrtg.com Failed
18srv.anscxnyfrtg.com Failed
0 whatsapp.com Failed
web.whatsapp.com Failed
15 4
Domain Requested by
10 oss.anscxnyn.com 1 redirects oss.anscxnyn.com
5 client.anscxnyn.com 2 redirects client.anscxnyn.com
1 cdn.staticfile.org oss.anscxnyn.com
0 18srv.anscxnyfrtg.com Failed
0 web.whatsapp.com Failed oss.anscxnyn.com
15 5

This site contains links to these domains. Also see Links.

Domain
faq.whatsapp.com
Subject Issuer Validity Valid
anscxnyn.com
E1		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.staticfile.org
GeoTrust RSA CN CA G2		 2023-09-08 -
2024-10-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://oss.anscxnyn.com/
Frame ID: DD508454DCF8089C3D2622AE0D75858A
Requests: 13 HTTP requests in this frame

Frame: https://oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 3B8A297DF717962F9234B07F5C994EF2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WhatsApp

Page URL History Show full URLs

  1. http://client.anscxnyn.com/ Page URL
  2. http://client.anscxnyn.com/cdn-cgi/phish-bypass?atok=ttzB1WDI4WZg74CRG4FViXuIYG23izwOLlXv_l3QHuM-169634... HTTP 301
    http://client.anscxnyn.com/ HTTP 301
    https://oss.anscxnyn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

60 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

210 kB
Transfer

711 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://client.anscxnyn.com/ Page URL
  2. http://client.anscxnyn.com/cdn-cgi/phish-bypass?atok=ttzB1WDI4WZg74CRG4FViXuIYG23izwOLlXv_l3QHuM-1696349212-0-%2F HTTP 301
    http://client.anscxnyn.com/ HTTP 301
    https://oss.anscxnyn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://oss.anscxnyn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
client.anscxnyn.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://client.anscxnyn.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d32f3c13631e7639f6cc40472cbef88a768397de465fe932011b569a2bfe4dd9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-RAY
81066f521a0cb73c-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:06:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2FixQXuvKZMscQtsg8ZxG8VrF01mrGgxJLbkm40eSk5uOW%2BcQ4BtXWsBTDtWwx1dU2vK3kVr0EcZRWbrvr%2BZl4ElRNc7tajCyBT%2B25QnH7yCL4O1mK5S2hdAHaiavilctmohHOE1Hk4R1flew%2B5JKId"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cf.errors.css
client.anscxnyn.com/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://client.anscxnyn.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: client.anscxnyn.com
URL: http://client.anscxnyn.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://client.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:06:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Sep 2023 11:52:30 GMT
Server
cloudflare
ETag
W/"6514177e-5e44"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
81066f526a6cb73c-AMS
Expires
Tue, 03 Oct 2023 18:06:52 GMT
icon-exclamation.png
client.anscxnyn.com/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://client.anscxnyn.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: client.anscxnyn.com
URL: http://client.anscxnyn.com/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://client.anscxnyn.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:06:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Sep 2023 11:52:30 GMT
Server
cloudflare
ETag
"6514177e-1c4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
81066f52aacdb73c-AMS
Content-Length
452
Expires
Tue, 03 Oct 2023 18:06:52 GMT
Primary Request /
oss.anscxnyn.com/
Redirect Chain
  • http://client.anscxnyn.com/cdn-cgi/phish-bypass?atok=ttzB1WDI4WZg74CRG4FViXuIYG23izwOLlXv_l3QHuM-1696349212-0-%2F
  • http://client.anscxnyn.com/
  • https://oss.anscxnyn.com/
18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756ec49286d22b9d086102e2c9ac03872da564ffc23626e7d96afa35548045d3

Request headers

Referer
http://client.anscxnyn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81066f7548c10bf5-AMS
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 16:06:58 GMT
last-modified
Sat, 26 Aug 2023 18:05:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeuL3tNX%2B0U1fImucVPnTdMdkTn8mCfC85INyGScaHPg7fPX8uGwzTx%2Frm1mcYbvGn9QeRpxnS1jGpM7fv2snufVOpFkmINfcDI4VpbmUBAsIluWL7zzJdJOfXslX584m2XTyBBWGC%2FznreP%2Fqgx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
81066f74ab99b73c-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 03 Oct 2023 16:06:58 GMT
Expires
Tue, 03 Oct 2023 17:06:58 GMT
Location
https://oss.anscxnyn.com
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiF0Rz5q9OCK9qxcLzY9fW2wPP1utZ08wyNBePOXEVfxCL5pKA24e0Ou%2F%2F50gRzw84qVz8xhIymZxdiW%2FHlcNWHPfz8Pu1em%2BqZGuSGfLipwfO74oKTJG7YWFDvD7l6lUK3uytxxfcRfrFiGTnW4rlPJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdn.staticfile.org/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:95c:3004:a:3::185 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 02 Oct 2023 16:51:04 GMT
Via
cache45.l2cn3125[0,0,304-0,H], cache59.l2cn3125[1,0], ens-vcache31.cn4454[0,0,200-0,H], ens-vcache10.cn4454[1,0]
Content-Encoding
gzip
X-Svr
IO
X-Reqid
qKUAAACotc1zWIoX
Age
83755
X-Swift-CacheTime
86321
X-Cache
HIT TCP_MEM_HIT dirn:9:214878249
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection
keep-alive
X-Swift-SaveTime
Mon, 02 Oct 2023 16:52:23 GMT
Content-Length
32989
Last-Modified
Tue, 16 Feb 2016 04:22:54 GMT
Server
Tengine
Etag
"FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1696265464
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Vary
Accept-Encoding
Accept-Ranges
bytes
X-Qiniu-Zone
0
Timing-Allow-Origin
*
EagleId
77604f3716963492190838085e
stylex-ce269a9819ee8f292840728689a22cc5.css
oss.anscxnyn.com/WhatsApp_files/ 		175 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/WhatsApp_files/stylex-ce269a9819ee8f292840728689a22cc5.css
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2023 08:02:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e70e86-2bb72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRTrYZLMmUR4KxA4W%2BDELaV9V733ykb1RSElqXi7nmNaptqH%2Br1hyu%2BW0v%2Btbrqbm2d%2FcQYs0YCsnlUSI4Mn99R1vZVEA%2FAtBTkVzgo72QbpEtVAgplVa5MXmYGLVgBoIQb8%2FpSbOlMKB3r871ih"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
81066f776a990bf5-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 04 Oct 2023 04:06:58 GMT
app-6d34864fd47903428794.css
oss.anscxnyn.com/WhatsApp_files/ 		187 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/WhatsApp_files/app-6d34864fd47903428794.css
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2023 08:01:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e70e58-2eab4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F1zMm3BYAHjPbjpX4GKlIzri3NigluiaU%2FPrFmLwd9CM%2FETlybccOKvK1off9W57vXSn9grFL0CPrLZVerNdoBvWCIoePgkO9B2EY03lPcHu%2F3Ain6Ze8qG6JpkYZVIrMYxwqII2FI3eE2%2FkVdY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
81066f776a9b0bf5-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 04 Oct 2023 04:06:58 GMT
main~.b66100b3486cd1857cd3.css
oss.anscxnyn.com/WhatsApp_files/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/WhatsApp_files/main~.b66100b3486cd1857cd3.css
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2023 08:02:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e70e83-55b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BmGt0MhpSiH0XSH8wHfOIdsJWRHyKH0SdwhOGw6Ljk8I9FD1HYA%2FT18aJDLwXVc%2BsXI3PKHqUSOQ%2BrZglQ%2Buf78B58zeKaiayw1baGnv%2FICUB6rXDkDlCrYf7vSqbnhlycGlz47YpuECnLivkHT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
81066f776a9c0bf5-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 04 Oct 2023 04:06:58 GMT
main.fdf0caa2786c3269572d.css
oss.anscxnyn.com/WhatsApp_files/ 		150 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/WhatsApp_files/main.fdf0caa2786c3269572d.css
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2023 08:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e70e82-257df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2E7FKWKaM9ShFpp3GVoc377ZXb1Nc1QuHaPjhU7b87oXd4qddvxwqqLwiXHgT7jZ0kFYzZYhaD7Kjls2fFY9AGpbpB980eeRLthRBx1KCq6lE%2BEpgA11dBihZD7u7wipXNkmWfGGuHRgi%2FVIRdie"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
81066f776a9d0bf5-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 04 Oct 2023 04:06:58 GMT
qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png
oss.anscxnyn.com/WhatsApp_files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oss.anscxnyn.com/WhatsApp_files/qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994

Request headers

Referer
https://oss.anscxnyn.com/
Origin
https://oss.anscxnyn.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44299
alt-svc
h3=":443"; ma=86400
content-length
16259
last-modified
Thu, 24 Aug 2023 08:02:11 GMT
server
cloudflare
etag
"64e70e83-3f83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69e6EtFy5qLdiqgXle%2Bw%2B06c3j6mBWHOJzefwtyBp7q89KygbAsB9adNmWQfL476lhacU1eSaDwXQPSPgiE%2F7hMsngeRdouNezvJL9g4pGwlpDZDMofqd2vTHv6vcIgQfVYc4T2sDljJ%2F4cyzkZE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81066f7f5b783fa6-SIN
expires
Thu, 02 Nov 2023 03:48:40 GMT
binary-transparency-manifest-2.2325.3.json
web.whatsapp.com/ 		0
0
main.js
oss.anscxnyn.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/main.js?ver=1.11
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a449af42da1b5140cdfac11b04bcbd081af2b6c65eecac9005526ab3f6b13193

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oss.anscxnyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:06:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 26 Aug 2023 18:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ea3ed8-48ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxbn6ZswCyFS1NLy8g%2F5k54oW48sA39OHvHs11kCHgrVeKi%2BrEOUm%2FAmnfK0zApvt5MzifZAhAJb0lwmEo8jpgufSlaWWptTf0or7WFNsUGvoq6GH7fUhUEFSg2UJQy0QFrY1dMsKBHNWK4XkzFR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
81066f7c2fb53fa6-SIN
alt-svc
h3=":443"; ma=86400
expires
Wed, 04 Oct 2023 04:06:59 GMT
main.js
oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 3B8A
Redirect Chain
  • https://oss.anscxnyn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0762a9488440cafdf05bccd6a8a8ee68595f4671cac7a4a91e897a5c74d8eb45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:07:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKnCNdnV%2Bd48Gto3aeDuZcMrPMe3xwA87es503Q81sqzXGi1idUGrzv4%2BT8bVWJUJw4hhIURKVHV7R%2Bjb1ocKfWsbF6%2B%2FZrjdcrjcNA8BwoMai4ixxr%2BKIhrI0viZP3huTovFhGA5r9hCxjKdl50"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81066f81ee603fa6-SIN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 03 Oct 2023 16:06:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNTWf6don8%2B05Qi32yz%2FCEaDiualeBU2OM3fbWNdK2LFG%2B2EqvRRz5VEqPEhgVzEZAs5sK3FGSfWu%2FjFtkaOkF43Z4FQG859azNun%2BRrTS9N2GIeOMAKFR%2FNs8zpbNMWBXLIoiMvVFsrkRO9b8ov"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
81066f80bd103fa6-SIN
alt-svc
h3=":443"; ma=86400
81066f7548c10bf5
oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3B8A 		0
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oss.anscxnyn.com/cdn-cgi/challenge-platform/h/g/jsd/r/81066f7548c10bf5
Requested by
Host: oss.anscxnyn.com
URL: https://oss.anscxnyn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 16:07:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo2Kz5P%2F2WvkYJKdbN7XKmHvkfZ0UtEarGsKh%2FLUHtWZD%2FdzOO%2FcNfpTkVRrh56NapAMty2WsvIt9H87BdZ5y1q44B1uTUQ7yFkcQESwETggyQboca3F%2BIg%2B89cR1iwd58mnGMto6oLKisx5B5tm"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
81066f83d90a3fa6-SIN
alt-svc
h3=":443"; ma=86400
bf8a2700-6d24-47af-beb0-0d7877bfdf62.png
18srv.anscxnyfrtg.com/qrcodes/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web.whatsapp.com
URL
https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json
Domain
18srv.anscxnyfrtg.com
URL
https://18srv.anscxnyfrtg.com/qrcodes/bf8a2700-6d24-47af-beb0-0d7877bfdf62.png?1696349223790

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online) WhatsApp (Instant Messenger)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| guid function| getUUID string| uuid boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme string| version_ function| _0x1348 function| _0x453797 function| _0x4d44 string| srv number| i_referer number| isEnable function| xorEncryptDecrypt object| ws function| status_callback function| refershQrCode object| json number| code string| qrcode_text

2 Cookies

Domain/Path Name / Value
.client.anscxnyn.com/ Name: __cf_mw_byp
Value: ttzB1WDI4WZg74CRG4FViXuIYG23izwOLlXv_l3QHuM-1696349212-0-/
.anscxnyn.com/ Name: cf_clearance
Value: SlEa2ing57ieyH40ykONYurJ3keJNz1f.LcdmX9_sx4-1696349220-0-1-68eef34a.8d6f8976.12bb9a4f-0.2.1696349220

3 Console Messages

Source Level URL
Text
javascript error URL: https://oss.anscxnyn.com/
Message:
Access to link element resource at 'https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json' from origin 'https://oss.anscxnyn.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://oss.anscxnyn.com/
Message:
The resource https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN