{"report_id":"0a08599b-be8f-4679-acd1-2bcb825bce78","version":6,"status":"done","tags":[],"date":"2026-05-31T22:43:12Z","url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"title":"Unipeg // $UPEG","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-05T22:43:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-31T22:21:48.210615Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"uqegs.app","ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-31T22:42:33.689954Z","last_seen":"2026-05-31T22:42:33.689954Z","alert_count":20,"request_count":20,"received_data":4237347,"sent_data":8870,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"uqegs.app/eg.js","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43d42f8fa165e820b8c2fca8291820a6","sha1":"42658368997e9007e3b072ecc5ac67972d6182c0","sha256":"2ca4d7ac69a2e4aea8a6a50f0cd6e43aaa930e82605500ca02194eea5f59921e","sha512":"cfb51067bbd91a8e5ce49bbe0408f97e532ce9720b273c9d896c8a5188b1fd26e6916d2365fe20e936ee8a25008b4e152dd52cdd57fe43520241241ce7f807b2","ssdeep":"768:XmNfvcLl5Z8xdjaLAZdHoKIb2Q+Hq7spp30LsFrE7dcLml7nJSrP/cTo+s7PwcAv:v5Z3s/oKIKDqoD0LQCGcqJE1agh","tlshash":"7c73b5d6590ac0d98e6160cdd477ec09e4680923ceaef1a3f62cddc2b41ef62845767b","size":76517,"data":"","first_seen":"2026-05-31T22:42:38.518087Z","last_seen":"2026-05-31T22:52:36.43217Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-06-04T13:34:26.852723Z","times_seen":2984,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-06-04T13:34:26.861411Z","times_seen":2896,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-06-04T13:34:26.859979Z","times_seen":1700,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bc246f6fb9a4ec693b452129f8d6298f","sha1":"0c0195fe080beca001e338da018a9fa619fc4c98","sha256":"43f83669e7b8c2fd82881442ca75c17082f3af986d91d945b4786e7227548a26","sha512":"2346fb746ebf9394702573476f4ab50c7134377dc5b545c5891503d1285f714eac57f57b73b2de4f34152263a136f95bed3c69bba1b3920966957f7664478306","ssdeep":"768:I6Jfvchh5Z8lTffRExN7CrilWcGJ30LEFFHE7VcL4lfhjm3tcTyh7zZccEclcmcU:i5ZiXAgrgyR0LiEw3uM3zE1aP","tlshash":"5073a3d5990bc0d88e6260ced477e806e4280923ceaef1a3b53cddd1b85df62849757b","size":73410,"data":"","first_seen":"2026-05-31T22:42:38.527813Z","last_seen":"2026-05-31T22:52:36.446595Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/2ed6070d-59b6-4d44-ba21-9b462d757ff7","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b899c81881b5c7e29093ee2bd6b17b8b","sha1":"82708388eb6c591577fd29e08c5db922c8d05bfe","sha256":"4f92b6790293275b16254ce6b05e0f065b29a42739013cd86ab118630b2a25fc","sha512":"cf253269e188357e926c34edce7e8b3d68c4ab2de407ec0cea4f7572633b0d7efca686e8d74c3d4dc679a51dc3cc60e1d0eaa22f7793b3dabc1d655219873037","ssdeep":"49152:n7OwPEZJs7pAMowW2QUSvhjG+EyY4bfO3xrQanJfCpszVt3Xc:4","tlshash":"a2f523822c13eaa58f88526570f7ad0754940d129c9df0dbe769f9c1346dfa1c0eba2e","size":3416769,"data":"","first_seen":"2026-05-31T22:40:06.726128Z","last_seen":"2026-05-31T22:52:36.438634Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-06-04T13:34:26.862791Z","times_seen":3066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-06-04T13:34:26.82876Z","times_seen":2927,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-06-04T13:34:26.859392Z","times_seen":3034,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-06-04T13:34:26.844261Z","times_seen":3102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f158c0fc784b054e6be2da6cc3f91252","sha1":"ea3068bad5d469dae9cd07f0e10014d97b8801ce","sha256":"4a4086d5f1bd188be2533f4290389c79b5568a61c5afd454231dc3ba35f0eee2","sha512":"12051a1086abc2c779294d9102e08a5093e4b36f9646767e08159494777fa3718e21e47da838cb41683195c33fd979077d774a407826f9d9b2a888a63a283543","ssdeep":"","tlshash":"a301233f4e033239ad67796d4b2fe5742a333527a129d410fc5c74142fa9d2a0245fc1","size":751,"data":"","first_seen":"2026-05-05T15:46:32.31583Z","last_seen":"2026-05-31T22:52:36.439505Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3e351821d7b7ab9c167e007ea121f7bb","sha1":"4ae76878e95a3af17306991fc0f78b1ad6b88cf5","sha256":"739277b7002deb537fcc2d8d3bf77447ac91c25f7562088fabad7c8114f4e09e","sha512":"59f35e0bbc3d1ab11d6ecf6864702b2e07dce9f51a9b7294f409c36164b7df4ed5674c24b008f24c91c698fd9cd416dff2e2373b11afe7d81baa93482310335b","ssdeep":"49152:A7OwPEZJs7pAMqwW2QUSvhjG+EyY4bfO3xrQanJfCpszVtzx2:R","tlshash":"acf523422c13aab68f88535570e7ad0b54980d139c9de0dbe769f9c0346dfe1c1eb92e","size":3414186,"data":"","first_seen":"2026-05-31T22:40:06.719489Z","last_seen":"2026-05-31T22:52:36.440819Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 31 May 2026 22:42:46 GMT\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-06T09:21:51.494494Z","times_seen":29321,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":217,"dns":0,"connect":32,"send":0,"wait":45,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/2.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/2.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1168\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-490\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M8%2BgvQEksWOfU%2F7%2FYN%2FvwQNJYudjWEZ%2Bn1XudqRGXk91I5YZR421p98JZSyd%2Bl9D6SCm2IO3uF8VfLZgVJvDpXErrAnoSQplGISSbKDr7vD6Nt2ezeNmEHFVbI0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8e56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"a700b7f4c87ad7c39cb35ce11289a1b0","sha1":"f69c132983414c6b9e7ada7d4daf33d24e9e9a7a","sha256":"4973029e223666a24f19867912a3a53372410f7e459261f9575d5ebdde66e076","sha512":"5d2b78ab058dcc1942b1750b17535c542546f325ea2ed14eb94c46f22a661f5ddfaba7fc86253350c0e0751483a452e4244ae31bcd7e523970ca9f743f24fc5b","ssdeep":"","tlshash":"712163d4b2bc2a04c4d56028d5c21a93047a076b591175ff24cd8d7e270e786def214b","first_seen":"2026-04-30T16:35:47.779834Z","last_seen":"2026-06-04T14:53:21.604979Z","times_seen":18,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/14.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/14.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1095\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-447\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4GLS8%2F829oksYCh2bnqLUuRN4FSMBb7WtOB8ra8VRZ5hu%2B0lu2lZbn7KScMrM9q5GJkoSTQbmf9f%2BJ%2FOvkfkQ%2BnnPXTwWHHRFbfdpJ%2FY3x9jfz7SIme%2ByztJMDo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d2f9056c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1095,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"5e8906b9d027ad8e95f75b2d33a851fe","sha1":"2d2b18410a66c91740ac90f705db4b2768bcb942","sha256":"80e16d60c5e4c3c85fc2f3fe9d9ed7a7927a44a0a678bd778ecb6a287239d7e8","sha512":"6313733e2a4e998fbc126232a03792cc6c6d7c3dadb33f1946e16e2efc2375296f4b55859d92ce589062c40ce22080cff28bbff12c9f9e034de0c35c8cdf3aaa","ssdeep":"","tlshash":"ac11e9c477fd2a418ac96069c0e5889684774bbb2d0524fb30c85a7e6b1a2d6cef450b","first_seen":"2026-05-05T15:46:32.301486Z","last_seen":"2026-05-31T22:52:36.419609Z","times_seen":7,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/11.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/11.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1113\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-459\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dFDIkues2lbYQoUscAMvbIKyKXER8FaxIApT6H6SB9VV6OQd3fplwEVtBP2BXsYuZM%2Bgw%2FGOlZ43L6cOgzsc5ksg1aziW94rbvXBlxvHnNBpwltus%2FANoo0RmlQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8f56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1113,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"c733f8eb0a5d7b975a7cf75cf1d6bb8e","sha1":"12605d9c0a45904309e153112f348de6f3dca52c","sha256":"31879ffff49bf79e13b778bd72efe1a177eb99d65a23055e26ef77734257fe3c","sha512":"9133ec915b6b9688e469dc5cda106c9a684f243af481d12456ba0285d84e22eafd985130a14c14e656ae786aea463970226fe5e7ee690fd3f46222a6aa7c0a9e","ssdeep":"","tlshash":"1921e991a7bd7610d588a43cc0e81da2857397bb094570fb60d95d3f231a682cfb128b","first_seen":"2026-04-30T16:35:47.768592Z","last_seen":"2026-06-04T14:53:21.599674Z","times_seen":20,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/peg2peg.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/peg2peg.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 18824\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-4988\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I0aAu3Xs%2B9RdGRaJaHO%2FvmBorBp%2B4NcQRV8hP%2FYyDSHwHym2s3ofaA8BDDDwqVM1F%2F%2B72UA%2B15dHs%2FtOrL%2Bs5d5MK7FEwkKo1n6oX2wcmmSiLViCaRlNtRCtwu0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d2f9356c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18824,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"fe2d5263139039c4abf0ac85867d6268","sha1":"73a4bc09def36fe0f43f5716a79d19486b1c9c27","sha256":"7d17cf1b790cab9a526a98de267e0ce7ffbaac008003f8b340dcd3654bf90391","sha512":"dd040ce29200d4882bae5af25e0f2ca058f68e89e4599ab180ecc4c35d9f951ecdf6f22494762f003cd38c694fdedf201bbf5a94bc3bbe875e89a5210a495bc7","ssdeep":"384:6raCcnhTHSNZRSfBZ7fRTl7przlZB8I1Z2hTVFiyS5B8jdrqKT:67ch4ZRSp3lJznSI68ySYBrqs","tlshash":"1d82b0451df19c8c40776a067df2c88eef4f7974b1a46f8b2d86b7e348415248a49ac3","first_seen":"2026-05-01T21:39:36.422392Z","last_seen":"2026-05-31T22:52:36.430232Z","times_seen":9,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/logo.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 169685\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-296d5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CS97YRFHwYmCpbC9ONd2f8%2B4W4E4mK3V%2BLBwkPp4qYxrSl%2Fw3I%2F8joF8MOb8RULdrgNvpEhLSvFXIWt4BjrZMlT%2BRR71L3vRJSOhraXk2StDt4cxAvljD225rJQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d2f9256c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169685,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"608b571bb1a6405a1609987a7adfae00","sha1":"c337f3a12833cdd75f6d4e0a71bec0aaf106d061","sha256":"8df707e5f153d2cf4bd085b91d7ea1cc77bdc8f745b10a4bf9811e8b4c6efd57","sha512":"16ae1b11c3480a166e3804fd2aed1b067078941f4dfd28c645556efb491d111a7dffef0cba99c97fda9cb9d0ac5a673a71a7017cf2bf8cf3e67fd55a1e2dc022","ssdeep":"3072:yl4frU9ertyn/H2D7hRSQNpiwgqo/i1wXa+2IzGKDpzEC84X:yl4frUMpynfahRditVtq+PzGKDp/8G","tlshash":"b1f3123ff25e60a0a635a83751d90b7bdae66d689934f04d6fa651e1f40fa072c48f30","first_seen":"2026-04-30T16:35:47.762483Z","last_seen":"2026-06-02T11:41:48.617905Z","times_seen":19,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T22:42:45.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j8pUNOm5qzsFotSSB0yt8MbV%2BcBlVLBN%2Fv8N7Wjs%2BSJdVzo9mt735c2XfSbRyU2YBILnVsrYICa5f8Ik5JfM1pxnMwEOUHX3kXkV1Tc9ErjTVyriibqyqBc9o5k%3D\"}]}\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: a0497e5c09ce5693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40168,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (402), with CRLF line terminators","md5":"27c8f90db7127c3bf8108ae6903f4fcb","sha1":"4eb85dc55703dc246aa49b6ba2549a40703b06e9","sha256":"e4136400934221191f40ea4ff300f0482b78374b1346c76201918533a1c2bc4e","sha512":"7bf9b164782b527e3f6b3a039e5312bd805f39339901d0966a1e22dcfbaffc5ed16c34600b89d800050a489ff6c48a2124ba278e6e8b1a092deae3203a8c3cf8","ssdeep":"768:KYtnJsBeh+dAxDQIFb52yFjYA21VZtw3hc2tWm48dusyL84A10sdWMizUAAlgCfi:lsKs5v","tlshash":"a703b904fd80897b363792eea3d5dd4ee9a031038500f799b2fe51964fb2ab359b7424","first_seen":"2026-05-31T22:42:38.502395Z","last_seen":"2026-05-31T22:52:36.424924Z","times_seen":5,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":15,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/assets/index-C5YO81_g.js","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /assets/index-C5YO81_g.js HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 40\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EqfUELDViQFoO761VGEdUJIHZYuhFS4NG1xui9lK7RnRjvwq2ZBLh8n%2BS8vFX6WSSHT10tYkOClw%2FdRi5hYR6alHDj2C5LwA5wcfi9Ss%2BcfVxMqk9ghisELAVng%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: a0497e5d1f8756c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T09:09:45.894417Z","times_seen":16172309,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/assets/index-BeM7K6Lj.css","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /assets/index-BeM7K6Lj.css HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: W/\"6a175730-219ee\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 40\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qrn3EtlAdHfxuNQzgPMiHfe%2FoXi7YKhtUrxMQ2pC200EZex3bTKY313APJSrrLaoyptllEpwDjoit8gmO5NyeK72ZxDvnvYn2B%2Fqs0rzfzM5GaAJzGmjfXeMPSY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0497e5d1f8856c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137710,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"cadf21526e08478d946374ea886005e2","sha1":"bd31756aaa9fe328e94e08a47f8f7fc868794147","sha256":"7196bbb660cbdc0ae7472573245ef428db52ed26187048b776e291f5fe1bdd61","sha512":"434fa93164db01184b2d964e35375e794e6bf5fdf3be116c67a57f8eb19dcbee6cd200e215f05cae56b04bc84201d201b3e4040f8a382f6ecfb800e1fe45b4d3","ssdeep":"1536:pqSlcNTgMrlmIy/4wKdkmNsIr2q5plEUZRsiETZDsXZRF2puSXY5g4Epc:4SJ/XsuZcYXY5gc","tlshash":"06d3e825b2a8713de43bc526a9cc5e9e3214b747c51207eafa7055258cc7af33e7268c","first_seen":"2026-05-31T22:42:38.507826Z","last_seen":"2026-05-31T22:52:36.426989Z","times_seen":5,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/6.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/6.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1170\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-492\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PM1YOqfd2hAM2QJQtoXte0lAO65aQ27IU%2F7I9NxswlfKW5Iw5Gmb8Nk7oDkbNFcHqmki%2B7LmubXEw%2Bfo4%2FgxeUFtvwilvqHLWkdWT5LRpa2F0a0lNIaOLLf8hew%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d2f9156c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"b616e2b548d852766b8cd62fd45fa1f5","sha1":"768c4d023938c95db51aad33bc7b138b42c6a644","sha256":"35cbc748edcd3f48504eb08dac827c3ad8513bc2bef9243f3d3f53f03fb46d80","sha512":"6a657f89c9308fc7ab5e664c0c48b25ec89d1650a1c4c99b11e3129845dd9338b8b215da441300c9d715370f47578dd9b9480fe970bb19e1bfaf6be339b35f32","ssdeep":"","tlshash":"be211ec277fd2625c5d96428c0910ad78033133b0846b0fb71de4a3f660a697dfb20ab","first_seen":"2026-05-05T15:46:32.304964Z","last_seen":"2026-05-31T22:52:36.434874Z","times_seen":7,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/secureproxy?e=jscdn/getFile","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://uqegs.app/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://uqegs.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"m9ewi47r2a91ha9wjfql\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DNDOU05y0eUFQvk%2FSWN1DWtYmQwhfoxoEwoPEZYCxFE0JV%2B8p%2FJqx2ITu1mqOQ%2BN1cvoQMqiXEXqhQpfIUjEtdGk83xdE9oimS9%2F8AN2K%2BSS%2B%2FHkbXwrCDjH5eU%2Fjs%2BJH57XcFQ%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5ebfa056c3-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3416769,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1c9d6047c6708b5c0d608f1b2b4a0d6a","sha1":"8933bc4b4b4071fc3dbfa5f4df459abbb4911170","sha256":"d0f10e55df1e496bd2d429af3e3854df1c34ac74c1c63570ed0241ba9f0e1f9d","sha512":"1520d192d4ab369b111c7892062f2e6b03fa57e57dc1c815aa523966041bb579423aad84d1817eb0aee0369eb536701561066d4dca029d7ad88bf527bbb5783e","ssdeep":"24576:nV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdJyIv1u7EO:n7OwPEZJs7pO","tlshash":"092533512e67fd594f8caa6978b7be4354414f01888ca8dfe672edc021ac37581cbf1a","first_seen":"2026-05-31T22:40:06.712065Z","last_seen":"2026-05-31T22:52:36.4234Z","times_seen":7,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":233,"receive":343,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/fonts/ElmsSans-SemiBold.woff2","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /fonts/ElmsSans-SemiBold.woff2 HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/assets/index-BeM7K6Lj.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 3377\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-d31\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8vVmnVbaDInh2iuPHGDKy0Ad8Bp2A5g2Z8hA98CCvzANvnQlwc6wwxGHruBOibjPTP1T07zPq66oQP7ADs9WETocaLtKawWMkt51Hvk8tLaVpzm7T5W41O3zXxg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5f5fa256c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3377,"size_decoded":0,"mime_type":"font/woff2","magic":"HTML document, ASCII text","md5":"81db15403eeb163e44c80ed95e6a4f99","sha1":"1bb091de7df446dd951b02049327f12010538bf5","sha256":"2b885d462ec15d21dbb8ac201f794d6922744a432e6fcac63e1fce9bbadef9cb","sha512":"b91fc04a7431e3ee156ee714b6dafe94bc41f8deada9cef7dceb547412c2ac69769f5efe6640147c2a553aa72d3a548727c7692ecc8c6f9349f2ac7e6afa71fb","ssdeep":"","tlshash":"db61446785e13c156735c024aadbf914de76a817c228ac40f1dc94a94fc3fd2c9e33a9","first_seen":"2026-05-31T22:42:38.516079Z","last_seen":"2026-05-31T22:52:36.421608Z","times_seen":5,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/fonts/ElmsSans-Regular.woff2","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /fonts/ElmsSans-Regular.woff2 HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/assets/index-BeM7K6Lj.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 3377\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-d31\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lw1D3Zl5eUyE82u8cF1XoRKQqMqaX9UUYpSCXB83iLUop4ShMNy4oJjItjKy1lvaKr1dY5mngX2fNcutiIBi%2FwNtaicuYkX53XFN7K2l9YDD50TfUcgabClSKE0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5f5fa356c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3377,"size_decoded":0,"mime_type":"font/woff2","magic":"HTML document, ASCII text","md5":"81db15403eeb163e44c80ed95e6a4f99","sha1":"1bb091de7df446dd951b02049327f12010538bf5","sha256":"2b885d462ec15d21dbb8ac201f794d6922744a432e6fcac63e1fce9bbadef9cb","sha512":"b91fc04a7431e3ee156ee714b6dafe94bc41f8deada9cef7dceb547412c2ac69769f5efe6640147c2a553aa72d3a548727c7692ecc8c6f9349f2ac7e6afa71fb","ssdeep":"","tlshash":"db61446785e13c156735c024aadbf914de76a817c228ac40f1dc94a94fc3fd2c9e33a9","first_seen":"2026-05-31T22:42:38.516079Z","last_seen":"2026-05-31T22:52:36.421608Z","times_seen":5,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/fonts/ElmsSans-Medium.woff2","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /fonts/ElmsSans-Medium.woff2 HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/assets/index-BeM7K6Lj.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 3377\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-d31\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0s%2BH8YjE0DHs4LTdk1ake6OZfqxZnp%2Fnw3UO4%2FrJvZ6xSabYb2vx8bHLA4mXCwSYGFZ8%2BtqsrJquVDwP69gK6jjNXGoklhQ4sA57sjmOOt%2FqX2rLUs8eUfSCZHg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5f5fa456c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3377,"size_decoded":0,"mime_type":"font/woff2","magic":"HTML document, ASCII text","md5":"81db15403eeb163e44c80ed95e6a4f99","sha1":"1bb091de7df446dd951b02049327f12010538bf5","sha256":"2b885d462ec15d21dbb8ac201f794d6922744a432e6fcac63e1fce9bbadef9cb","sha512":"b91fc04a7431e3ee156ee714b6dafe94bc41f8deada9cef7dceb547412c2ac69769f5efe6640147c2a553aa72d3a548727c7692ecc8c6f9349f2ac7e6afa71fb","ssdeep":"","tlshash":"db61446785e13c156735c024aadbf914de76a817c228ac40f1dc94a94fc3fd2c9e33a9","first_seen":"2026-05-31T22:42:38.516079Z","last_seen":"2026-05-31T22:52:36.421608Z","times_seen":5,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/logo.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 169685\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-296d5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 41\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fyxekGH4DhPa2Ok4HU526HOULfIgMwQawq8rKzoToiKuTONi6AvDJKjkM3m5suidiuxweA17bS%2F8LmqDh2RF6lUbr6%2BIrv2xRhL6bmMerMfjHKPHEPCP4wxvr6E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a0497e60bfaa56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169685,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"608b571bb1a6405a1609987a7adfae00","sha1":"c337f3a12833cdd75f6d4e0a71bec0aaf106d061","sha256":"8df707e5f153d2cf4bd085b91d7ea1cc77bdc8f745b10a4bf9811e8b4c6efd57","sha512":"16ae1b11c3480a166e3804fd2aed1b067078941f4dfd28c645556efb491d111a7dffef0cba99c97fda9cb9d0ac5a673a71a7017cf2bf8cf3e67fd55a1e2dc022","ssdeep":"3072:yl4frU9ertyn/H2D7hRSQNpiwgqo/i1wXa+2IzGKDpzEC84X:yl4frUMpynfahRditVtq+PzGKDp/8G","tlshash":"b1f3123ff25e60a0a635a83751d90b7bdae66d689934f04d6fa651e1f40fa072c48f30","first_seen":"2026-04-30T16:35:47.762483Z","last_seen":"2026-06-02T11:41:48.617905Z","times_seen":19,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/5.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/5.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1153\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-481\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6RyUHgiKzQt8qZrDh9n1%2F0KtSrqCScGjwXfLZKH7WFYyi%2BG5ks0LRokZdjObqt7DGfnEf6P3Qg9hIkBboPrD%2BdTsu1DTV9Fn8Cx7RhGEtuwxWk%2F63rnfzoKBCUA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8a56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1153,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"8fe2bade7b9b0300fd75073e1295fd4b","sha1":"914bfb9d57d321befec67f582e585f0fab9c465a","sha256":"67fa964658c09d9a79d4d1b6b4cca4b8280fe7df77b6686c9d56b6711cf1ca1d","sha512":"f1a98812c56ea631b60c73d48bba0d3487d788c3c0c7f7e45d253c70e8f7d059e1bb10bf734884a3ebbde5cd58b625a158165016f62b87f82b262e04fd0cbef2","ssdeep":"","tlshash":"4821f9e032be7720e8e86439c0d05ce7453353bb591134ff61dd583aa24a6a2ceb511b","first_seen":"2026-04-30T16:35:47.795812Z","last_seen":"2026-06-02T11:41:48.613072Z","times_seen":19,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/9.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/9.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 1091\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-443\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qniFRKah5ESz5%2BFHojRpOspVlN6peGHDA3vmpSa4R3HnfmLCdXm4FO4gKmsQ01JsQ%2FBv5ZtsgUBoM0E9BsxXsyMJaqFnWWiRxtW8c2I49%2BR55%2FsB7CvVpuAoaNY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8b56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1091,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"dd6fb09905cb87c5deff6e227d78963a","sha1":"710140984a2cba76bd003eec57ea8f6ec262d730","sha256":"f60712a89612a7c5bb076b9771d74aadb40a767ce624125e07243bdbbc5ffb1c","sha512":"c0b46f80e9d4cfa4836efd74084f01b90dec60d8597720c72f75ad0caf3b036ccad929b824a54ba76678aeb9f79b33af5593deef483b6d30b90944e6bea9b941","ssdeep":"","tlshash":"0011bac123fd6210d595616ce1990a924577472b0d6261fba0caaa7a376e282cff411b","first_seen":"2026-05-31T22:43:17.994543Z","last_seen":"2026-05-31T22:43:17.994543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1473,"receive":737,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/3.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/3.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1167\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-48f\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLgaUPIZo2ZzzaIbmCw%2FRPcMh7ufOqv1o42JZeEUOB4X9P7QsWy4a23ZHKpXPwQCkHWzcm38SnjNN4Au%2B0H887o1J6ljCGeRYsko53evm8e8cVLGl5B1pFFV%2FSo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8c56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"66ee67a538e92a6ba2c2595d680d9c4e","sha1":"cc18ddc40ec376e144de02a60814d90b285cfb3a","sha256":"a6e98cc3f853176062af9321f5bd71cea1b06a7ac712c371fd02e52ea5c692e1","sha512":"a56e251f89bf0d5e438f20ed4d9d721eb8effa470909db14e6cbbfdf9fd8550b7c29c676cfdde021c9aeb461b2ae1769880e9abf74901e5e0fda368d76940bd6","ssdeep":"","tlshash":"4721108263fda794d19976aad0824993117743bf885031ffa0d98c3a2b0a692dff115b","first_seen":"2026-05-05T15:46:32.307668Z","last_seen":"2026-05-31T22:52:36.433938Z","times_seen":7,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/arts/12.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/arts/12.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1305\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-519\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 40\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R4sA0uV2GXKbJwnU7H0qV40CBSHFqXOUwYqCZ5kP1ldrExyd8DMGAzA0Da1nfaV%2BIfmYU1%2F2zEIFlEQE7sCpQuY5%2BV5ckRB41uwzuatRQpx00a3CuMXVDygeBio%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a0497e5d1f8d56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1305,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"03de03cd5e189be889207b7e4faa4682","sha1":"1bfe2eda1a562053fa20d5ef0ebcef89c8170e0e","sha256":"597809adfc75598d2a4f4487a03c882a97cdbdb64579d375cd54b5386186dcdf","sha512":"b493f21867ea1a0e45e25431f23edaebc87c36e3c621f647015fd37ba74fd3ff8ab57d1cce15f7538a80d6f9ffaabc0c2166714de3013f51d1eb2a679a1eea4d","ssdeep":"","tlshash":"1821b8c1b6fd3a10e4d0696cd1840c8385b2832b086971fb60dc4e7f660f682cfb150b","first_seen":"2026-05-31T22:42:38.520112Z","last_seen":"2026-05-31T22:52:36.417705Z","times_seen":5,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/images/logo.png","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:46.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 169685\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: \"6a175730-296d5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 41\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J67XgW9AwrwXnI9a8hnQytTA%2BRSP1w%2FK0EGvrFcvKhTjCe7Kt969CxLWeHf2dnP8KasecEnB89x5SqIj%2FL%2Bz7E%2FJGUrsvexn%2BeyqSIWV%2BA%2BsXDMf2Yv727XfzcI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a0497e60bfa956c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":169685,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"608b571bb1a6405a1609987a7adfae00","sha1":"c337f3a12833cdd75f6d4e0a71bec0aaf106d061","sha256":"8df707e5f153d2cf4bd085b91d7ea1cc77bdc8f745b10a4bf9811e8b4c6efd57","sha512":"16ae1b11c3480a166e3804fd2aed1b067078941f4dfd28c645556efb491d111a7dffef0cba99c97fda9cb9d0ac5a673a71a7017cf2bf8cf3e67fd55a1e2dc022","ssdeep":"3072:yl4frU9ertyn/H2D7hRSQNpiwgqo/i1wXa+2IzGKDpzEC84X:yl4frUMpynfahRditVtq+PzGKDp/8G","tlshash":"b1f3123ff25e60a0a635a83751d90b7bdae66d689934f04d6fa651e1f40fa072c48f30","first_seen":"2026-04-30T16:35:47.762483Z","last_seen":"2026-06-02T11:41:48.617905Z","times_seen":19,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uqegs.app/eg.js","fqdn":"uqegs.app","domain":"uqegs.app","tld":"app"},"ip":{"addr":"104.21.2.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://uqegs.app/","date":"2026-05-31T22:42:45.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uqegs.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 May 2026 19:46:18 GMT","end":"Tue, 25 Aug 2026 19:46:17 GMT"},"fingerprint":{"sha1":"D5:73:67:26:F0:8C:81:12:C5:6F:75:C7:D8:74:F9:8F:7A:D7:F9:D3","sha256":"DE:F3:ED:7F:3A:6F:F1:EC:3C:BE:40:9C:F3:62:1A:66:B9:DE:8B:10:53:42:7A:11:F5:A7:F5:33:C5:38:AE:FA"}}},"request":{"raw":"GET /eg.js HTTP/1.1\r\nHost: uqegs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uqegs.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 31 May 2026 22:42:45 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Wed, 27 May 2026 20:42:24 GMT\r\netag: W/\"6a175730-12ae5\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 40\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCnApUdjn%2F5UyGDpliiT%2Fl%2Bbb0WwjoUCNwpHgNI4pXqvYSaP%2FxKH1K9kx01%2FRFTt50z1ekEtsYbHKAJCGPPhIx2GqYA1nTuHZc%2BDTwBf6q8OqSod4w2yEVCmQ2Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0497e5d1f8656c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76517,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"43d42f8fa165e820b8c2fca8291820a6","sha1":"42658368997e9007e3b072ecc5ac67972d6182c0","sha256":"2ca4d7ac69a2e4aea8a6a50f0cd6e43aaa930e82605500ca02194eea5f59921e","sha512":"cfb51067bbd91a8e5ce49bbe0408f97e532ce9720b273c9d896c8a5188b1fd26e6916d2365fe20e936ee8a25008b4e152dd52cdd57fe43520241241ce7f807b2","ssdeep":"768:XmNfvcLl5Z8xdjaLAZdHoKIb2Q+Hq7spp30LsFrE7dcLml7nJSrP/cTo+s7PwcAv:v5Z3s/oKIKDqoD0LQCGcqJE1agh","tlshash":"7c73b5d6590ac0d98e6160cdd477ec09e4680923ceaef1a3f62cddc2b41ef62845767b","first_seen":"2026-05-31T22:42:38.518087Z","last_seen":"2026-05-31T22:52:36.43217Z","times_seen":5,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"uqegs.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}