flarequick.com/cf/r/66311a763496a700129dc237?cost=0.004400&visitor_id=810349158262120448&zoneid=5615727
302 Found 0 B URL User Request GET HTTP/2 flarequick.com/cf/r/66311a763496a700129dc237?cost=0.004400&visitor_id=810349158262120448&zoneid=5615727
IP
Certificate IssuerCloudflare, Inc.
Subjectflarequick.com
Fingerprint7C:0E:F4:46:A7:48:B2:64:3C:72:36:25:E9:5A:50:38:6D:A2:74:37
ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cf/r/66311a763496a700129dc237?cost=0.004400&visitor_id=810349158262120448&zoneid=5615727 HTTP/1.1
Host: flarequick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 19:57:53 GMT
content-length: 0
location: http://103.244.226.52/default/index3.html
cache-control: no-cache
set-cookie: worker_cookie=N4Igdgpg7g+gFgSwC4wQExALhAJgMwCcAZgAwDGeeAtGmhEVQCwCGAbAEZXvPsFUFpGaEgHZRzRmVYgANCABuCAM7JUGbKxIcIjABycSBMrqYBGdoy5FdJKgFZTEEaeZ4pZIhFkLlqpAgBbCCUkZgCAByxcEhxLEjsqEkYAFVMCTDsRDLwAOnwcAC1vRRUkAHsAJzUo0xJTERwIZlMaLQgmdghqXRw2KghWEScnB2YyDDkyMPDmBABzMGqNVjxTFxEVxgJWZjE6nAEyfBFvMDK6JZASU/OIGCQAT3CvbAAZZjA0BDA5m4uyOCzMBYADaVxAAF05OEKsEIAAbCBkJAQNAwM50LCgR7PKLvT7fX5yUIVOYQFDoKKsFZrCRHFzsVjCfbMXRoIhkMh/O6U7DXOSQAAeSCxIBxLxAAHkiJ4Kt4SWSKeoQNTVi5WPgtjs9qYDmgjng7NzLiQYPzwBBhVgwABXeHwgC+DsmgO+MHCZVKCDKwMwoDINoqsLASAAcrcAJKfS1YEhydgVD4AqNfMjBUEQ50gZQwWFfWHIrBICo2iByACOSkifpAZE9Ir5ORISUYzeKvnKVV5IF0tTwW1Mdh6Gt1Ld03gAXj6IN27KxBw0Tlmc5AoFgiMx4UoIA6gA=; Expires=Sun, 05 May 2024 19:57:53 GMT; Domain=flarequick.com; Path=/; SameSite=None; Secure
__cf_bm=lBDZEnlggE.IS6bkMNaxPSGtYG.YVBKokyBlYBzkXCY-1714852673-1.0.1.1-2a0rKhH9Xs9qZqaQBy97LxAwHTTa_QDC7EYSilmZ5Ksp5447HCax850pRNIHPFOjtrMC7.7OPCW5pfq.NgcEyw; path=/; expires=Sat, 04-May-24 20:27:53 GMT; domain=.flarequick.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb0ff7abdab509-OSL
X-Firefox-Spdy: h2
103.244.226.52/default/index3.html
200 OK 1.3 kB URL User Request GET HTTP/1.1 103.244.226.52/default/index3.html
IP
ASN #138995 Antbox Networks Limited
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (562)
Hash 48a914ff34a3c18886eb4f8887103f74
8c6246f10897f8104a61745b246a1fcd271ee54a
13e685914e0f9968913632d513a79b02c6457702f85962499ee5431fc3256ee2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /default/index3.html HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:57:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sat, 04 May 2024 04:17:21 GMT
ETag: "9ac-617991cd387e1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1346
Content-Type: text/html
103.244.226.52/default/static/css/style1.css
200 OK 2.5 kB URL GET HTTP/1.1 103.244.226.52/default/static/css/style1.css
IP
ASN #138995 Antbox Networks Limited
Requested by http://103.244.226.52/default/index3.html
File type Unicode text, UTF-8 text, with very long lines (493), with CRLF line terminators
Hash 31f947192ca98d5eb7c8f88d89b58b53
7a09a254b7dad55b006dba6dc787159f294ad31b
6b965be73890b1c95727059d48b79a82bbadfa6fc5f3b51ddf0ed4ac9d7c5959
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /default/static/css/style1.css HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/default/index3.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:57:51 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 30 Apr 2024 05:23:04 GMT
ETag: "2a14-61749907b92c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2540
Content-Type: text/css
103.244.226.52/default/static/js/js-sdk-pro.min.js
200 OK 13 kB URL GET HTTP/1.1 103.244.226.52/default/static/js/js-sdk-pro.min.js
IP
ASN #138995 Antbox Networks Limited
Requested by http://103.244.226.52/default/index3.html
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 12b38788244af30e6f2b43ac1e0905c6
8c57c30de889c77a4ace4e4ce33a46005868e0ca
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /default/static/js/js-sdk-pro.min.js HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/default/index3.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:57:51 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 30 Apr 2024 05:23:02 GMT
ETag: "8615-6174990667871-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12844
Content-Type: text/javascript
103.244.226.52/default/static/images/pass.png
200 OK 548 B URL GET HTTP/1.1 103.244.226.52/default/static/images/pass.png
IP
ASN #138995 Antbox Networks Limited
Requested by http://103.244.226.52/default/index3.html
File type HTML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /default/static/images/pass.png HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/default/static/css/style1.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:57:51 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 30 Apr 2024 05:23:04 GMT
ETag: "224-617499077c621"
Accept-Ranges: bytes
Content-Length: 548
Content-Type: image/png
103.244.226.52/favicon.ico
404 Not Found 260 B URL GET HTTP/1.1 103.244.226.52/favicon.ico
IP
ASN #138995 Antbox Networks Limited
Requested by http://103.244.226.52/default/index3.html
File type HTML document, ASCII text
Hash b49a4048aeefde25241e69cc886b393e
2ef95ecdcb1c8097a5ea8e7f6949d809dcca2ed2
a0c4bf97e7f8f7a56821ef55c308ce8d12ed9a1cce5cbaa53d547506bd99ac4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/default/index3.html
Cookie: __vtins__KEEzpautHhr6k3Vb=%7B%22sid%22%3A%20%22e3b3a7b5-5c52-585f-8f70-7435342bf4f0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714854475049%2C%20%22ct%22%3A%201714852675049%7D; __51uvsct__KEEzpautHhr6k3Vb=1; __51vcke__KEEzpautHhr6k3Vb=d51f8018-735d-5d8a-8d10-756b4ae406cd; __51vuft__KEEzpautHhr6k3Vb=1714852675056
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 04 May 2024 19:57:52 GMT
Server: Apache
Content-Length: 260
Connection: close
Content-Type: text/html; charset=iso-8859-1
collect-v6.51.la/v6/collect?dt=4
406 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://103.244.226.52/default/index3.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 288
Origin: http://103.244.226.52
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 406
Date: Sat, 04 May 2024 19:57:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=151e3e03d4e72ac7c2aca0479ac7950a0b433f240b1ed7a1a90782c51158cfe6; Path=/; HttpOnly
acw_tc=ac11000117148526758254867e7529920477ab115231a0a574e3361a443da6;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://103.244.226.52
Access-Control-Allow-Credentials: true
103.244.226.52/default/static/images/bg3.jpg
200 OK 214 kB URL GET HTTP/1.1 103.244.226.52/default/static/images/bg3.jpg
IP
ASN #138995 Antbox Networks Limited
Requested by http://103.244.226.52/default/index3.html
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 874x1280, components 3
Size 214 kB (214462 bytes)
Hash 85fd257b7c011c2e2bf00a75316f2332
7ad84725bc53187dcd75412a1b839727fec2dc1a
4f79d968a78ced1ef2af514b40df3084c55e39c003a35f5855b9a9314042628b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /default/static/images/bg3.jpg HTTP/1.1
Host: 103.244.226.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/default/static/css/style1.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 19:57:51 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 30 Apr 2024 05:23:03 GMT
ETag: "345be-6174990725781"
Accept-Ranges: bytes
Content-Length: 214462
Content-Type: image/jpeg
flarequick.com/cf/cv?click_id=OPTIONAL&payout=OPTIONAL&txid=OPTIONAL
200 OK 0 B URL GET HTTP/2 flarequick.com/cf/cv?click_id=OPTIONAL&payout=OPTIONAL&txid=OPTIONAL
IP
Requested by http://103.244.226.52/default/index3.html
Certificate IssuerCloudflare, Inc.
Subjectflarequick.com
Fingerprint7C:0E:F4:46:A7:48:B2:64:3C:72:36:25:E9:5A:50:38:6D:A2:74:37
ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cf/cv?click_id=OPTIONAL&payout=OPTIONAL&txid=OPTIONAL HTTP/1.1
Host: flarequick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://103.244.226.52/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:57:54 GMT
content-type: application/json
set-cookie: __cf_bm=0LYO5vBwmOf0Bdpv1XjaIG55YSqHYQe_.nnEJQ951xs-1714852674-1.0.1.1-KOvlp6jAGMln5QOALOr4Y3namCsnRGTvZ6NJRp3ziIbSOUeJMZmOSRtxHnzEiiiIyDv4MVr7s6blrJhoYAShsg; path=/; expires=Sat, 04-May-24 20:27:54 GMT; domain=.flarequick.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb10013b4d5689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
104.18.16.6
103.244.226.52
203.107.86.226