tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982
34.120.158.37 56 kB URL tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982
IP 34.120.158.37:0
Hash eccf8436aa08de0d355cd2c068568453
e05e69cb2970888f00770ab772d77354df830f05
71a2d75150b4656ff17a9589a66e9e03661fa4ea1dfdf16c1d848efaae082439
GET /ads-track-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: nFz/RyOowPNqGjtHvpztDPof1JEJHmO60UDGJCb8sU2Cr4M+2YHVIzeT4kieH3wibypIXQXAV/k=
x-amz-request-id: MZNQ2HSSN1GSVSFA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56118
via: 1.1 google
date: Tue, 06 Jun 2023 21:45:06 GMT
age: 28519
last-modified: Thu, 18 May 2023 21:16:40 GMT
etag: "eccf8436aa08de0d355cd2c068568453"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755
34.120.158.37 10 kB URL tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 27ca7a562ad626165a25126b5975bc58
de8e9d89b673f3e1375e2a70f3c9d696726dfbe4
405d79f4b44125a2147ac70652ea7e7a544c1a5b34b376f683ea3e90445e7e42
GET /analytics-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: vcRPdbxGNReBH+K7OOzvG7kxdSY29+chUInyFmZFJqtn/gsG1Dd/wGKIsaaQcapnZU4Sd/HDUsk=
x-amz-request-id: 54KEDA9B0R9W6GQM
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10262
via: 1.1 google
date: Tue, 06 Jun 2023 17:06:53 GMT
age: 45212
last-modified: Fri, 12 May 2023 15:46:41 GMT
etag: "27ca7a562ad626165a25126b5975bc58"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755
34.120.158.37 2.3 kB URL tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 7938ce04b9288ce2553c06df7544718e
0f6bcdb2770858cfc9018dd76d3ac16386afd3e0
efedbe30e6f1ac7617b022b31ccd2920f0d518e9a7f8818447e117fbc7cd30ee
GET /base-cryptomining-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ZlyPNmPCKdZqfaWR4XwyRjctuq6O0KBK9MSBVZcsuBvWbm4q4X7bpUfdujYqRbYyxPPXuA+PF6U=
x-amz-request-id: 2BTQ4M1KG6G95BS3
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2293
via: 1.1 google
date: Tue, 06 Jun 2023 16:40:24 GMT
age: 46801
last-modified: Fri, 12 May 2023 15:46:54 GMT
etag: "7938ce04b9288ce2553c06df7544718e"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
acqqqwu.icu/template/1608/images/logo4.jpg
188.114.97.1200 OK 2.6 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo4.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 7f0ee9fda91c7a0bbdf75274cdc1f7dd
8581efaf7a8f00dfd3bcf7ad23e1a65f79aae338
9092c75c5ac82dbb79b37904d9d1878a0dbabe8af0a6dc19c5abffc778479763
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo4.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-a56"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWPGhzMNoi8oUEDRSskxG0S6MVdljtwYa5v6ACsk2Pb5EqkdhafmXN9GDLSPVQum3EQcfleDQGRY9CMdc6ggIMJzY19vi3sgWa24tWZBCIfKz0nNo7nrSA5cMWDY4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b811c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo6.jpg
188.114.97.1200 OK 2.6 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo6.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 37ff46084a0592d833da37880fcbf308
06f413cf66fe8f8711d7ba4d052a8668b2abeb86
b938650c694d07a312eb98bc4a7ddad51c5537b56405b0b2d0fac1b0921a589d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo6.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-9f9"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8Y3vvjxL9zc8or%2BTRksrdVbFmCfUer6wOHczWguzr3HWHuDHq9RysvghyKDjLD2yLf9Rj3qCmWOqhUi%2FxP1NfT9zkvED%2Bif4yyBLnsTIuvovR%2BLOArAMpF0NzPm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b7f1c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo7.jpg
188.114.97.1200 OK 3.4 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo7.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 7dbdc9e7f85f4fb1868879e983e634b5
f1a8a0494e726222bb1096826fbf8e842e3fee91
9bae2a9a1e5c9c10b58ed3004fc1d8a10bba1f61c0aabcf91a55fb8c191e4860
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo7.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3351
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-d17"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl4lu8nQDN%2BxhscNpK9QDiC%2FdIuiZh3bOkrLFSqyKSfEZIeD7jEim5I1WTMmoEgqXSMl4hYuxQ5QwfDbXF0ghAYLNTzgJFdhySYfo%2FkF3oQU3IylY3pxpPjj0qoMTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b861c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo2.jpg
188.114.97.1200 OK 2.8 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo2.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 602fcd92352ccbffa850438afbc7a471
4fad9d78989e5c3ec967bcdbe78d6188dbbe0d7a
595c7da23adf5f2c61bab16ec04a7a5ebb5d8d6c11586c3403a933a6ebfa3372
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2766
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ace"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tjl68R0DPuK36CBYWgqn0Afr4%2BpTBYocsmdXbh1z9vCRjj3Ynk5sU4kV07T%2FsbBM1GaEK6C66j2un0NZzQlKkHg6HmE7AdNTFs%2B9gARksaBMkvHZizFPHY%2BxxRd6qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b831c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo3.jpg
188.114.97.1200 OK 3.0 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo3.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash d80d0371378f17989cfeff99eba97654
7c5f72950f9c1944b0e2022f0397a05dc961df1a
2af5cd0a3faf8beedb32c099311b2285a0110fc29a42e779bf73b95298e21bbf
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2954
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-b8a"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRB26DdLRE2hIhlswjuzV0Bh%2BlgAszyUZ5N6%2FdRfTRJXu6qXZ6bmy6fN%2B4bGMw%2BgNFKyNSAnOvA3h61TCnF91JRY9cO7BmwjsWxRMgrX6V4VFSk51ze3o0QcIv%2BiIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b851c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo5.jpg
188.114.97.1200 OK 1.8 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo5.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 60c4b0981a9ebd2c11ad36e109f8639b
44bce4d652dcf4f6be50619a4912c4fb8d823fb7
587f6dbdbc2746b21586a9965ad78c65b19767909def3f3773fea5e6d7007919
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo5.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 1791
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-6ff"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYPLMkW5s%2B2UUtzgA2NKoECeq0bK7q6ZKSwLCf8ReG4PZRZU3zsSHQYOwY0ygC0LcXcpuMRYzZaamZLmR8%2Fj8kWna2zRKFYlPTApEIX2PuXIKsz9pvJv7%2BsKUEmrlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b841c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo1.jpg
188.114.97.1200 OK 3.3 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo1.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 368dbf42f46973cb7be51e88b5c05a08
18d3c5c80c397839a43181116fdd813e49e004b3
776a44003218ec2195e83690b2cc7e845689d26ced1adce5ededde225c2ac9b9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3309
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ced"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRNSzpekv1RYkOolTkMiCCr%2FfN2VlURvTDfoYq2USyqt5kQiTD5Qp5t6gneNSGdk0vs7yQCxFWAAj7y%2BVWOEjQ1ftvxIX3Dic99GdBKazX3M%2FSGWqsQRORdfyWsJIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b5b751c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/logo8.jpg
188.114.97.1200 OK 2.2 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/logo8.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Hash 3487c35238977108c2fc641f97c7d115
e815b0bf9cb1755f7d670fd93374fa284337cf4a
803e3c9d1ca2d2681d0942102853b66e29f147ca0431461f0f56e3785a74bc8c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/logo8.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2191
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-88f"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1I6hmBgVAc1Ek3vD1so3BYXvzoEp8f2zKdv2p6gb%2B7WH34TFKJguPJHlaSW%2B27uXReWDRwJGlMEJd3ar4gF9EnJjA8ABSLrTUu0IsQ8umIPh7jvso8%2FOPUhZN54tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b891c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/g1.jpg
188.114.97.1200 OK 3.9 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/g1.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 01ed02c356d60c4ea3f80dd8ac8cdfa4
0a716114cb0fd91d9162babf11a5bdb6d2561195
2ca7e23d40f5060c7b399ffbd7fbe645afddedba08f0497fd9d26073cdd5042c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/g1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3903
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-f3f"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MjQBnayOu1hS3gqbLtUFp%2BUop%2BblSdLmDJncasIVUMfMRPuu7KYam7N6Y2a%2BhpWiomkPccqbXu6nRnY07RJqmBRGFj1LksM%2FKNDOUV%2FN%2Bu6g7GIAwZRbo7DQHih1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba61c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/g2.jpg
188.114.97.1200 OK 3.1 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/g2.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash a313bad1f991370bbed7f797453903a9
51f6dd482337875bf06c0c2ba0b04028447ad72f
23ad670694cfb11f74b75df3337c3434e09ef098d36fd3a2563d8f47f46fc608
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/g2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3148
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-c4c"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BnyTMrVODfeME7b7U%2BhVCZVXYoHvqF6MTRJN2U5do8IVI%2Bimr9JxwCw6NPqKSrwY1FdjTmqJ8byp4xr1bs7yNrg2viutcjLNCI82pf89KjBO99aaKjoCgaqj%2Fsr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba71c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/g3.jpg
188.114.97.1200 OK 3.8 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/g3.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 703c661884d9394f4aae57939859d728
303b25a55b2898ae25b320d942925cd465602682
41440b378cb02898ae9dcc16968e21d383e8d71e6eb3c23bd2eb27c7416c2c9e
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/g3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3799
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ed7"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dN7p4Xlt30qOo9ovTnwtidTOCJTSRkvFeWis8HZifIxzUlGZ81747D0rgdpb01HY61VauTHqFb%2BkYan%2FskejZA5zdbAhEex7oi2Dgn4VEARB3ktAN%2F7OFBdSZ17fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba51c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/g4.jpg
188.114.97.1200 OK 3.8 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/g4.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 32afa1e9610f0c40485e2efd49a9409a
b733eb561e03d718b9941265ae0158367010a84d
213bfebea86eb47e243cc174fea46b3afb99bdbe821bfa55774bc31db6723d58
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/g4.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3803
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-edb"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4gc7iPPcjFX%2Bf95TQwoBpfoQc4ea5aBBa7gNYe9z5Es%2F%2F94djWvsq5CeRiQcCowMfraNKpauoMSXHMSgA0uLrYZS5es56EMIeKNZXTeWeH3A11Ny6ehEp2xqdTTIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9bab1c0e-OSL
alt-svc: h3=":443"; ma=86400
tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755
34.120.158.37 7.0 kB URL tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 02560eef6a3e694713d21ba526dbf2d2
c300dbaeeb367bd302eaf2941a97cdd54c84bde9
6796e1d3ffc1d5316c498c022fd22be9e15842a3b3166f664d14042b614e491c
GET /base-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: cg+qo1FOMnu3X9diegUov2r5VJD2SL4/s7pK1U9CepqQSpvTSP7Qq3n90ysYGGYj2jBwMCPEE7o=
x-amz-request-id: NS4JCHJG4V6KR0ZH
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 6965
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:08 GMT
age: 46997
last-modified: Fri, 12 May 2023 15:46:56 GMT
etag: "02560eef6a3e694713d21ba526dbf2d2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
acqqqwu.icu/template/1608/images/property1.jpg
188.114.97.1200 OK 19 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property1.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash 959328fc2919ce3662ef307c193df213
6454e5bb521e5a1334b36ebc497633b48e235f0b
cd58980192eaab36e8940ddcd7880947b85e90faf7e23fbb0bf030155ade5b64
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 18794
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-496a"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zloxPfcjNwNuMVqCrfaxRWS2BRwDQ81p8dYqqWwqDhSPIDlRQJK7i4VtizDgKgFGjNOv3SUKv6%2BS9zum2k2QxaBUJUk7quV%2B6edAUMJe5AIyIkZRvU%2FZCwn9pQTYYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8b1c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/property7.jpg
188.114.97.1200 OK 31 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property7.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash 8940f047eef3389b853d562f120f25cc
9a73b24476274bcec8a46f0f8fb984d7c2b536b7
64e4e05ee26bb19c4e31e85096308c2a432941442cdbc83392f7439a1584d939
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property7.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 31089
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-7971"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdsgQS6kcA3npiI2bakdziw55Lec208py%2FZpXLLC%2Bh96sclM7v7m7Aosdp2yqwNypUzOY9YF2hD1X0KuR4iLz1z3G86%2Fb8%2F9NQ%2BWOqHbUG%2FPOAaQDm32W5%2B%2FfrEeEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b4b6e1c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/property3.jpg
188.114.97.1200 OK 23 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property3.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash 35c9b1c658559a13b9190ed1e3034813
23778e7d4a31d1b1c8d7902cdb0258cba6684f1f
b6c17a83bbc0d4cf2c2df94d98e5de35d5e3e66ba19fac42857d9741d97f0822
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 23085
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-5a2d"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LjCBf1o7hIFLrBPcjnqODG%2BnKZ%2BJMHHAKSi1sSGn%2F9%2Fx9vyGytTTYJG5GWhB2O1g5FG3PzswXA6joPvlg5CHPwKuJsTgd%2BivUlMfi%2B4HxGtzjT51pbCDWwLEZP9uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8f1c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/property2.jpg
188.114.97.1200 OK 23 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property2.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash 1c9a1e06fd3a5d943134e825fcdfa9b4
5c4716aa60b6827c925f7df91511e8ac491fd3f9
b021d5ceb6f614354374ac4504ea141b8a12446c5492581372e2cb2211c117cc
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 23080
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-5a28"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnM34F8OIi%2BJajPVqn%2BGC5XPLVTUsa6DW%2B4cRL8XU05fRliyGLm94CdN4kvqCjWXJX2wmOOG%2BeGsOzjE3EyZ6cmlbTD5DXbt113nx0HpLEjs7QAK2qFHGLqeCW5Kag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8d1c0e-OSL
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/images/property5.jpg
188.114.97.1200 OK 26 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property5.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash bedbdf7e95e847ceb5dbbfb9a99e9d1d
27c6551aed737b575dad5eea2e54338bfa2f545f
25d2514652bdaec4b5471514335ec05b7b83273e085677b0e747a28cd19811a2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property5.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 25786
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-64ba"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fToQcFlgENiP3fxj1vrqSBaBtLfoXyxWDHCcSnXc7tOWKN0rU6ea4%2FepNLdatF30Z9JB3k9ZsFFcXbgw3Nh4VqUr6e9xBL7XirrbV5m71z3CWLTQl%2FkZ77pYUTHKjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b911c0e-OSL
alt-svc: h3=":443"; ma=86400
tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755
34.120.158.37 3.6 kB URL tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 84a28e1e64a4aca618879e590fb29c47
ddea829bfd334fe48e25374f36119c6ce19bdfeb
e87ee13b3afbcefcfd7f87bdd26b12aa18b79437ebd4a3cf689f78aefa0a7d1e
GET /base-fingerprinting-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 3K5SNc6ZY7VmVy0NxcDzdSLj+9PRQ9GXbHqkN3+FmC+H9OkJEng7z0/UY6xXjcwGIDMcEfTVjlI=
x-amz-request-id: NS4N26EQWSDNN2TA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 3637
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:08 GMT
age: 46997
last-modified: Fri, 12 May 2023 15:46:52 GMT
etag: "84a28e1e64a4aca618879e590fb29c47"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
acqqqwu.icu/template/1608/images/property6.jpg
188.114.97.1200 OK 36 kB URL GET HTTP/3 acqqqwu.icu/template/1608/images/property6.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash b62dd4fee59bdee6a8270b8e45c269c5
61f0fae8273972cbcc96360519f301769bf29aef
1edfe5e17ccf477fc0f96eb1d153173fc4e387cb677008d974f1df3b6b725eed
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/property6.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: image/jpeg
content-length: 35499
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-8aab"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HQTwo2IjUDy5S5%2BdXx9IqZgxVoWbdINV94T30jbYhQtLY1f%2BXzAfmFB9cwdhDT2pFRhgB8ZzZOb6nMlLVfkp%2FCnkS1bFfpEqxmLhK1Rh7QbKZs2YnVPTIWzyom0cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba81c0e-OSL
alt-svc: h3=":443"; ma=86400
tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755
34.120.158.37 8.9 kB URL tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash b9c2809ffc057abb94df0750c8cb57dd
e8ab5e486a0b53147eb8d66ca4585a06c5bbd210
b9816319448d2ccb8ef6a6e2aaefe13a9fa96335bdc1fd57c281dfe7ff95ede9
GET /content-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: h5mQSWxr2QiFWhvUSesnoKdDn3SndkmAMMHV0wwtAaX71ljE2d0r1ZY1wSaUHABhLKImKt9vkg9gV5RI+ogbJw==
x-amz-request-id: DGZES8SVM9KATDH0
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 8853
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:34 GMT
age: 46972
last-modified: Fri, 12 May 2023 15:46:57 GMT
etag: "b9c2809ffc057abb94df0750c8cb57dd"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755
34.120.158.37 15 kB URL tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash d78d9f71f82fcce3a0d9079ec988ed05
13f8a07b0437728b11cefeda36b6211262d3af16
7449b095579811871ecad49889db2ae188486b18ab96f903a20941e34cfef7ee
GET /content-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: m7/a6YQHAbKWg8h2XsJi6DuRHr9YJZp20UtOtxMuHJJZy0v2OSlEyHDTRNA6QDaoglAEBKj3SKo=
x-amz-request-id: FB9N79ENR8FJ9V6V
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15382
via: 1.1 google
date: Tue, 06 Jun 2023 17:23:35 GMT
age: 44211
last-modified: Fri, 12 May 2023 15:46:39 GMT
etag: "d78d9f71f82fcce3a0d9079ec988ed05"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755
34.120.158.37 1.5 MB URL tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755
IP 34.120.158.37:0
Size 1.5 MB (1470328 bytes)
Hash 2146c997750a1c7e55eb69a5a1a5e5b4
69ba29aca5c6a4bea1365e895b3c5b31df31220a
507d674f59748ff86ff629a2eb98b3cd343aec0a21e58089793341dc96361188
GET /google-trackwhite-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 9q9kpRX4VQ34shdp7s4kOr5cE1n8XmWLItz/9e3Li+BGacfFhiSlOVOQ1jZn9CY3apz+OTUwVS0=
x-amz-request-id: H2A6J4JMGPP1JX91
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 06 Jun 2023 17:07:29 GMT
age: 45177
last-modified: Fri, 12 May 2023 15:46:50 GMT
etag: "2146c997750a1c7e55eb69a5a1a5e5b4"
content-type: application/octet-stream
content-length: 1470328
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982
34.120.158.37 345 kB URL tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982
IP 34.120.158.37:0
Size 345 kB (344663 bytes)
Hash aacf54fd5b2994c73b3e4e5e13f4b5a2
10494f54553c768432a556492e655aa774456927
bee12d3c1d013147f78ee8ce7d9fa5e83679cc650763c6f4f49a10ff2d4537e5
GET /mozstd-trackwhite-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: fucKd3U9b4SL4MVVSyZA4+EW1WEl8HkZdfdUrtS9azS5jOrJKcxH5aSQM/FCffLxT/8BOEpw7Ss=
x-amz-request-id: PTVFEVG2D19VS156
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 344663
via: 1.1 google
date: Tue, 06 Jun 2023 21:46:01 GMT
age: 28465
last-modified: Thu, 18 May 2023 21:16:46 GMT
etag: "aacf54fd5b2994c73b3e4e5e13f4b5a2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755
34.120.158.37 2.2 kB URL tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash f901679cf935d4b6067610a7287d0b99
fffa5389bec50a175f18deaf8933401edc4bd262
d553a4537f796d580ea8f696062c19540f1d332e2b478942f6ddea3952c6df4c
GET /social-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: Xw8YNr7d5+ODDkIgPhE1WwzIyefxXaJrufgPQ33f+nDkQK5XK3nkSNj/N/2SbwyMrvcyWhQG21AzYwXu4ZUhQA==
x-amz-request-id: 4ZQHMM9CCPA2B3CR
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2197
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:47 GMT
age: 46959
last-modified: Fri, 12 May 2023 15:46:42 GMT
etag: "f901679cf935d4b6067610a7287d0b99"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755
34.120.158.37 468 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 092bf11bed810e853f65d296f1e8b9e3
fed3b3a85aaf2bf1790fb115201b0dfdefe3982c
8c89c977f2c3f91b1050c645843453edc3d5bfcbe5e4af4b945b385f1b60046f
GET /social-tracking-protection-facebook-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: aJvK4figqVwvIr8Ywdu9GLu2bZMlREulpqleVGIwrbK/8qFcIE3HQUX/C8Gren7nlqEm88ZoLmAisc83+IwuUF780YhDdblcHcuutBxR56I=
x-amz-request-id: PGYV3XG4NB506XNS
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 468
via: 1.1 google
date: Tue, 06 Jun 2023 16:16:01 GMT
age: 48265
last-modified: Fri, 12 May 2023 15:46:44 GMT
etag: "092bf11bed810e853f65d296f1e8b9e3"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755
34.120.158.37 148 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 90a72e82e4192224c509d557fd1d0d0c
19fe3346057c74364b7a2a2c1de0011a19c153d8
1024a91771abf18dd0a4de9dcc166ba7f9d224c803b6a5854f3f2db8d9a3c4a2
GET /social-tracking-protection-linkedin-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: grM+wrOCGCHpVJJlEzLhg5IVNNonKdKQpcHIwAh+o9jgkdsEmgUIgvnyZxN9H+CWm2moEuI1Mas=
x-amz-request-id: X75NDE0C3H7RGZJS
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 148
via: 1.1 google
date: Tue, 06 Jun 2023 16:23:17 GMT
age: 47829
last-modified: Fri, 12 May 2023 15:46:46 GMT
etag: "90a72e82e4192224c509d557fd1d0d0c"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755
34.120.158.37 244 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755
IP 34.120.158.37:0
Hash 44186218fd668b3ffe6d95bc9c2acf06
e5b11bad035d82c42f2783024bb40fb2fa00d7e6
6d7715ed174a8438063ca39237b2e0c7e204dd68d0396866bc898a7e7aa70372
GET /social-tracking-protection-twitter-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: J7AUHmLMslTeCAHU3+UQlysHpXP3iS7/rFM++juudQckJbiA0Kv9N3nn3dllXjxGR9HvY14jkVQ=
x-amz-request-id: S9KM1P5JEVH00R0M
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 244
via: 1.1 google
date: Tue, 06 Jun 2023 16:11:29 GMT
age: 48537
last-modified: Fri, 12 May 2023 15:46:45 GMT
etag: "44186218fd668b3ffe6d95bc9c2acf06"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
www.lelifi.com/app/app.js?t=shang&c=google&mb=1
104.21.46.15200 OK 1.4 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=shang&c=google&mb=1
IP 104.21.46.15:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (318)
Hash a467aee6889894c846b6a23d1005a088
0e874eaa237e74a4b45b85b2e2ea5bf247b0e892
e11e8c1c35b29ca5aca040bca97a42862617afe7aece2fa7d032b87b94e51ccc
GET /app/app.js?t=shang&c=google&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Wed, 07 Jun 2023 17:40:26 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j5hTYdgM%2BYoTIHLP3Pc9ossdiZUXn4MbsmmmTWT4wqUc1VXA5lhdDtMTdIR%2BEbzUHd3Je6CwxdpK6oqg6eigJvDAmy8KXZ6XU3z9BwQJfk49u3NrrXQYKu7yOARHpaaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6f38690b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-CR04182NMS
142.250.74.168200 OK 86 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-CR04182NMS
IP 142.250.74.168:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (4537)
Hash a84ad9185f987c9fb6a901408fc31c4c
0d014336bc85f3da61c19ae73d3c3355f515d29d
3de6da32341a8901ed86c4f08e43a4c30593f23ab10991602824a3afa4a8b75a
GET /gtag/js?id=G-CR04182NMS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 05:40:26 GMT
expires: Wed, 07 Jun 2023 05:40:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fca7925d7c1a1c76360af29ed6eaba8a
942a1bce3f9f64d89586b5138952004ea9da86d9
dad98384ece0c3c5c70c34027bb5e8e558e65922713ef20af6c6560c2c762c4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 05:40:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 4a92f157a158de50ed16628daf50520f
8b28d2b834fe9436d08bdb70bbc6c4b3cacb0460
759a2c34fe91b694b7ee3ffb0ab86666c7d873930d0b9ccd93f233ef47219b97
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:23:57 GMT
ETag: "8b28d2b834fe9436d08bdb70bbc6c4b3cacb0460"
Last-Modified: Wed, 07 Jun 2023 04:23:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f75e9111bfa-OSL
js.users.51.la/21586809.js
42.236.73.41200 OK 2.3 kB URL GET HTTP/1.1 js.users.51.la/21586809.js
IP 42.236.73.41:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type ASCII text, with very long lines (4898), with no line terminators
Hash 5dbf5bec0a341d966e9c9f54b6054492
baa45db89ee97c0758e2bda7f6651ea976fd55ba
8af086f2426c3b3df3b285aad99f532bc76cca6a4d1e24a03994994b73d966df
GET /21586809.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Jun 2023 05:40:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-store
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash c095fa63f3c870c3cff3e5432a29e7cd
4c19051b06142a7c82fba952cd9d549f9fa38da7
8daa20cce3e64418c2b2adca58460bc5feda6a2a1b1caef28040ef9c1bfdeaf7
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:25:52 GMT
ETag: "4c19051b06142a7c82fba952cd9d549f9fa38da7"
Last-Modified: Wed, 07 Jun 2023 04:25:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2437
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f7b8d241bfa-OSL
sdk.51.la/js-sdk-pro.min.js
42.236.73.206200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.206:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Jun 2023 05:40:10 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:19:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4bd-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ia.51.la/go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu=
42.236.73.38200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu=
IP 42.236.73.38:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Content-Length: 0
Date: Wed, 07 Jun 2023 05:39:14 GMT
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 5f8beb5ffd531a70fecb932daedf1c30
008832c2fcde02cb72ac08ff262a4444bda0523b
8e5f339d8bfa4151ec684727f9ab5c7e37a72eede8ac206d2ea1f62120e93a11
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Jun 2023 01:59:12 GMT
ETag: "008832c2fcde02cb72ac08ff262a4444bda0523b"
Last-Modified: Wed, 07 Jun 2023 01:59:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 216
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f7f3fa91bfa-OSL
acqqqwu.icu/template/1608/images/ask1.jpg
188.114.97.1404 Not Found 435 B URL GET HTTP/3 acqqqwu.icu/template/1608/images/ask1.jpg
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7d4abb90e0acffebd415bc3572b97053
5185f2697596d3f7409c9e0c3a11e4d120b353ba
6612c76dbfca4350d273cb9c935564f23efeb6a1af663f89fd0ea4cc7ca08fc1
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/images/ask1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/template/1608/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBlcBzkDVZLQRSVhsICp%2B91vLJZr9FfF6gm5Gs4susATG849Aicoj4D998XETHvqzrzPbUuQhAq8KwOyrz45uvvXweFnDoZvM5XLuJc8M416zMglZoqXN003htWbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f72587a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
collect-v6.51.la/v6/collect?dt=4
120.79.9.244200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 120.79.9.244:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 385
Origin: https://acqqqwu.icu
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 07 Jun 2023 05:40:36 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://acqqqwu.icu
Access-Control-Allow-Credentials: true
acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
188.114.97.1200 OK 1.2 kB URL GET HTTP/3 acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfBDSZL86SQ5%2FTo%2B3aipGULtItIs%2FujWlWga22KtkHlPjkrWxF%2Beqju5ZLmtZmUyGuMdxosfLWnA64xfDEkHdsp%2Bnq4m4gbPGyn5V48HDrIMmE9monvQ2wC0t5J8uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba91c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 09 Jun 2023 05:40:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
188.114.97.1200 OK 322 kB URL User Request GET HTTP/2 IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26978), with CRLF, LF line terminators
Size 322 kB (321663 bytes)
Hash ecc015c111fed7b2b2cb756845518204
8da9cb59c775e0f59ad90cb80ba43b72e46e24c7
f685addff99221663310f8893bc646878ad9d7b0fcf6929371486889727a00f8
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU8uJt5V40%2FpmpVWwOcS4MieZV8x5n2I2fhNQsv9j%2BZMm%2FJC4rE70TPbld5Moe5Y8wQW1R2PUtUtI00x6j1JaGD9RceVA6bMb9DLtuJ8h2MWEYotkM4t79y1lg8FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f641a66b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/
104.193.88.123200 OK 0 B URL GET HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/
IP 104.193.88.123:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 07 Jun 2023 05:40:29 GMT
www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
104.21.46.15200 OK 3.9 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
IP 104.21.46.15:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (4034), with no line terminators
Hash f7f29ea32b66d7f4d0b0458ef0798b27
707426504aaa8bfed4adaaf8b4ca2bdb9ac6235a
fd6084536b437cfc5394abfb19c260c3545de05673eaf87b7f8934588cbccb77
GET /app/app.js?t=xia&c=googleee&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Wed, 07 Jun 2023 17:40:26 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RbqC2j%2BFsqmBcM9N14tbL4xNvyx6dTQilOygsQmNq3KEpMFJ66XsCi44PPByBkscEe4OdiDs%2BEIh6ZRyhl1OLqZAZdZoiIkPexeDZ4bgQpDPZRKpDowp9j%2FywDx%2BDUQ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6f486b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
acqqqwu.icu/favicon.ico
188.114.97.1200 OK 1.2 kB IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 591676289e8a2b06c3fc31137810d2c0
f53c4f56f983f6b96198806a60624ba16741a156
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Cookie: _ga_CR04182NMS=GS1.1.1686116426.1.0.1686116426.0.0.0; _ga=GA1.1.2094757886.1686116427; __tins__21586809=%7B%22sid%22%3A%201686116427067%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201686118227067%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:28 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2019 11:19:32 GMT
etag: W/"5da84e44-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qn1sKXYjmeRge%2BWKEB1f5lAwEaouOh%2Bo8K%2FCr5uyw0UCoa25xc8rBsUb9uPPRa8bMDtwhFvkaXnq69AxYMtdU8az7XLekANO1g5%2F9V5gbgp5FozcP02ds83oXcLgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f7a6e8a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/css/bootstrap.min.css
188.114.97.1200 OK 121 kB URL GET HTTP/3 acqqqwu.icu/template/1608/css/bootstrap.min.css
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Size 121 kB (121200 bytes)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/css/bootstrap.min.css HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:13:08 GMT
vary: Accept-Encoding
etag: W/"5da57184-1d970"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcdnHa9uAkfSWvS4QTROijaPBVT4huWGqEWIK1I5ozzZxFigpO6A0%2FU8%2FcpBqZWWUdFDrizaepKmblgGkjKvvfVfdeQ940mDy17B4skAiF1BTOeUWjso6YduYbiHhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6b3b641c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/Asquery.js
188.114.97.1200 OK 540 B IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (556), with no line terminators
Hash 9988d60d2af7295734e3bd6d7acd296e
3e98c7ac2dde441b5fe9ab4666c2f206a15aebf1
553ac2cc49df373a2e138fb5d962a306250472c5785d33ec91de2957d188c976
Analyzer Verdict Alert quad9 Sinkholed
GET /Asquery.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Thu, 27 Apr 2023 11:37:49 GMT
etag: W/"644a5e8d-21c"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjrgnTuu45Na1%2BMvhrYo1u8m5cX9rYjCxH9f7LgV9PDl6Is%2Bwz%2FnLFvoHsu0GwoFmK2GxrAXTcwsDp%2F%2Fj5rKTz%2FI146Dh7ePvRFujdg5VwHh4jnOtqmYtBfPCJhMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b4b6f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/Bsaidu.js
188.114.97.1200 OK 914 B IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (988), with no line terminators
Hash 9926a593be6a20a944a4bffdfd18ccd2
0833276d44560fc4f9a68d7a30192d382c4967d6
011ba087f9b3e0eb3d4fc32bf49e8cb406d03afeee79cff4ccf767a592fe6987
Analyzer Verdict Alert quad9 Sinkholed
GET /Bsaidu.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Fri, 31 Mar 2023 01:18:46 GMT
etag: W/"642634f6-392"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JTvFQ2cIToyQzEdFsjBdiGfakuRYRfpKrqLfUNIvXRTtfe2%2FXbkm05ZCJ3bzFHKKQhF9nF5zh7mAyc%2BKomy0h%2BmG6CJB1UExhvkV6cjP9%2BqKt9VjA3MEtnQAoMF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9bae1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
acqqqwu.icu/template/1608/css/style.css
188.114.97.1200 OK 24 kB URL GET HTTP/3 acqqqwu.icu/template/1608/css/style.css
IP 188.114.97.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash b03dfb3649fdec958690a5d413654369
59221a8f19c6dd2a9ccfb39a306266ca627fcb5b
8eadf08f17336140781e919d0a6d55694500f985e1a845aed79a43b0990d6251
Analyzer Verdict Alert quad9 Sinkholed
GET /template/1608/css/style.css HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:13:08 GMT
vary: Accept-Encoding
etag: W/"5da57184-5d45"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zhBjpkrS8pGE7rgEDp3TKvN%2F7M5JWtiTGI0wXBonwhbm8llLrTEb6uQbayBbYQzOwRfdJonXOFb43ruRzIZrQun53tghM8Okd3xAC1QJJeTNOoe9aL9cjd8B51yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6b4b6a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400