Report - acqqqwu.icu/

Report Overview

Submitted URL
acqqqwu.icu/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-07 05:40:42
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-07	1.1 kB	5.7 kB	104.18.20.226
js.users.51.la	53024	2005-01-17	2012-05-30	2023-06-07	398 B	2.7 kB	42.236.73.41
sdk.51.la	88367	2005-01-17	2021-03-08	2023-06-07	399 B	13 kB	42.236.73.206
collect-v6.51.la	91421	2005-01-17	2021-03-08	2023-06-07	451 B	277 B	120.79.9.244
sp0.baidu.com	18423	1999-10-11	2014-12-06	2023-06-07	464 B	116 B	104.193.88.123
www.lelifi.com	unknown	2015-11-26	2020-05-02	2023-06-05	840 B	6.8 kB	104.21.46.15
acqqqwu.icu	unknown	2022-08-12	2021-07-14	2023-04-29	12 kB	683 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-07	420 B	87 kB	142.250.74.168
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-07	333 B	699 B	142.250.74.131
ia.51.la	59607	2005-01-17	2017-10-31	2023-06-07	1.1 kB	71 B	42.236.73.38
tracking-protection.cdn.mozilla.net	9282	1998-01-31	2015-09-17	2023-06-07	5.3 kB	1.9 MB	34.120.158.37

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-07 05:40:23	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain
2023-06-07 05:40:23	medium	Client IP	188.114.97.1	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu
2023-06-07	medium	acqqqwu.icu

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-27
Pretty URL acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 00:06:46 Times Seen55084 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	acqqqwu.icu/	856 B	2023-03-07	2024-04-18
Pretty URL acqqqwu.icu/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:50:09 Last Seen2024-04-18 12:49:31 Times Seen207 Hash 813d5eee2d857d7bea86c632ba03a904 ceb7a51474c47805318da22a1c955e84f833c344 4c642a5a127c0cef85f75c4bdcaae5649b7536990656809c74a32040418d9426 Loading...

	acqqqwu.icu/Bsaidu.js	914 B	2023-06-07	2023-06-07
Pretty URL acqqqwu.icu/Bsaidu.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:40:46 Last Seen2023-06-07 07:40:46 Times Seen1 Hash 55734e0766e0c38dd4c9a4abd981002e 3ea76d9d5bdace51e0a635fef7269d416b3ccc37 f5455c1fae220d413cd25cd7eb76e1c74900f171fd73cff18959375dbc7197f9 Loading...

	www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1	3.9 kB	2023-06-06	2023-06-09
Pretty URL www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1 IP 104.21.46.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-06 13:32:43 Last Seen2023-06-09 12:57:14 Times Seen11 Hash a467aee6889894c846b6a23d1005a088 0e874eaa237e74a4b45b85b2e2ea5bf247b0e892 e11e8c1c35b29ca5aca040bca97a42862617afe7aece2fa7d032b87b94e51ccc Loading...

	www.googletagmanager.com/gtag/js?id=G-CR04182NMS	254 kB	2023-06-07	2023-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-CR04182NMS IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:40:46 Last Seen2023-06-07 07:40:46 Times Seen2 Hash a84ad9185f987c9fb6a901408fc31c4c 0d014336bc85f3da61c19ae73d3c3355f515d29d 3de6da32341a8901ed86c4f08e43a4c30593f23ab10991602824a3afa4a8b75a Loading...

	js.users.51.la/21586809.js	4.9 kB	2023-06-07	2024-04-18
Pretty URL js.users.51.la/21586809.js IP 42.236.73.41 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:40:46 Last Seen2024-04-18 12:27:22 Times Seen17 Hash 5dbf5bec0a341d966e9c9f54b6054492 baa45db89ee97c0758e2bda7f6651ea976fd55ba 8af086f2426c3b3df3b285aad99f532bc76cca6a4d1e24a03994994b73d966df Loading...

	unknown	1.2 kB	2023-06-07	2023-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:40:46 Last Seen2023-06-07 07:40:46 Times Seen1 Hash 07c00fc821c98cca7a9afcfcaeb157a2 b7cc02a31f69e9afeb34f93630f33ee6ff56d100 ce185691985b634276bc024e8526afcdbffecd3c811bf7cf047544e25582fb29 Loading...

	sdk.51.la/js-sdk-pro.min.js	34 kB	2023-04-05	2024-04-26
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 42.236.73.206 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:31:50 Last Seen2024-04-26 14:54:49 Times Seen14349 Hash 8fc0b01d35300e8398d6e957987c01e7 f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4 Loading...

	acqqqwu.icu/Asquery.js	540 B	2023-04-19	2024-04-26
Pretty URL acqqqwu.icu/Asquery.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 08:29:48 Last Seen2024-04-26 10:49:22 Times Seen366 Hash f6b7afcc4a01363d039ba7138ac342f2 13d5b83bef56227c24f19d38a57a6849bec94945 e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81 Loading...

		Size	First Seen	Last Seen
	#1 Eval - dc3a1051aa2ba934cd62b5d757a7c6e5	196 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 13:50:09 Last Seen2024-04-26 10:49:22 Times Seen328 Hash dc3a1051aa2ba934cd62b5d757a7c6e5 a464c2307e5e740dad89fdc9fa3400adc498efad bd5aeb37068d06e56b6d1cf0fe66f8e8d22456fdc32fe65c767c200c456e4322 Loading...

		Size	First Seen	Last Seen
	#1 Write - a3019cd92bd80a5f16a3dfba4cafe210	79 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 13:50:09 Last Seen2024-04-26 10:49:22 Times Seen297 Hash a3019cd92bd80a5f16a3dfba4cafe210 b5134581876849ce1285db5bd03abc7b9df22366 dfdc1ca42f286d643fedd269f3d04bbcbf9338937003f4071c6c9a3652f28f22 Loading...

	#2 Write - d07190ffab670015bde7b87e9ebb5013	86 B	2023-06-07	2023-06-07
Pretty Observations First Seen2023-06-07 07:40:46 Last Seen2023-06-07 07:40:46 Times Seen1 Hash d07190ffab670015bde7b87e9ebb5013 c000b4877e39ab046129d8f84511dbae9ee31e6a 3e866507f49f0019064ee6437ba6c275b1255e058b5b115b3828d23b693f1c20 Loading...

	#3 Write - 75fb3f92e68356f9c9acf4cc54a431ec	75 B	2023-06-07	2024-04-18
Pretty Observations First Seen2023-06-07 07:40:46 Last Seen2024-04-18 12:27:22 Times Seen11 Hash 75fb3f92e68356f9c9acf4cc54a431ec 05b4acf436841f05d856c692c6aa7d8ab1bfd4ad 50248655dd88287e71b897d879e4e49c1a71cfb3aae1f20b548d854f754dde31 Loading...

	#4 Write - 412372476328e33bdb47c9c4f855cd6f	508 B	2023-06-02	2023-09-05
Pretty Observations First Seen2023-06-02 22:37:24 Last Seen2023-09-05 09:26:57 Times Seen15 Hash 412372476328e33bdb47c9c4f855cd6f 26d14825c6a144a94084d9a39a6082defcfbfca4 9d08a629953e9ad6f0aaf3cb1ff7283c5fe9c94b5d040057d97b9de1e82c16fa Loading...

	#5 Write - 51772793ebecc704e9e0e86e6e2ce9be	79 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 13:50:09 Last Seen2024-04-26 10:49:22 Times Seen297 Hash 51772793ebecc704e9e0e86e6e2ce9be 3da0e353c7ad33e25ff3748452a6c0595bc3eaf5 b4830d355ac6ef649ad71c2e4c55dbb5ed68f89d348b337f65471b48360a75fd Loading...

HTTP Transactions (51)

URL IP Response Size

tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982

34.120.158.37

56 kB

URL
tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
56 kB (56118 bytes)
Hash
eccf8436aa08de0d355cd2c068568453
e05e69cb2970888f00770ab772d77354df830f05
71a2d75150b4656ff17a9589a66e9e03661fa4ea1dfdf16c1d848efaae082439

HTTP Headers

GET /ads-track-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: nFz/RyOowPNqGjtHvpztDPof1JEJHmO60UDGJCb8sU2Cr4M+2YHVIzeT4kieH3wibypIXQXAV/k=
x-amz-request-id: MZNQ2HSSN1GSVSFA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56118
via: 1.1 google
date: Tue, 06 Jun 2023 21:45:06 GMT
age: 28519
last-modified: Thu, 18 May 2023 21:16:40 GMT
etag: "eccf8436aa08de0d355cd2c068568453"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755

34.120.158.37

10 kB

URL
tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10262 bytes)
Hash
27ca7a562ad626165a25126b5975bc58
de8e9d89b673f3e1375e2a70f3c9d696726dfbe4
405d79f4b44125a2147ac70652ea7e7a544c1a5b34b376f683ea3e90445e7e42

HTTP Headers

GET /analytics-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: vcRPdbxGNReBH+K7OOzvG7kxdSY29+chUInyFmZFJqtn/gsG1Dd/wGKIsaaQcapnZU4Sd/HDUsk=
x-amz-request-id: 54KEDA9B0R9W6GQM
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10262
via: 1.1 google
date: Tue, 06 Jun 2023 17:06:53 GMT
age: 45212
last-modified: Fri, 12 May 2023 15:46:41 GMT
etag: "27ca7a562ad626165a25126b5975bc58"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755

34.120.158.37

2.3 kB

URL
tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
2.3 kB (2293 bytes)
Hash
7938ce04b9288ce2553c06df7544718e
0f6bcdb2770858cfc9018dd76d3ac16386afd3e0
efedbe30e6f1ac7617b022b31ccd2920f0d518e9a7f8818447e117fbc7cd30ee

HTTP Headers

GET /base-cryptomining-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: ZlyPNmPCKdZqfaWR4XwyRjctuq6O0KBK9MSBVZcsuBvWbm4q4X7bpUfdujYqRbYyxPPXuA+PF6U=
x-amz-request-id: 2BTQ4M1KG6G95BS3
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2293
via: 1.1 google
date: Tue, 06 Jun 2023 16:40:24 GMT
age: 46801
last-modified: Fri, 12 May 2023 15:46:54 GMT
etag: "7938ce04b9288ce2553c06df7544718e"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

acqqqwu.icu/template/1608/images/logo4.jpg

188.114.97.1

200 OK

2.6 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo4.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
7f0ee9fda91c7a0bbdf75274cdc1f7dd
8581efaf7a8f00dfd3bcf7ad23e1a65f79aae338
9092c75c5ac82dbb79b37904d9d1878a0dbabe8af0a6dc19c5abffc778479763

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo4.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-a56"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWPGhzMNoi8oUEDRSskxG0S6MVdljtwYa5v6ACsk2Pb5EqkdhafmXN9GDLSPVQum3EQcfleDQGRY9CMdc6ggIMJzY19vi3sgWa24tWZBCIfKz0nNo7nrSA5cMWDY4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b811c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo6.jpg

188.114.97.1

200 OK

2.6 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo6.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
37ff46084a0592d833da37880fcbf308
06f413cf66fe8f8711d7ba4d052a8668b2abeb86
b938650c694d07a312eb98bc4a7ddad51c5537b56405b0b2d0fac1b0921a589d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo6.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-9f9"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8Y3vvjxL9zc8or%2BTRksrdVbFmCfUer6wOHczWguzr3HWHuDHq9RysvghyKDjLD2yLf9Rj3qCmWOqhUi%2FxP1NfT9zkvED%2Bif4yyBLnsTIuvovR%2BLOArAMpF0NzPm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b7f1c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo7.jpg

188.114.97.1

200 OK

3.4 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo7.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
3.4 kB (3351 bytes)
Hash
7dbdc9e7f85f4fb1868879e983e634b5
f1a8a0494e726222bb1096826fbf8e842e3fee91
9bae2a9a1e5c9c10b58ed3004fc1d8a10bba1f61c0aabcf91a55fb8c191e4860

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo7.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3351
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-d17"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl4lu8nQDN%2BxhscNpK9QDiC%2FdIuiZh3bOkrLFSqyKSfEZIeD7jEim5I1WTMmoEgqXSMl4hYuxQ5QwfDbXF0ghAYLNTzgJFdhySYfo%2FkF3oQU3IylY3pxpPjj0qoMTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b861c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo2.jpg

188.114.97.1

200 OK

2.8 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo2.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
2.8 kB (2766 bytes)
Hash
602fcd92352ccbffa850438afbc7a471
4fad9d78989e5c3ec967bcdbe78d6188dbbe0d7a
595c7da23adf5f2c61bab16ec04a7a5ebb5d8d6c11586c3403a933a6ebfa3372

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2766
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ace"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tjl68R0DPuK36CBYWgqn0Afr4%2BpTBYocsmdXbh1z9vCRjj3Ynk5sU4kV07T%2FsbBM1GaEK6C66j2un0NZzQlKkHg6HmE7AdNTFs%2B9gARksaBMkvHZizFPHY%2BxxRd6qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b831c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo3.jpg

188.114.97.1

200 OK

3.0 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo3.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
3.0 kB (2954 bytes)
Hash
d80d0371378f17989cfeff99eba97654
7c5f72950f9c1944b0e2022f0397a05dc961df1a
2af5cd0a3faf8beedb32c099311b2285a0110fc29a42e779bf73b95298e21bbf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2954
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-b8a"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRB26DdLRE2hIhlswjuzV0Bh%2BlgAszyUZ5N6%2FdRfTRJXu6qXZ6bmy6fN%2B4bGMw%2BgNFKyNSAnOvA3h61TCnF91JRY9cO7BmwjsWxRMgrX6V4VFSk51ze3o0QcIv%2BiIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b851c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo5.jpg

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo5.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
1.8 kB (1791 bytes)
Hash
60c4b0981a9ebd2c11ad36e109f8639b
44bce4d652dcf4f6be50619a4912c4fb8d823fb7
587f6dbdbc2746b21586a9965ad78c65b19767909def3f3773fea5e6d7007919

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo5.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 1791
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-6ff"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYPLMkW5s%2B2UUtzgA2NKoECeq0bK7q6ZKSwLCf8ReG4PZRZU3zsSHQYOwY0ygC0LcXcpuMRYzZaamZLmR8%2Fj8kWna2zRKFYlPTApEIX2PuXIKsz9pvJv7%2BsKUEmrlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b6b841c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo1.jpg

188.114.97.1

200 OK

3.3 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo1.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
3.3 kB (3309 bytes)
Hash
368dbf42f46973cb7be51e88b5c05a08
18d3c5c80c397839a43181116fdd813e49e004b3
776a44003218ec2195e83690b2cc7e845689d26ced1adce5ededde225c2ac9b9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3309
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ced"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRNSzpekv1RYkOolTkMiCCr%2FfN2VlURvTDfoYq2USyqt5kQiTD5Qp5t6gneNSGdk0vs7yQCxFWAAj7y%2BVWOEjQ1ftvxIX3Dic99GdBKazX3M%2FSGWqsQRORdfyWsJIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b5b751c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/logo8.jpg

188.114.97.1

200 OK

2.2 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/logo8.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x150, components 3\012- data
Size
2.2 kB (2191 bytes)
Hash
3487c35238977108c2fc641f97c7d115
e815b0bf9cb1755f7d670fd93374fa284337cf4a
803e3c9d1ca2d2681d0942102853b66e29f147ca0431461f0f56e3785a74bc8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/logo8.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 2191
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-88f"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1I6hmBgVAc1Ek3vD1so3BYXvzoEp8f2zKdv2p6gb%2B7WH34TFKJguPJHlaSW%2B27uXReWDRwJGlMEJd3ar4gF9EnJjA8ABSLrTUu0IsQ8umIPh7jvso8%2FOPUhZN54tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b891c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/g1.jpg

188.114.97.1

200 OK

3.9 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/g1.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
3.9 kB (3903 bytes)
Hash
01ed02c356d60c4ea3f80dd8ac8cdfa4
0a716114cb0fd91d9162babf11a5bdb6d2561195
2ca7e23d40f5060c7b399ffbd7fbe645afddedba08f0497fd9d26073cdd5042c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/g1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3903
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-f3f"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MjQBnayOu1hS3gqbLtUFp%2BUop%2BblSdLmDJncasIVUMfMRPuu7KYam7N6Y2a%2BhpWiomkPccqbXu6nRnY07RJqmBRGFj1LksM%2FKNDOUV%2FN%2Bu6g7GIAwZRbo7DQHih1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba61c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/g2.jpg

188.114.97.1

200 OK

3.1 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/g2.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
3.1 kB (3148 bytes)
Hash
a313bad1f991370bbed7f797453903a9
51f6dd482337875bf06c0c2ba0b04028447ad72f
23ad670694cfb11f74b75df3337c3434e09ef098d36fd3a2563d8f47f46fc608

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/g2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3148
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-c4c"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BnyTMrVODfeME7b7U%2BhVCZVXYoHvqF6MTRJN2U5do8IVI%2Bimr9JxwCw6NPqKSrwY1FdjTmqJ8byp4xr1bs7yNrg2viutcjLNCI82pf89KjBO99aaKjoCgaqj%2Fsr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba71c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/g3.jpg

188.114.97.1

200 OK

3.8 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/g3.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
3.8 kB (3799 bytes)
Hash
703c661884d9394f4aae57939859d728
303b25a55b2898ae25b320d942925cd465602682
41440b378cb02898ae9dcc16968e21d383e8d71e6eb3c23bd2eb27c7416c2c9e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/g3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3799
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-ed7"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dN7p4Xlt30qOo9ovTnwtidTOCJTSRkvFeWis8HZifIxzUlGZ81747D0rgdpb01HY61VauTHqFb%2BkYan%2FskejZA5zdbAhEex7oi2Dgn4VEARB3ktAN%2F7OFBdSZ17fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba51c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/g4.jpg

188.114.97.1

200 OK

3.8 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/g4.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
3.8 kB (3803 bytes)
Hash
32afa1e9610f0c40485e2efd49a9409a
b733eb561e03d718b9941265ae0158367010a84d
213bfebea86eb47e243cc174fea46b3afb99bdbe821bfa55774bc31db6723d58

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/g4.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 3803
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-edb"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4gc7iPPcjFX%2Bf95TQwoBpfoQc4ea5aBBa7gNYe9z5Es%2F%2F94djWvsq5CeRiQcCowMfraNKpauoMSXHMSgA0uLrYZS5es56EMIeKNZXTeWeH3A11Ny6ehEp2xqdTTIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9bab1c0e-OSL
alt-svc: h3=":443"; ma=86400

tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755

34.120.158.37

7.0 kB

URL
tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
7.0 kB (6965 bytes)
Hash
02560eef6a3e694713d21ba526dbf2d2
c300dbaeeb367bd302eaf2941a97cdd54c84bde9
6796e1d3ffc1d5316c498c022fd22be9e15842a3b3166f664d14042b614e491c

HTTP Headers

GET /base-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: cg+qo1FOMnu3X9diegUov2r5VJD2SL4/s7pK1U9CepqQSpvTSP7Qq3n90ysYGGYj2jBwMCPEE7o=
x-amz-request-id: NS4JCHJG4V6KR0ZH
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 6965
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:08 GMT
age: 46997
last-modified: Fri, 12 May 2023 15:46:56 GMT
etag: "02560eef6a3e694713d21ba526dbf2d2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

acqqqwu.icu/template/1608/images/property1.jpg

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property1.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
19 kB (18794 bytes)
Hash
959328fc2919ce3662ef307c193df213
6454e5bb521e5a1334b36ebc497633b48e235f0b
cd58980192eaab36e8940ddcd7880947b85e90faf7e23fbb0bf030155ade5b64

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 18794
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-496a"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zloxPfcjNwNuMVqCrfaxRWS2BRwDQ81p8dYqqWwqDhSPIDlRQJK7i4VtizDgKgFGjNOv3SUKv6%2BS9zum2k2QxaBUJUk7quV%2B6edAUMJe5AIyIkZRvU%2FZCwn9pQTYYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8b1c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/property7.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property7.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
31 kB (31089 bytes)
Hash
8940f047eef3389b853d562f120f25cc
9a73b24476274bcec8a46f0f8fb984d7c2b536b7
64e4e05ee26bb19c4e31e85096308c2a432941442cdbc83392f7439a1584d939

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property7.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 31089
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-7971"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdsgQS6kcA3npiI2bakdziw55Lec208py%2FZpXLLC%2Bh96sclM7v7m7Aosdp2yqwNypUzOY9YF2hD1X0KuR4iLz1z3G86%2Fb8%2F9NQ%2BWOqHbUG%2FPOAaQDm32W5%2B%2FfrEeEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b4b6e1c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/property3.jpg

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property3.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
23 kB (23085 bytes)
Hash
35c9b1c658559a13b9190ed1e3034813
23778e7d4a31d1b1c8d7902cdb0258cba6684f1f
b6c17a83bbc0d4cf2c2df94d98e5de35d5e3e66ba19fac42857d9741d97f0822

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property3.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 23085
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-5a2d"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LjCBf1o7hIFLrBPcjnqODG%2BnKZ%2BJMHHAKSi1sSGn%2F9%2Fx9vyGytTTYJG5GWhB2O1g5FG3PzswXA6joPvlg5CHPwKuJsTgd%2BivUlMfi%2B4HxGtzjT51pbCDWwLEZP9uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8f1c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/property2.jpg

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property2.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
23 kB (23080 bytes)
Hash
1c9a1e06fd3a5d943134e825fcdfa9b4
5c4716aa60b6827c925f7df91511e8ac491fd3f9
b021d5ceb6f614354374ac4504ea141b8a12446c5492581372e2cb2211c117cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property2.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 23080
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-5a28"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnM34F8OIi%2BJajPVqn%2BGC5XPLVTUsa6DW%2B4cRL8XU05fRliyGLm94CdN4kvqCjWXJX2wmOOG%2BeGsOzjE3EyZ6cmlbTD5DXbt113nx0HpLEjs7QAK2qFHGLqeCW5Kag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b8d1c0e-OSL
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/images/property5.jpg

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property5.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
26 kB (25786 bytes)
Hash
bedbdf7e95e847ceb5dbbfb9a99e9d1d
27c6551aed737b575dad5eea2e54338bfa2f545f
25d2514652bdaec4b5471514335ec05b7b83273e085677b0e747a28cd19811a2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property5.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: image/jpeg
content-length: 25786
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-64ba"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fToQcFlgENiP3fxj1vrqSBaBtLfoXyxWDHCcSnXc7tOWKN0rU6ea4%2FepNLdatF30Z9JB3k9ZsFFcXbgw3Nh4VqUr6e9xBL7XirrbV5m71z3CWLTQl%2FkZ77pYUTHKjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b7b911c0e-OSL
alt-svc: h3=":443"; ma=86400

tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755

34.120.158.37

3.6 kB

URL
tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
3.6 kB (3637 bytes)
Hash
84a28e1e64a4aca618879e590fb29c47
ddea829bfd334fe48e25374f36119c6ce19bdfeb
e87ee13b3afbcefcfd7f87bdd26b12aa18b79437ebd4a3cf689f78aefa0a7d1e

HTTP Headers

GET /base-fingerprinting-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 3K5SNc6ZY7VmVy0NxcDzdSLj+9PRQ9GXbHqkN3+FmC+H9OkJEng7z0/UY6xXjcwGIDMcEfTVjlI=
x-amz-request-id: NS4N26EQWSDNN2TA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 3637
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:08 GMT
age: 46997
last-modified: Fri, 12 May 2023 15:46:52 GMT
etag: "84a28e1e64a4aca618879e590fb29c47"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

acqqqwu.icu/template/1608/images/property6.jpg

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/images/property6.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Size
36 kB (35499 bytes)
Hash
b62dd4fee59bdee6a8270b8e45c269c5
61f0fae8273972cbcc96360519f301769bf29aef
1edfe5e17ccf477fc0f96eb1d153173fc4e387cb677008d974f1df3b6b725eed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/property6.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: image/jpeg
content-length: 35499
last-modified: Wed, 16 Oct 2019 06:10:30 GMT
etag: "5da6b456-8aab"
expires: Fri, 07 Jul 2023 05:40:25 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HQTwo2IjUDy5S5%2BdXx9IqZgxVoWbdINV94T30jbYhQtLY1f%2BXzAfmFB9cwdhDT2pFRhgB8ZzZOb6nMlLVfkp%2FCnkS1bFfpEqxmLhK1Rh7QbKZs2YnVPTIWzyom0cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba81c0e-OSL
alt-svc: h3=":443"; ma=86400

tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755

34.120.158.37

8.9 kB

URL
tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
8.9 kB (8853 bytes)
Hash
b9c2809ffc057abb94df0750c8cb57dd
e8ab5e486a0b53147eb8d66ca4585a06c5bbd210
b9816319448d2ccb8ef6a6e2aaefe13a9fa96335bdc1fd57c281dfe7ff95ede9

HTTP Headers

GET /content-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: h5mQSWxr2QiFWhvUSesnoKdDn3SndkmAMMHV0wwtAaX71ljE2d0r1ZY1wSaUHABhLKImKt9vkg9gV5RI+ogbJw==
x-amz-request-id: DGZES8SVM9KATDH0
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 8853
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:34 GMT
age: 46972
last-modified: Fri, 12 May 2023 15:46:57 GMT
etag: "b9c2809ffc057abb94df0750c8cb57dd"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755

34.120.158.37

15 kB

URL
tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15382 bytes)
Hash
d78d9f71f82fcce3a0d9079ec988ed05
13f8a07b0437728b11cefeda36b6211262d3af16
7449b095579811871ecad49889db2ae188486b18ab96f903a20941e34cfef7ee

HTTP Headers

GET /content-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: m7/a6YQHAbKWg8h2XsJi6DuRHr9YJZp20UtOtxMuHJJZy0v2OSlEyHDTRNA6QDaoglAEBKj3SKo=
x-amz-request-id: FB9N79ENR8FJ9V6V
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15382
via: 1.1 google
date: Tue, 06 Jun 2023 17:23:35 GMT
age: 44211
last-modified: Fri, 12 May 2023 15:46:39 GMT
etag: "d78d9f71f82fcce3a0d9079ec988ed05"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755

34.120.158.37

1.5 MB

URL
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 MB (1470328 bytes)
Hash
2146c997750a1c7e55eb69a5a1a5e5b4
69ba29aca5c6a4bea1365e895b3c5b31df31220a
507d674f59748ff86ff629a2eb98b3cd343aec0a21e58089793341dc96361188

HTTP Headers

GET /google-trackwhite-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 9q9kpRX4VQ34shdp7s4kOr5cE1n8XmWLItz/9e3Li+BGacfFhiSlOVOQ1jZn9CY3apz+OTUwVS0=
x-amz-request-id: H2A6J4JMGPP1JX91
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 06 Jun 2023 17:07:29 GMT
age: 45177
last-modified: Fri, 12 May 2023 15:46:50 GMT
etag: "2146c997750a1c7e55eb69a5a1a5e5b4"
content-type: application/octet-stream
content-length: 1470328
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982

34.120.158.37

345 kB

URL
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
345 kB (344663 bytes)
Hash
aacf54fd5b2994c73b3e4e5e13f4b5a2
10494f54553c768432a556492e655aa774456927
bee12d3c1d013147f78ee8ce7d9fa5e83679cc650763c6f4f49a10ff2d4537e5

HTTP Headers

GET /mozstd-trackwhite-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: fucKd3U9b4SL4MVVSyZA4+EW1WEl8HkZdfdUrtS9azS5jOrJKcxH5aSQM/FCffLxT/8BOEpw7Ss=
x-amz-request-id: PTVFEVG2D19VS156
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 344663
via: 1.1 google
date: Tue, 06 Jun 2023 21:46:01 GMT
age: 28465
last-modified: Thu, 18 May 2023 21:16:46 GMT
etag: "aacf54fd5b2994c73b3e4e5e13f4b5a2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755

34.120.158.37

2.2 kB

URL
tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
2.2 kB (2197 bytes)
Hash
f901679cf935d4b6067610a7287d0b99
fffa5389bec50a175f18deaf8933401edc4bd262
d553a4537f796d580ea8f696062c19540f1d332e2b478942f6ddea3952c6df4c

HTTP Headers

GET /social-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: Xw8YNr7d5+ODDkIgPhE1WwzIyefxXaJrufgPQ33f+nDkQK5XK3nkSNj/N/2SbwyMrvcyWhQG21AzYwXu4ZUhQA==
x-amz-request-id: 4ZQHMM9CCPA2B3CR
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2197
via: 1.1 google
date: Tue, 06 Jun 2023 16:37:47 GMT
age: 46959
last-modified: Fri, 12 May 2023 15:46:42 GMT
etag: "f901679cf935d4b6067610a7287d0b99"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755

34.120.158.37

468 B

URL
tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
468 B (468 bytes)
Hash
092bf11bed810e853f65d296f1e8b9e3
fed3b3a85aaf2bf1790fb115201b0dfdefe3982c
8c89c977f2c3f91b1050c645843453edc3d5bfcbe5e4af4b945b385f1b60046f

HTTP Headers

GET /social-tracking-protection-facebook-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: aJvK4figqVwvIr8Ywdu9GLu2bZMlREulpqleVGIwrbK/8qFcIE3HQUX/C8Gren7nlqEm88ZoLmAisc83+IwuUF780YhDdblcHcuutBxR56I=
x-amz-request-id: PGYV3XG4NB506XNS
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 468
via: 1.1 google
date: Tue, 06 Jun 2023 16:16:01 GMT
age: 48265
last-modified: Fri, 12 May 2023 15:46:44 GMT
etag: "092bf11bed810e853f65d296f1e8b9e3"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755

34.120.158.37

148 B

URL
tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
148 B (148 bytes)
Hash
90a72e82e4192224c509d557fd1d0d0c
19fe3346057c74364b7a2a2c1de0011a19c153d8
1024a91771abf18dd0a4de9dcc166ba7f9d224c803b6a5854f3f2db8d9a3c4a2

HTTP Headers

GET /social-tracking-protection-linkedin-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: grM+wrOCGCHpVJJlEzLhg5IVNNonKdKQpcHIwAh+o9jgkdsEmgUIgvnyZxN9H+CWm2moEuI1Mas=
x-amz-request-id: X75NDE0C3H7RGZJS
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 148
via: 1.1 google
date: Tue, 06 Jun 2023 16:23:17 GMT
age: 47829
last-modified: Fri, 12 May 2023 15:46:46 GMT
etag: "90a72e82e4192224c509d557fd1d0d0c"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755

34.120.158.37

244 B

URL
tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
244 B (244 bytes)
Hash
44186218fd668b3ffe6d95bc9c2acf06
e5b11bad035d82c42f2783024bb40fb2fa00d7e6
6d7715ed174a8438063ca39237b2e0c7e204dd68d0396866bc898a7e7aa70372

HTTP Headers

GET /social-tracking-protection-twitter-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: J7AUHmLMslTeCAHU3+UQlysHpXP3iS7/rFM++juudQckJbiA0Kv9N3nn3dllXjxGR9HvY14jkVQ=
x-amz-request-id: S9KM1P5JEVH00R0M
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 244
via: 1.1 google
date: Tue, 06 Jun 2023 16:11:29 GMT
age: 48537
last-modified: Fri, 12 May 2023 15:46:45 GMT
etag: "44186218fd668b3ffe6d95bc9c2acf06"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

www.lelifi.com/app/app.js?t=shang&c=google&mb=1

104.21.46.15

200 OK

1.4 kB

URL GET HTTP/2
www.lelifi.com/app/app.js?t=shang&c=google&mb=1
IP
104.21.46.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (318)
Size
1.4 kB (1446 bytes)
Hash
a467aee6889894c846b6a23d1005a088
0e874eaa237e74a4b45b85b2e2ea5bf247b0e892
e11e8c1c35b29ca5aca040bca97a42862617afe7aece2fa7d032b87b94e51ccc

HTTP Headers

GET /app/app.js?t=shang&c=google&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Wed, 07 Jun 2023 17:40:26 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j5hTYdgM%2BYoTIHLP3Pc9ossdiZUXn4MbsmmmTWT4wqUc1VXA5lhdDtMTdIR%2BEbzUHd3Je6CwxdpK6oqg6eigJvDAmy8KXZ6XU3z9BwQJfk49u3NrrXQYKu7yOARHpaaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6f38690b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-CR04182NMS

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-CR04182NMS
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://acqqqwu.icu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (4537)
Size
86 kB (86507 bytes)
Hash
a84ad9185f987c9fb6a901408fc31c4c
0d014336bc85f3da61c19ae73d3c3355f515d29d
3de6da32341a8901ed86c4f08e43a4c30593f23ab10991602824a3afa4a8b75a

HTTP Headers

GET /gtag/js?id=G-CR04182NMS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Jun 2023 05:40:26 GMT
expires: Wed, 07 Jun 2023 05:40:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fca7925d7c1a1c76360af29ed6eaba8a
942a1bce3f9f64d89586b5138952004ea9da86d9
dad98384ece0c3c5c70c34027bb5e8e558e65922713ef20af6c6560c2c762c4c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Jun 2023 05:40:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
4a92f157a158de50ed16628daf50520f
8b28d2b834fe9436d08bdb70bbc6c4b3cacb0460
759a2c34fe91b694b7ee3ffb0ab86666c7d873930d0b9ccd93f233ef47219b97

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:23:57 GMT
ETag: "8b28d2b834fe9436d08bdb70bbc6c4b3cacb0460"
Last-Modified: Wed, 07 Jun 2023 04:23:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f75e9111bfa-OSL

js.users.51.la/21586809.js

42.236.73.41

200 OK

2.3 kB

URL GET HTTP/1.1
js.users.51.la/21586809.js
IP
42.236.73.41:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://acqqqwu.icu/
Certificate
IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT

File type
ASCII text, with very long lines (4898), with no line terminators
Size
2.3 kB (2307 bytes)
Hash
5dbf5bec0a341d966e9c9f54b6054492
baa45db89ee97c0758e2bda7f6651ea976fd55ba
8af086f2426c3b3df3b285aad99f532bc76cca6a4d1e24a03994994b73d966df

HTTP Headers

GET /21586809.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Jun 2023 05:40:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-store
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

1.4 kB

URL
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
c095fa63f3c870c3cff3e5432a29e7cd
4c19051b06142a7c82fba952cd9d549f9fa38da7
8daa20cce3e64418c2b2adca58460bc5feda6a2a1b1caef28040ef9c1bfdeaf7

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:25:52 GMT
ETag: "4c19051b06142a7c82fba952cd9d549f9fa38da7"
Last-Modified: Wed, 07 Jun 2023 04:25:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2437
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f7b8d241bfa-OSL

sdk.51.la/js-sdk-pro.min.js

42.236.73.206

200 OK

13 kB

URL GET HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
42.236.73.206:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://acqqqwu.icu/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12853 bytes)
Hash
24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Jun 2023 05:40:10 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:19:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4bd-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

ia.51.la/go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu=

42.236.73.38

200

0 B

URL GET HTTP/1.1
ia.51.la/go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu=
IP
42.236.73.38:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://acqqqwu.icu/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go1?id=21586809&rt=1686116427067&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF~_~%2523x2705%253B%25E8%25AD%25A6X%25E5%2591%258A%253A~_~%25239989%253B%25E6%259C%25AA%25E6%25BB%25BF%25E5%258D%2581%25E5%2585%25AB%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5&ing=1&ekc=&sid=1686116427067&tt=WWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.SUSU96.CON%252CWWW.33NNPP.COM%252CWWW.5874HU%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Facqqqwu.icu%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Content-Length: 0
Date: Wed, 07 Jun 2023 05:39:14 GMT

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
5f8beb5ffd531a70fecb932daedf1c30
008832c2fcde02cb72ac08ff262a4444bda0523b
8e5f339d8bfa4151ec684727f9ab5c7e37a72eede8ac206d2ea1f62120e93a11

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:40:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Jun 2023 01:59:12 GMT
ETag: "008832c2fcde02cb72ac08ff262a4444bda0523b"
Last-Modified: Wed, 07 Jun 2023 01:59:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 216
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d368f7f3fa91bfa-OSL

acqqqwu.icu/template/1608/images/ask1.jpg

188.114.97.1

404 Not Found

435 B

URL GET HTTP/3
acqqqwu.icu/template/1608/images/ask1.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
435 B (435 bytes)
Hash
7d4abb90e0acffebd415bc3572b97053
5185f2697596d3f7409c9e0c3a11e4d120b353ba
6612c76dbfca4350d273cb9c935564f23efeb6a1af663f89fd0ea4cc7ca08fc1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/images/ask1.jpg HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/template/1608/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBlcBzkDVZLQRSVhsICp%2B91vLJZr9FfF6gm5Gs4susATG849Aicoj4D998XETHvqzrzPbUuQhAq8KwOyrz45uvvXweFnDoZvM5XLuJc8M416zMglZoqXN003htWbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f72587a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

collect-v6.51.la/v6/collect?dt=4

120.79.9.244

200

0 B

URL POST HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
120.79.9.244:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
https://acqqqwu.icu/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 385
Origin: https://acqqqwu.icu
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 07 Jun 2023 05:40:36 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://acqqqwu.icu
Access-Control-Allow-Credentials: true

acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
acqqqwu.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfBDSZL86SQ5%2FTo%2B3aipGULtItIs%2FujWlWga22KtkHlPjkrWxF%2Beqju5ZLmtZmUyGuMdxosfLWnA64xfDEkHdsp%2Bnq4m4gbPGyn5V48HDrIMmE9monvQ2wC0t5J8uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9ba91c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 09 Jun 2023 05:40:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip

acqqqwu.icu/

188.114.97.1

200 OK

322 kB

URL User Request GET HTTP/2
acqqqwu.icu/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26978), with CRLF, LF line terminators
Size
322 kB (321663 bytes)
Hash
ecc015c111fed7b2b2cb756845518204
8da9cb59c775e0f59ad90cb80ba43b72e46e24c7
f685addff99221663310f8893bc646878ad9d7b0fcf6929371486889727a00f8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU8uJt5V40%2FpmpVWwOcS4MieZV8x5n2I2fhNQsv9j%2BZMm%2FJC4rE70TPbld5Moe5Y8wQW1R2PUtUtI00x6j1JaGD9RceVA6bMb9DLtuJ8h2MWEYotkM4t79y1lg8FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f641a66b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/

104.193.88.123

200 OK

0 B

URL GET HTTP/1.1
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/
IP
104.193.88.123:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://acqqqwu.icu/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint48:6A:ED:D1:68:52:E5:97:4F:A0:92:46:B3:3C:56:46:3D:D9:9C:D5
ValidityTue, 05 Jul 2022 05:16:02 GMT - Sun, 06 Aug 2023 05:16:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://acqqqwu.icu/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 07 Jun 2023 05:40:29 GMT

www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1

104.21.46.15

200 OK

3.9 kB

URL GET HTTP/2
www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
IP
104.21.46.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (4034), with no line terminators
Size
3.9 kB (3866 bytes)
Hash
f7f29ea32b66d7f4d0b0458ef0798b27
707426504aaa8bfed4adaaf8b4ca2bdb9ac6235a
fd6084536b437cfc5394abfb19c260c3545de05673eaf87b7f8934588cbccb77

HTTP Headers

GET /app/app.js?t=xia&c=googleee&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:40:26 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 14:11:55 GMT
vary: Accept-Encoding
etag: W/"647ded2b-f1a"
expires: Wed, 07 Jun 2023 17:40:26 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RbqC2j%2BFsqmBcM9N14tbL4xNvyx6dTQilOygsQmNq3KEpMFJ66XsCi44PPByBkscEe4OdiDs%2BEIh6ZRyhl1OLqZAZdZoiIkPexeDZ4bgQpDPZRKpDowp9j%2FywDx%2BDUQ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6f486b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

acqqqwu.icu/favicon.ico

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
acqqqwu.icu/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
591676289e8a2b06c3fc31137810d2c0
f53c4f56f983f6b96198806a60624ba16741a156
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Cookie: _ga_CR04182NMS=GS1.1.1686116426.1.0.1686116426.0.0.0; _ga=GA1.1.2094757886.1686116427; __tins__21586809=%7B%22sid%22%3A%201686116427067%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201686118227067%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:28 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2019 11:19:32 GMT
etag: W/"5da84e44-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qn1sKXYjmeRge%2BWKEB1f5lAwEaouOh%2Bo8K%2FCr5uyw0UCoa25xc8rBsUb9uPPRa8bMDtwhFvkaXnq69AxYMtdU8az7XLekANO1g5%2F9V5gbgp5FozcP02ds83oXcLgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f7a6e8a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/css/bootstrap.min.css

188.114.97.1

200 OK

121 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/css/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/css/bootstrap.min.css HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:13:08 GMT
vary: Accept-Encoding
etag: W/"5da57184-1d970"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcdnHa9uAkfSWvS4QTROijaPBVT4huWGqEWIK1I5ozzZxFigpO6A0%2FU8%2FcpBqZWWUdFDrizaepKmblgGkjKvvfVfdeQ940mDy17B4skAiF1BTOeUWjso6YduYbiHhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6b3b641c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/Asquery.js

188.114.97.1

200 OK

540 B

URL GET HTTP/3
acqqqwu.icu/Asquery.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (556), with no line terminators
Size
540 B (540 bytes)
Hash
9988d60d2af7295734e3bd6d7acd296e
3e98c7ac2dde441b5fe9ab4666c2f206a15aebf1
553ac2cc49df373a2e138fb5d962a306250472c5785d33ec91de2957d188c976

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Asquery.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Thu, 27 Apr 2023 11:37:49 GMT
etag: W/"644a5e8d-21c"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjrgnTuu45Na1%2BMvhrYo1u8m5cX9rYjCxH9f7LgV9PDl6Is%2Bwz%2FnLFvoHsu0GwoFmK2GxrAXTcwsDp%2F%2Fj5rKTz%2FI146Dh7ePvRFujdg5VwHh4jnOtqmYtBfPCJhMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b4b6f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/Bsaidu.js

188.114.97.1

200 OK

914 B

URL GET HTTP/3
acqqqwu.icu/Bsaidu.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (988), with no line terminators
Size
914 B (914 bytes)
Hash
9926a593be6a20a944a4bffdfd18ccd2
0833276d44560fc4f9a68d7a30192d382c4967d6
011ba087f9b3e0eb3d4fc32bf49e8cb406d03afeee79cff4ccf767a592fe6987

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Bsaidu.js HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: application/javascript
last-modified: Fri, 31 Mar 2023 01:18:46 GMT
etag: W/"642634f6-392"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JTvFQ2cIToyQzEdFsjBdiGfakuRYRfpKrqLfUNIvXRTtfe2%2FXbkm05ZCJ3bzFHKKQhF9nF5zh7mAyc%2BKomy0h%2BmG6CJB1UExhvkV6cjP9%2BqKt9VjA3MEtnQAoMF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d368f6b9bae1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

acqqqwu.icu/template/1608/css/style.css

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
acqqqwu.icu/template/1608/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://acqqqwu.icu/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:95:15:2C:5F:E4:D3:87:88:56:85:B7:87:32:DC:C7:35:FF:35:33
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
24 kB (23877 bytes)
Hash
b03dfb3649fdec958690a5d413654369
59221a8f19c6dd2a9ccfb39a306266ca627fcb5b
8eadf08f17336140781e919d0a6d55694500f985e1a845aed79a43b0990d6251

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/1608/css/style.css HTTP/1.1
Host: acqqqwu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acqqqwu.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:40:25 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:13:08 GMT
vary: Accept-Encoding
etag: W/"5da57184-5d45"
expires: Wed, 07 Jun 2023 17:40:25 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zhBjpkrS8pGE7rgEDp3TKvN%2F7M5JWtiTGI0wXBonwhbm8llLrTEb6uQbayBbYQzOwRfdJonXOFb43ruRzIZrQun53tghM8Okd3xAC1QJJeTNOoe9aL9cjd8B51yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d368f6b4b6a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL